FEDORA-EPEL-2024-b002585dd2
Packages in this update:
openssl3-3.2.1-1.1.el8
Update description:
Merge in changes from c9s’ openssl to pick up various CVE fixes and other bugfixes
openssl3-3.2.1-1.1.el8
Merge in changes from c9s’ openssl to pick up various CVE fixes and other bugfixes
nextcloud-28.0.4-2.fc38
Fix typo and 2 RPM build warnings
update to 28.0.3
fix CVE-2024-22403
firefox-flatpak-125.0.2-1
Firefox 125.0 release. For details, see https://www.mozilla.org/en-US/firefox/125.0/releasenotes/
Please note that this update depends on the flatpak runtime update from https://bodhi.fedoraproject.org/updates/FEDORA-FLATPAK-2024-a3977e7532
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– JFS file system;
– BPF subsystem;
– Netfilter;
(CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,
CVE-2023-52603)
flatpak-runtime-f40-2
flatpak-sdk-f40-1
Updated flatpak runtime and SDK, including latest Fedora 40 security and bug-fix errata.
In addition, this update also includes updated nss 3.99.0 that’s needed for upcoming firefox 125.0 update.
thunderbird-115.10.1-1.fc39
Update to 115.10.1
https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
Update to 115.10.0
https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
thunderbird-115.10.1-1.fc38
Update to 115.10.1
https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
Update to 115.10.0
https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
python-aiohttp-3.9.5-1.fc41
Automatic update for python-aiohttp-3.9.5-1.fc41.
* Fri Apr 19 2024 Benjamin A. Beasley <code@musicinmybrain.net> – 3.9.5-1
– Update to 3.9.5 (fix RHBZ#2275991, fix CVE-2024-27306)
USN-6744-1 fixed a vulnerability in Pillow (Python 3). This update
provides the corresponding updates for Pillow (Python 2) in
Ubuntu 20.04 LTS.
Original advisory details:
Hugo van Kemenade discovered that Pillow was not properly performing
bounds checks when processing an ICC file, which could lead to a buffer
overflow. If a user or automated system were tricked into processing a
specially crafted ICC file, an attacker could possibly use this issue
to cause a denial of service or execute arbitrary code.
python-dns-2.6.1-1.fc40
Update to 2.6.1 (rhbz#2263657) (refix for CVE-2023-29483)