Read Time:10 Second
FEDORA-2024-4fc7cdc194
Packages in this update:
syncthing-1.28.0-1.fc39
Update description:
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
Category Archives: Advisories
syncthing-1.28.0-1.el8
Read Time:10 Second
FEDORA-EPEL-2024-01e6624836
Packages in this update:
syncthing-1.28.0-1.el8
Update description:
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
php-tcpdf-6.7.7-1.fc41
Read Time:46 Second
FEDORA-2024-b00678c08a
Packages in this update:
php-tcpdf-6.7.7-1.fc41
Update description:
Version 6.7.7 (2024-10-26)
Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function
php-tcpdf-6.7.7-1.fc40
Read Time:46 Second
FEDORA-2024-afeeca72ce
Packages in this update:
php-tcpdf-6.7.7-1.fc40
Update description:
Version 6.7.7 (2024-10-26)
Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function
php-tcpdf-6.7.7-1.fc39
Read Time:1 Minute, 12 Second
FEDORA-2024-0b2854c95b
Packages in this update:
php-tcpdf-6.7.7-1.fc39
Update description:
Version 6.7.7 (2024-10-26)
Update regular expression to avoid ReDoS (CVE-2024-22641)
[PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675
SVG detection fix for inline data images #646
Fix count svg #647
Since the version 6.7.4, the “0” is considered like empty string and not displayed
Fixed handling of transparency in PDF/A mode in addExtGState method
Encrypt /DA string when document is encrypted
Improve quality of generated seed, avoid potential security pitfall
Try to use random_bytes() first if it’s available
Do not include the server parameters in the generated seed, as they might contain sensitive data
Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page
Fix SVG coordinate parser that caused drawing artifacts
Remove usage of xml_set_object() function
Version 6.7.6 (2024-10-06)
Forbid access to parent folder in HTML images.
Version 6.7.5 (2024-04-20)
Update GitHub actions
fix: CSV-2024-22640 (#712)
Version 6.7.4 (2024-03-24)
Upgrade tcpdf tag encryption algorithm.
Fix regression issue #699.
Fix security issue.
[BREAKING CHANGE] The tcpdf HTML tag syntax has changed, see example_049.php.
New K_ALLOWED_TCPDF_TAGS configuration constant to set the allowed methods for the tcdpf HTML tag.
Raised minimum PHP version to PHP 5.5.0.
DSA-5799-1 chromium – security update
Read Time:9 Second
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
chromium-130.0.6723.69-1.fc39
Read Time:14 Second
FEDORA-2024-6a0e07c9c7
Packages in this update:
chromium-130.0.6723.69-1.fc39
Update description:
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8
chromium-130.0.6723.69-1.el8
Read Time:14 Second
FEDORA-EPEL-2024-983c32d3fa
Packages in this update:
chromium-130.0.6723.69-1.el8
Update description:
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8
chromium-130.0.6723.69-1.fc41
Read Time:14 Second
FEDORA-2024-1178c53bb1
Packages in this update:
chromium-130.0.6723.69-1.fc41
Update description:
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8
chromium-130.0.6723.69-1.el9
Read Time:14 Second
FEDORA-EPEL-2024-db9e2d0206
Packages in this update:
chromium-130.0.6723.69-1.el9
Update description:
update to 130.0.6723.69
* High CVE-2024-10229: Inappropriate implementation in Extensions
* High CVE-2024-10230: Type Confusion in V8
* High CVE-2024-10231: Type Confusion in V8