27.08.2023 16:15 update to 116.0.5845.96. Fixes following security issues: CVE-2023-2312 CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353 CVE-2023-4354 CVE-2023-4355 CVE-2023-4356 CVE-2023-4357 CVE-2023-4358 CVE-2023-4359 CVE-2023-4360 CVE-2023-4361 CVE-2023-4362
27.08.2023 16:15 This update takes caddy from 2.5.2 to 2.6.4. The primary purpose is to resolve CVE-2022-41721. This is a fairly significant upgrade with lots of new features and fixes, but after reviewing the upstream release notes I believe it should comply with the Fedora updates policy. The upgrade warnings in the release notes are described as either backwards compatible, marking a directive as deprecated
27.08.2023 16:15 update to xen-4.16.5 which includes x86/AMD: Speculative Return Stack Overflow x86/Intel: Gather Data Sampling remove patches now included upstream ---- arm: Guests can trigger a deadlock on Cortex-A77 ---- bugfix for x86/AMD: Zenbleed ---- x86/AMD: Zenbleed
27.08.2023 16:15 This update takes caddy from 2.5.2 to 2.6.4. The primary purpose is to resolve a long standing FTBFS related to golang 1.20. The current F38 package is actually a carried-foward F37 build because of that reason. It also resolves CVE-2022-41721. This is a fairly significant upgrade with lots of new features and fixes, but after reviewing the upstream release notes I believe it should
27.08.2023 06:00 A specific flaw within the processing of recovery volumes exists in UnRAR, an unarchiver for rar files. It allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability. The target must visit a malicious page or open a malicious rar
26.08.2023 10:00 Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
25.08.2023 13:15 Update to latest upstream git snapshot. Various changes, including bug fix for cookie leak vulnerability.
25.08.2023 13:15 Update to latest upstream git snapshot. Various changes, including bug fix for cookie leak vulnerability.
25.08.2023 13:15 JOSE for C/C++ could be made to crash if it received specially crafted input.
25.08.2023 02:45 Fast DDS could be made to crash or expose sensitive information if it received specially crafted input.
25.08.2023 02:45 "Edbo" and Cedric Krier discovered that the Tryton application server does enforce record rules when only reading fields without an SQL type .
25.08.2023 02:45 Han Zheng discovered an out-of-bounds write in w3m, a text based web browser and pager. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
25.08.2023 02:45 The following updated rpms for Oracle Linux 6 Extended Lifecycle Support have been uploaded to the Unbreakable Linux Network:
25.08.2023 02:45 The following updated rpms for Oracle Linux 6 Extended Lifecycle Support have been uploaded to the Unbreakable Linux Network:
25.08.2023 02:45 The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
