FEDORA-2024-4d24786142
Packages in this update:
syncthing-1.28.0-1.fc40
Update description:
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
syncthing-1.28.0-1.fc40
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
syncthing-1.28.0-1.fc39
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
syncthing-1.28.0-1.el8
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
php-tcpdf-6.7.7-1.fc41
Version 6.7.7 (2024-10-26)
Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function
php-tcpdf-6.7.7-1.fc40
Version 6.7.7 (2024-10-26)
Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function
php-tcpdf-6.7.7-1.fc39
Version 6.7.7 (2024-10-26)
Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function
Version 6.7.6 (2024-10-06)
Forbid access to parent folder in HTML images.
Version 6.7.5 (2024-04-20)
Update GitHub actions
fix: CSV-2024-22640 (#712)
Version 6.7.4 (2024-03-24)
Upgrade tcpdf tag encryption algorithm.
Fix regression issue #699.
Fix security issue.
[BREAKING CHANGE] The tcpdf HTML tag syntax has changed, see example_049.php.
New K_ALLOWED_TCPDF_TAGS configuration constant to set the allowed methods for the tcdpf HTML tag.
Raised minimum PHP version to PHP 5.5.0.
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
chromium-130.0.6723.69-1.fc39
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8
chromium-130.0.6723.69-1.el8
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8
chromium-130.0.6723.69-1.fc41
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8