FEDORA-2024-afeeca72ce

Packages in this update:

php-tcpdf-6.7.7-1.fc40

Update description:

Version 6.7.7 (2024-10-26)

Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function

Read More

FEDORA-2024-0b2854c95b

Packages in this update:

php-tcpdf-6.7.7-1.fc39

Update description:

Version 6.7.7 (2024-10-26)

Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function

Version 6.7.6 (2024-10-06)

Forbid access to parent folder in HTML images.

Version 6.7.5 (2024-04-20)

Update GitHub actions
fix: CSV-2024-22640 (#712)

Version 6.7.4 (2024-03-24)

Upgrade tcpdf tag encryption algorithm.
Fix regression issue #699.
Fix security issue.
[BREAKING CHANGE] The tcpdf HTML tag syntax has changed, see example_049.php.
New K_ALLOWED_TCPDF_TAGS configuration constant to set the allowed methods for the tcdpf HTML tag.
Raised minimum PHP version to PHP 5.5.0.

Read More

Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.

https://security-tracker.debian.org/tracker/DSA-5799-1

Read More

FEDORA-2024-6a0e07c9c7

Packages in this update:

chromium-130.0.6723.69-1.fc39

Update description:

update to 130.0.6723.69

* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8

Read More

FEDORA-EPEL-2024-983c32d3fa

Packages in this update:

chromium-130.0.6723.69-1.el8

Update description:

update to 130.0.6723.69

* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8

Read More

FEDORA-2024-1178c53bb1

Packages in this update:

chromium-130.0.6723.69-1.fc41

Update description:

update to 130.0.6723.69

* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8

Read More

FEDORA-EPEL-2024-db9e2d0206

Packages in this update:

chromium-130.0.6723.69-1.el9

Update description:

update to 130.0.6723.69

* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8

Read More

FEDORA-2024-f1117faa03

Packages in this update:

chromium-130.0.6723.69-1.fc40

Update description:

update to 130.0.6723.69

* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8

Read More

FEDORA-2024-b07b0b41ec

Packages in this update:

llama-cpp-b3561-1.fc40

Update description:

Update to b3561

Read More

FEDORA-2024-51bff89a25

Packages in this update:

python-quart-0.19.8-1.fc40

Update description:

Security fix for GHSA-q34m-jh98-gwm2.

0.19.8 2024-10-25

Bugfix: Fix missing check that caused the previous fix to raise an error.

0.19.7 2024-10-25

Security Fix: how max_form_memory_size is applied when parsing large non-file fields. https://github.com/advisories/GHSA-q34m-jh98-gwm2

Read More