Read Time:49 Second

FEDORA-2024-47e4624c89

Packages in this update:

python3.9-3.9.21-1.fc41

Update description:

Python 3.9.21 security release.

Security content in this release

gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified.
CVE-2024-9287: gh-124651: Properly quote template strings in venv activation scripts.
gh-103848: Added checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
gh-95588: Clarified the conflicting advice given in the ast documentation about ast.literal_eval() being “safe” for use on untrusted input while at the same time warning that it can crash the process. The latter statement is true and is deemed unfixable without a large amount of work unsuitable for a bugfix. So we keep the warning and no longer claim that literal_eval is safe.

New Advances in the Understanding of Prime Numbers

US Government Issues Cloud Security Requirements for Federal Agencies

Phishing Attacks Double in 2024

New Attacks Exploit VSCode Extensions and npm Packages

It’s time to stop calling it “pig butchering”

How to Lose a Fortune with Just One Bad Click

Attacker Distributes DarkGate Using MS Teams Vishing Technique

Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance Scams

Meta Hit with Massive $263m GDPR Fine

python3.9-3.9.21-1.fc41

FEDORA-2024-47e4624c89

Packages in this update:

Update description:

Security content in this release

incus-6.8-1.fc41

USN-7177-1: YARA vulnerability

USN-7169-2: Linux kernel (GCP) vulnerabilities

age-1.2.1-1.fc41

USN-7172-1: libvpx vulnerability

USN-7176-1: GStreamer Good Plugins vulnerabilities