Fedora Essential and Critical Security Patch Updates - Page 8
Find the information you need for your favorite open source distribution .
Fedora 39: libsoup3 2024-a059ea1dfc Security Advisory Updates
Add patches to fix: CVE-2024-52530 libsoup3: HTTP request smuggling via stripping null bytes from the ends of header names (bug #2325358) CVE-2024-52532 libsoup3: infinite loop while reading websocket data (bug #2325356)
Fedora 41: php 2024-3891a08c9e Security Advisory Updates
PHP version 8.3.14 (21 Nov 2024) CLI: Fixed bug GH-16373 (Shebang is not skipped for router script in cli-server started through shebang). (ilutov) Fixed bug GHSA-4w77-75f9-2c8w (Heap-Use-After-Free in sapi_read_post_data
Fedora 41: dotnet9.0 2024-aab6aded81 Security Advisory Updates
This is the .NET 9.0 GA release. It contains security fixes for CVE-2024-43498 and CVE-2024-43499 Announcement: https://devblogs.microsoft.com/dotnet/announcing-dotnet-9/ Release Notes: https://github.com/dotnet/core/blob/main/release- notes/9.0/9.0.0/9.0.0.md
Fedora 41: libsndfile 2024-1318318e7a Security Advisory Updates
fix crash in in ogg vorbis (#2322326) (CVE-2024-50612)
Fedora 41: trafficserver 2024-f4dc07db08 Security Advisory Updates
Update to upstream 9.2.6 Backport fix for broken oubound TLS with OpenSSL 3.2+ Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306
Fedora 40: trafficserver 2024-b3c4e8da81 Security Advisory Updates
Update to upstream 9.2.6 Backport fix for broken oubound TLS with OpenSSL 3.2+ Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306
Fedora 40: microcode_ctl 2024-d20a106350 Security Advisory Updates
Update to upstream 2.1-47. 20241112 Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603; Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0 up to 0x2b000603;
Fedora 39: trafficserver 2024-589ea34c42 Security Advisory Updates
Update to upstream 9.2.6 Backport fix for broken oubound TLS with OpenSSL 3.2+ Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306
Fedora 39: microcode_ctl 2024-7dfc167df4 Security Advisory Updates
Update to upstream 2.1-47. 20241112 Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603; Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0 up to 0x2b000603;
Fedora 41: llvm-test-suite 2024-6d9aba8c3c Security Advisory Updates
Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf: Eicar-Signature MultiSource/Applications/ClamAV/inputs/clam.zip: Clamav.Test.File-6 MultiSource/Applications/ClamAV/inputs/rtf-test/docCLAMexe.rtf:
Fedora 40: llvm-test-suite 2024-300397332b Security Advisory Updates
Remove ClamAV subdirectory because of viruses in input files: These were the findings: MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf: Eicar-Signature MultiSource/Applications/ClamAV/inputs/clam.zip: Clamav.Test.File-6 MultiSource/Applications/ClamAV/inputs/rtf-test/docCLAMexe.rtf:
Fedora 41: lemonldap-ng 2024-7bc1df53fc Security Advisory Updates
Update to lemonldap-ng 2.20.1: [Security] Adaptative Authentication Rules triggered by "Refresh my rights" [Security] XSS in upgradeSession / forceUpgrade pages downloadSamlMetadata missing from packages in 2.20.0 CDA request for id is not valid
Fedora 41: mingw-expat 2024-fa21fd6c77 Security Advisory Updates
Update to 2.6.4. Backport fix for CVE-2024-50602.
Fedora 39: lemonldap-ng 2024-d0a6c4ac13 Security Advisory Updates
Update to lemonldap-ng 2.20.1: [Security] Adaptative Authentication Rules triggered by "Refresh my rights" [Security] XSS in upgradeSession / forceUpgrade pages downloadSamlMetadata missing from packages in 2.20.0 CDA request for id is not valid
Fedora 40: lemonldap-ng 2024-e457192aa2 Security Advisory Updates
Update to lemonldap-ng 2.20.1: [Security] Adaptative Authentication Rules triggered by "Refresh my rights" [Security] XSS in upgradeSession / forceUpgrade pages downloadSamlMetadata missing from packages in 2.20.0 CDA request for id is not valid
Fedora 40: mingw-expat 2024-cdde5c873d Security Advisory Updates
Update to 2.6.4. Backport fix for CVE-2024-50602.
Fedora 40: dotnet9.0 2024-70cf80279f Security Advisory Updates
This is the .NET 9.0 GA release. It contains security fixes for CVE-2024-43498 and CVE-2024-43499 Announcement: https://devblogs.microsoft.com/dotnet/announcing-dotnet-9/ Release Notes: https://github.com/dotnet/core/blob/main/release- notes/9.0/9.0.0/9.0.0.md
Fedora 41: ghostscript 2024-69af78a508 Security Advisory Updates
CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space (fedora#2325238) 2325241 - CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46955 CVE-2024-46956 ghostscript: various flaws [fedora-41]
