Read Time:32 Second

FEDORA-2025-9cee4b3ac0

Packages in this update:

libssh2-1.11.1-1.fc41

Update description:

This update, to the current upstream libssh2 release, addresses a couple of security issues:

CVE-2023-6918 (missing checks for return values for digests)
CVE-2023-48795 (prefix truncation attack on Binary Packet Protocol (BPP) – “Terrapin”)

It also removes support for a number of legacy algorithms that were disabled by default or removed from OpenSSH in the 2015-2018 time period. See the RELEASE_NOTES file for full details.

In addition, there are a large number of bug fixes and enhancements, which again are described in the RELEASE_NOTES file.

USN-7455-4: Linux kernel (Oracle) vulnerabilities

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local...

April 25, 2025

ZDI-CAN-26945: NI

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor...

April 25, 2025

Commvault Command Center Path Traversal Vulnerability (CVE-2025-34028)

What is the Vulnerability?A critical path traversal vulnerability has been identified in Commvault's Command Center Innovation Release. The vulnerability, tracked...

April 25, 2025