FEDORA-2024-466c574575

Packages in this update:

python-openapi-core-0.19.4-4.fc42
python-platformio-6.1.16-2.fc42
python-starlette-0.40.0-1.fc42

Update description:

Security fix for CVE-2024-47874.

Starlette 0.40.0 (October 15, 2024)

This release fixes a Denial of service (DoS) via multipart/form-data requests.

You can view the full security advisory:
GHSA-f96h-pmfr-66vw

Fixed

Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data
requests fd038f3.

Read More

FEDORA-EPEL-2024-78df19aaf3

Packages in this update:

yarnpkg-1.22.22-5.el9

Update description:

Sync with fedora package.

Read More

FEDORA-2024-ab6348928b

Packages in this update:

libarchive-3.7.1-3.fc39

Update description:

Fix for CVE-2024-48957

Read More

FEDORA-2024-00855b1d76

Packages in this update:

dotnet6.0-6.0.135-1.fc39

Update description:

This is the October 2024 monthly update for .NET 6.

Release Notes:

SDK: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.135.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.35.md

Read More

FEDORA-2024-87d8204201

Packages in this update:

dotnet6.0-6.0.135-1.fc40

Update description:

This is the October 2024 monthly update for .NET 6.

Release Notes:

SDK: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.135.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.35.md

Read More

FEDORA-2024-d79685d847

Packages in this update:

yarnpkg-1.22.22-5.fc39

Update description:

Update bundled ws (CVE-2024-37890)

Update bundled dependencies to fix CVE-2024-48949.

Read More

FEDORA-2024-362915851c

Packages in this update:

yarnpkg-1.22.22-5.fc41

Update description:

Update bundled ws (CVE-2024-37890)

Update bundled elliptic to fix CVE-2024-48949.

Read More

FEDORA-2024-66b0bdad35

Packages in this update:

yarnpkg-1.22.22-5.fc40

Update description:

Update bundled ws (CVE-2024-37890)

Update bundled elliptic to fix CVE-2024-48949.

Read More

FEDORA-EPEL-2024-2bb96c1f9a

Packages in this update:

rust-pyo3-0.22.4-1.el9
rust-pyo3-build-config-0.22.4-1.el9
rust-pyo3-ffi-0.22.4-1.el9
rust-pyo3-macros-0.22.4-1.el9
rust-pyo3-macros-backend-0.22.4-1.el9

Update description:

Update pyo3 to version 0.22.4.

This version addresses a potential use-after-free RUSTSEC-2024-0378.

Read More

FEDORA-EPEL-2024-4c4f6a6ab8

Packages in this update:

rust-pyo3-0.22.4-1.el10_0
rust-pyo3-build-config-0.22.4-1.el10_0
rust-pyo3-ffi-0.22.4-1.el10_0
rust-pyo3-macros-0.22.4-1.el10_0
rust-pyo3-macros-backend-0.22.4-1.el10_0

Update description:

Update pyo3 to version 0.22.4.

This version addresses a potential use-after-free RUSTSEC-2024-0378.

Read More