Read Time:9 Second
FEDORA-2024-6d35739db7
Packages in this update:
kernel-6.8.5-300.fc40
Update description:
The 6.8.5 stable kernel update contains a number of important fixes across the tree.
Category Archives: Advisories
xen-4.17.4-1.fc38
Read Time:20 Second
FEDORA-2024-a676697123
Packages in this update:
xen-4.17.4-1.fc38
Update description:
x86: Native Branch History Injection [XSA-456, CVE-2024-2201]
update to xen 4.17.4, remove patches now included upstream
rebase xen.gcc12.fixes.patch
x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842]
x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
USN-6728-1: Squid vulnerabilities
Read Time:53 Second
Joshua Rogers discovered that Squid incorrectly handled collapsed
forwarding. A remote attacker could possibly use this issue to cause Squid
to crash, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288)
Joshua Rogers discovered that Squid incorrectly handled certain structural
elements. A remote attacker could possibly use this issue to cause Squid to
crash, resulting in a denial of service. (CVE-2023-5824)
Joshua Rogers discovered that Squid incorrectly handled Cache Manager error
responses. A remote trusted client can possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2024-23638)
Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked
decoder. A remote attacker could possibly use this issue to cause Squid to
stop responding, resulting in a denial of service. (CVE-2024-25111)
Joshua Rogers discovered that Squid incorrectly handled HTTP header
parsing. A remote trusted client can possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2024-25617)
google-guest-agent-20240314.00-4.fc41
Read Time:4 Minute, 7 Second
FEDORA-2024-74c4c65ff6
Packages in this update:
google-guest-agent-20240314.00-4.fc41
Update description:
Automatic update for google-guest-agent-20240314.00-4.fc41.
Changelog
* Wed Apr 10 2024 Major Hayden <major@redhat.com> – 20240314.00-4
– Skip events test
* Wed Apr 10 2024 Major Hayden <major@redhat.com> – 20240314.00-3
– Fix typo in License filename
* Wed Apr 10 2024 Major Hayden <major@redhat.com> – 20240314.00-2
– Sync packit config with other GCP pkgs
* Wed Apr 10 2024 Major Hayden <major@redhat.com> – 20240314.00-1
– Update to 20240314.00 rhbz#2274184
* Wed Apr 10 2024 Fedora Release Engineering <releng@fedoraproject.org> – 20230726.00-8
– Unretirement Releng Request: https://pagure.io/releng/issue/12057
* Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> – 20230726.00-7
– Rebuild for golang 1.22.0
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> – 20230726.00-6
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jan 20 2024 Fedora Release Engineering <releng@fedoraproject.org> – 20230726.00-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Sep 6 2023 Major Hayden <major@redhat.com> – 20230726.00-4
– PRs to rawhide only
* Fri Jul 28 2023 Major Hayden <major@redhat.com> – 20230726.00-3
– Fix typo on ppc64le
* Fri Jul 28 2023 Major Hayden <major@redhat.com> – 20230726.00-2
– Disable ppc64/s390x arches
* Fri Jul 28 2023 Packit <hello@packit.dev> – 20230726.00-1
– [packit] 20230726.00 upstream release
* Tue Jul 25 2023 Major Hayden <major@redhat.com> – 20230725.00-2
– Disable koji auto build with packit
* Tue Jul 25 2023 Packit <hello@packit.dev> – 20230725.00-1
– [packit] 20230725.00 upstream release
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> – 20230711.00-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jul 12 2023 Major Hayden <major@redhat.com> – 20230711.00-1
– Update to 20230711.00 rhbz#2222161
* Wed Jul 12 2023 Major Hayden <major@redhat.com> – 20230707.00-2
– Add packit config 🤖
* Tue Jul 11 2023 Major Hayden <major@redhat.com> – 20230707.00-1
– Update to 20230707.00 rhbz#2221432
* Mon Jul 3 2023 Major Hayden <major@redhat.com> – 20230628.00-1
– Update to 20230628.00 rhbz#2218708
* Wed Jun 28 2023 Major Hayden <major@redhat.com> – 20230626.00-1
– Update to 20230626.00 rhbz#2218220
* Mon Jun 12 2023 Major Hayden <major@redhat.com> – 20230601.00-1
– Update to 20230601.00 rhbz#2211674
* Thu May 18 2023 Major Hayden <major@redhat.com> – 20230517.00-1
– Update to 20230517.00 rhbz#2208103
* Mon May 15 2023 Major Hayden <major@redhat.com> – 20230510.00-1
– Update to 20230510.00 rhbz#2198979
* Mon May 1 2023 Major Hayden <major@redhat.com> – 20230426.00-1
– Update to 20230426.00 rhbz#2190065
* Thu Apr 6 2023 Major Hayden <major@redhat.com> – 20230403.00-1
– Update to 20230403.00 rhbz#2183053
* Tue Mar 28 2023 Major Hayden <major@redhat.com> – 20230221.00-2
– Bump revision for rebuild rhbz#2178465
* Tue Feb 28 2023 Major Hayden <major@redhat.com> – 20230221.00-1
– Update to 20230221.00 rhbz#2172749
* Wed Feb 22 2023 Major Hayden <major@redhat.com> – 20230207.00-2
– Set SPDX license
* Mon Feb 13 2023 Major Hayden <major@redhat.com> – 20230207.00-1
– Update to 20230207.00 rhbz#2160637
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> – 20221109.00-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 14 2022 Major Hayden <major@redhat.com> – 20221109.00-1
– Update to 20221109.00 rhbz#2140412
* Wed Oct 26 2022 Major Hayden <major@redhat.com> – 20221025.00-1
– Update to 20221025.00 rhbz#2136314
* Wed Oct 12 2022 Major Hayden <major@redhat.com> – 20220927.00-1
– Update to 20220927.00 rhbz#2130931
* Thu Aug 25 2022 Major Hayden <major@redhat.com> – 20220824.00-1
– Update to 20220824.00 rhbz#2120895
* Thu Aug 18 2022 Major Hayden <major@redhat.com> – 20220816.01-1
– Update to 20220816.01 rhbz#2119456
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> – 20201217.02-6
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <gotmax@e.email> – 20201217.02-5
– Rebuild for
CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Sat Jun 18 2022 Robert-André Mauchin <zebob.m@gmail.com> – 20201217.02-4
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327,
CVE-2022-27191, CVE-2022-29526, CVE-2022-30629
perl-Clipboard-0.29-1.el8
Read Time:10 Second
FEDORA-EPEL-2024-f060b59d26
Packages in this update:
perl-Clipboard-0.29-1.el8
Update description:
Update to 0.29
– Fixes ‘clipbrowse command execution with multi-line clipboard text including “| sh”‘
perl-Clipboard-0.29-1.el7
Read Time:10 Second
FEDORA-EPEL-2024-a8b1cd8e52
Packages in this update:
perl-Clipboard-0.29-1.el7
Update description:
Update to 0.29
– Fixes ‘clipbrowse command execution with multi-line clipboard text including “| sh”‘
perl-Clipboard-0.29-1.el9
Read Time:10 Second
FEDORA-EPEL-2024-6ebc36e81d
Packages in this update:
perl-Clipboard-0.29-1.el9
Update description:
Update to 0.29
– Fixes ‘clipbrowse command execution with multi-line clipboard text including “| sh”‘
perl-Clipboard-0.29-1.fc40
Read Time:9 Second
FEDORA-2024-2843f37353
Packages in this update:
perl-Clipboard-0.29-1.fc40
Update description:
Update to 0.29
– Fixes ‘clipbrowse command execution with multi-line clipboard text including “| sh”‘
perl-Clipboard-0.29-1.fc39
Read Time:9 Second
FEDORA-2024-43a0920f12
Packages in this update:
perl-Clipboard-0.29-1.fc39
Update description:
Update to 0.29
– Fixes ‘clipbrowse command execution with multi-line clipboard text including “| sh”‘
perl-Clipboard-0.29-1.fc41
Read Time:17 Second
FEDORA-2024-966c267928
Packages in this update:
perl-Clipboard-0.29-1.fc41
Update description:
Automatic update for perl-Clipboard-0.29-1.fc41.
Changelog
* Wed Apr 10 2024 Xavier Bachelot <xavier@bachelot.org> – 0.29-1
– Update to 0.29 (RHBZ#2273832)
– Fixes RHBZ#2257224 and RHBZ#2257225
– Convert License: to SPDX