Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
89
security advisorydenial of servicefedoraFedora 42 mingw-binutils Security Advisory FEDORA-2026-fe96f3532b
Backport fixes for multiple CVEs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fe96f3532b 2026-04-05 00:58:39.922013+00:00 -------------------------------------------------------------------------------- Name : mingw-binutils Product : Fedora 42 Version : 2.43.1 Release : 6.fc42 URL : http://www.gnu.org/software/binutils/ Summary : Cross-compiled version of binutils for Win32 and Win64 environments Description : Cross compiled binutils (utilities like 'strip', 'as', 'ld') which understand Windows executables and DLLs. -------------------------------------------------------------------------------- Update Information: Backport fixes for multiple CVEs. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Sandro Mani - 2.43.1-6 - Backport fixes for CVE-2025-11081, CVE-2025-11839, CVE-2025-11840, CVE-2025-69644, CVE-2025-69645, CVE-2025-69646, CVE-2025-69647, CVE-2025-69648, CVE-2025-69649, CVE-2025-69650, CVE-2025-69651, CVE-2025-69652, CVE-2026-4647 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2404507 - CVE-2025-11839 mingw-binutils: GNU Binutils prdbg.c tg_tag_type return value [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2404507 [ 2 ] Bug #2404556 - CVE-2025-11840 mingw-binutils: GNU Binutils out-of-bounds read [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2404556 [ 3 ] Bug #2445279 - CVE-2025-69646 mingw-binutils: Binutils: Denial of Service via malformed DWARF debug_rnglists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445279 [ 4 ] Bug #2445283 - CVE-2025-69644 mingw-binutils: Binutils: Denial of Service via crafted binary with malformed DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445283 [ 5 ] Bug #2445286 -CVE-2025-69645 mingw-binutils: Binutils objdump: Denial of Service via crafted DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445286 [ 6 ] Bug #2445389 - CVE-2025-69651 mingw-binutils: Binutils: Denial of Service via crafted ELF binary processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445389 [ 7 ] Bug #2448118 - CVE-2025-69650 mingw-binutils: double free in readelf via crafted ELF binary with malformed relocation data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448118 [ 8 ] Bug #2448126 - CVE-2025-69649 mingw-binutils: NULL pointer dereference in readelf via crafted ELF binary with malformed header fields [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448126 [ 9 ] Bug #2448137 - CVE-2025-69652 mingw-binutils: abort in readelf via crafted ELF binary with malformed DWARF abbrev or debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448137 [ 10 ] Bug #2448145 - CVE-2025-69647 mingw-binutils: infinite loop in readelf via crafted binary with malformed DWARF loclists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448145 [ 11 ] Bug #2448153 - CVE-2025-69648 mingw-binutils: infinite loop in readelf via crafted binary with malformed DWARF .debug_rnglists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448153 [ 12 ] Bug #2450319 - CVE-2026-4647 mingw-binutils: Out-of-Bounds Read in XCOFF Relocation Processing in GNU Binutils BFD Library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2450319 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fe96f3532b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 05, 2026
Fedora
89
security advisoryupdateFedoraFedora 40 Security Update: Addressing Matrix-Synapse Memory Issues
CVE-2024-52805, CVE-2024-52815, CVE-2024-53863 Backport fixes from v1.120.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-995720f767 2024-12-13 01:37:02.761820+00:00 -------------------------------------------------------------------------------- Name : matrix-synapse Product : Fedora 40 Version : 1.111.1 Release : 3.fc40 URL : https://github.com/element-hq/synapse Summary : A Matrix reference homeserver written in Python using Twisted Description : Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in the context of a coded base and let you run your own homeserver and generally help bootstrap the ecosystem. -------------------------------------------------------------------------------- Update Information: CVE-2024-52805, CVE-2024-52815, CVE-2024-53863 Backport fixes from v1.120.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 3 2024 Kai A. Hiller - 1.111.1-3 - CVE-2024-52805, CVE-2024-52815, CVE-2024-53863 * Tue Dec 3 2024 Kai A. Hiller - 1.111.1-2 - Backport fixes from v1.120.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2330234 - CVE-2024-52805 matrix-synapse: Synapse allows unsupported content types to lead to memory exhaustion [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2330234 [ 2 ] Bug #2330237 - CVE-2024-52815 matrix-synapse: A malformed invite can break the invitee's `/sync` [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2330237 [ 3 ] Bug #2330239 - CVE-2024-53863 matrix-synapse: Synapse can be forced to thumbnail unexpected file formats, invokingexternal, potentially untrustworthy decoders [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2330239 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-995720f767' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 13, 2024
•Critical
Fedora
89
security advisorysecurity updatefedoraFedora 38: FEDORA-2024-e8a02e129e critical: ofono remote code execution
Backport upstream fixes for CVE-2023-4233 and CVE-2023-4234. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-e8a02e129e 2024-03-29 02:39:36.209054 -------------------------------------------------------------------------------- Name : ofono Product : Fedora 38 Version : 1.34 Release : 4.fc38 URL : Summary : Open Source Telephony Description : oFono.org is a place to bring developers together around designing an infrastructure for building mobile telephony (GSM/UMTS) applications. oFono includes a high-level D-Bus API for use by telephony applications. oFono also includes a low-level plug-in API for integrating with telephony stacks, cellular modems and storage back-ends. -------------------------------------------------------------------------------- Update Information: Backport upstream fixes for CVE-2023-4233 and CVE-2023-4234 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 19 2024 Artur Frenszek-Iwicki - 1.34-4 - Backport upstream fix for CVE-2023-4233 and CVE-2023-4234 * Thu Jan 19 2023 Fedora Release Engineering - 1.34-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2255396 - CVE-2023-4233 ofono: SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability within the sms_decode_address_field() function https://bugzilla.redhat.com/show_bug.cgi?id=2255396 [ 2 ] Bug #2255399 - CVE-2023-4234 ofono: SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability within the decode_submit_report() function https://bugzilla.redhat.com/show_bug.cgi?id=2255399 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2024-e8a02e129e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 29, 2024
•Critical
Fedora
89
security advisorysoftware updateFedoraFedora 34: 2022-e4087f9366 Moderate: Python Pillow Image Fixes
Backport fixes for CVE-2022-{22815,22816,22817}.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-e4087f9366 2022-02-04 01:20:59.298130 --------------------------------------------------------------------------------Name : python-pillow Product : Fedora 34 Version : 8.1.2 Release : 6.fc34 URL : Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk (tk interface), qt (PIL image wrapper for Qt), devel (development) and doc (documentation). --------------------------------------------------------------------------------Update Information: Backport fixes for CVE-2022-{22815,22816,22817}. --------------------------------------------------------------------------------ChangeLog: * Tue Jan 25 2022 Sandro Mani - 8.1.2-6 - Backport patches for CVE-2022-{22815,22816,22817} --------------------------------------------------------------------------------References: [ 1 ] Bug #2042512 - CVE-2022-22815 mingw-python-pillow: python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042512 [ 2 ] Bug #2042513 - CVE-2022-22815 python-pillow: improperly initializes ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042513 [ 3 ] Bug #2042523 - CVE-2022-22816 python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042523 [ 4 ] Bug #2042524 - CVE-2022-22816 mingw-python-pillow: python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042524 [ 5 ] Bug #2042528 - CVE-2022-22817 mingw-python-pillow: python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042528 [ 6 ] Bug #2042530 - CVE-2022-22817 python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2042530 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-e4087f9366' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 03, 2022
Fedora
89
security advisorysecurity issuecriticalFedora 32: 2021-0ece308612 Critical: Python2-Pillow DoS Attacks
This update fixes CVE-2021-27921, CVE-2021-27922 and CVE-2021-27923. ---- Backport fixes for CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-0ece308612 2021-03-15 01:05:35.340646 --------------------------------------------------------------------------------Name : python2-pillow Product : Fedora 32 Version : 6.2.2 Release : 5.fc32 URL : / Summary : Python image processing library Description : Python image processing library, fork of the Python Imaging Library (PIL) This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. This is a minimal compatibility package for https://pagure.io/fesco/issue/2266 --------------------------------------------------------------------------------Update Information: This update fixes CVE-2021-27921, CVE-2021-27922 and CVE-2021-27923. ----Backport fixes for CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293 --------------------------------------------------------------------------------ChangeLog: * Sat Mar 6 2021 Sandro Mani - 6.2.2-5 - Backport patch for CVE-2021-2792{1,2,3} * Fri Mar 5 2021 Sandro Mani - 6.2.2-4 - Backport fixes for CVE-2020-35653, CVE-2020-35654, CVE-2020-35655 - Backport fixes for CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293 * Wed Jul 29 2020 Fedora Release Engineering - 6.2.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1933899 - python-pillow-8.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1933899 [ 2 ] Bug #1934681 - CVE-2021-25289 python-pillow: insufficent fix for CVE-2020-35654 due to incorrect error checking in TiffDecode.c[fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934681 [ 3 ] Bug #1934682 - CVE-2021-25289 python2-pillow: python-pillow: insufficent fix for CVE-2020-35654 due to incorrect error checking in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934682 [ 4 ] Bug #1934683 - CVE-2021-25289 mingw-python-pillow: python-pillow: insufficent fix for CVE-2020-35654 due to incorrect error checking in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934683 [ 5 ] Bug #1934686 - CVE-2021-25290 python-pillow: negative-offset memcpy with an invalid size in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934686 [ 6 ] Bug #1934687 - CVE-2021-25290 python2-pillow: python-pillow: negative-offset memcpy with an invalid size in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934687 [ 7 ] Bug #1934688 - CVE-2021-25290 mingw-python-pillow: python-pillow: negative-offset memcpy with an invalid size in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934688 [ 8 ] Bug #1934693 - CVE-2021-25291 python-pillow: out-of-bounds read in TiffReadRGBATile in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934693 [ 9 ] Bug #1934694 - CVE-2021-25291 python2-pillow: python-pillow: out-of-bounds read in TiffReadRGBATile in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934694 [ 10 ] Bug #1934695 - CVE-2021-25291 mingw-python-pillow: python-pillow: out-of-bounds read in TiffReadRGBATile in TiffDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934695 [ 11 ] Bug #1934700 - CVE-2021-25292 python-pillow: backtracking regex in PDF parser could be used as a DOS attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934700 [ 12 ] Bug #1934701 - CVE-2021-25292 python2-pillow: python-pillow: backtracking regex in PDF parser could be used as a DOS attack[fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934701 [ 13 ] Bug #1934702 - CVE-2021-25292 mingw-python-pillow: python-pillow: backtracking regex in PDF parser could be used as a DOS attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934702 [ 14 ] Bug #1934706 - CVE-2021-25293 python-pillow: out-of-bounds read in SGIRleDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934706 [ 15 ] Bug #1934707 - CVE-2021-25293 python2-pillow: python-pillow: out-of-bounds read in SGIRleDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934707 [ 16 ] Bug #1934708 - CVE-2021-25293 mingw-python-pillow: python-pillow: out-of-bounds read in SGIRleDecode.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1934708 [ 17 ] Bug #1935385 - CVE-2021-27921 python-pillow: reported size of a contained image is not properly checked for a BLP container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935385 [ 18 ] Bug #1935386 - CVE-2021-27921 python2-pillow: python-pillow: reported size of a contained image is not properly checked for a BLP container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935386 [ 19 ] Bug #1935388 - CVE-2021-27921 mingw-python-pillow: python-pillow: reported size of a contained image is not properly checked for a BLP container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935388 [ 20 ] Bug #1935397 - CVE-2021-27922 python-pillow: reported size of a contained image is not properly checked for an ICNS container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935397 [ 21 ] Bug #1935398 - CVE-2021-27922 python2-pillow: python-pillow: reported size of a contained image is not properly checked for an ICNS container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935398 [ 22 ] Bug #1935399 - CVE-2021-27922 mingw-python-pillow: python-pillow: reported size of a contained image is not properlychecked for an ICNS container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935399 [ 23 ] Bug #1935402 - CVE-2021-27923 python-pillow: reported size of a contained image is not properly checked for an ICO container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935402 [ 24 ] Bug #1935403 - CVE-2021-27923 python2-pillow: python-pillow: reported size of a contained image is not properly checked for an ICO container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935403 [ 25 ] Bug #1935405 - CVE-2021-27923 mingw-python-pillow: python-pillow: reported size of a contained image is not properly checked for an ICO container [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1935405 [ 26 ] Bug #1936047 - python-pillow-8.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1936047 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-0ece308612' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 14, 2021
•Critical
Fedora
89
security advisorymoderatebuffer overflowFedora 33 FEDORA-2021-a8ddc1ce70 Moderate: MinGW Buffer Overflow
Backport fixes for CVE-2020-35653, CVE-2020-35654, CVE-2020-35655.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-a8ddc1ce70 2021-01-21 01:44:43.057599 --------------------------------------------------------------------------------Name : mingw-python-pillow Product : Fedora 33 Version : 7.2.0 Release : 3.fc33 URL : Summary : MinGW Windows Python pillow library Description : MinGW Windows Python pillow library. --------------------------------------------------------------------------------Update Information: Backport fixes for CVE-2020-35653, CVE-2020-35654, CVE-2020-35655. --------------------------------------------------------------------------------ChangeLog: * Fri Jan 15 2021 Sandro Mani - 7.2.0-3 - Backport fixes for CVE-2020-35653, CVE-2020-35654, CVE-2020-35655 --------------------------------------------------------------------------------References: [ 1 ] Bug #1915427 - CVE-2020-35654 python-pillow: decoding crafted YCbCr files could result in heap-based buffer overflow [fedora-33] https://bugzilla.redhat.com/show_bug.cgi?id=1915427 [ 2 ] Bug #1915428 - CVE-2020-35653 python-pillow: decoding a crafted PCX file could result in buffer over-read [fedora-33] https://bugzilla.redhat.com/show_bug.cgi?id=1915428 [ 3 ] Bug #1915434 - CVE-2020-35655 python-pillow: decoding crafted SGI RLE image files could result in buffer over-read [fedora-33] https://bugzilla.redhat.com/show_bug.cgi?id=1915434 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-a8ddc1ce70' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 20, 2021
Fedora
89
security advisoryFedorasecurity fixFedora 29 mingw-poppler: 2019-7085420900 moderate: Buffer Over-Read Issue
Backport security fixes: CVE-2019-7310, CVE-2018-20662. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-7085420900 2019-03-15 18:28:14.962048 --------------------------------------------------------------------------------Name : mingw-poppler Product : Fedora 29 Version : 0.67.0 Release : 4.fc29 URL : http://poppler.freedesktop.org/ Summary : MinGW Windows Poppler library Description : MinGW Windows Poppler library. --------------------------------------------------------------------------------Update Information: Backport security fixes: CVE-2019-7310, CVE-2018-20662 --------------------------------------------------------------------------------ChangeLog: * Wed Feb 20 2019 Sandro Mani - 0.67.0-4 - Backport security fixes: CVE-2018-20662, CVE-2019-7310 * Wed Jan 30 2019 Sandro Mani - 0.67.0-3 - Backport security fixes: CVE-2018-20481, CVE-2018-20551, CVE-2018-20650 * Thu Dec 20 2018 Sandro Mani - 0.67.0-2 - Backport security fixes: CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060, CVE-2018-19149 --------------------------------------------------------------------------------References: [ 1 ] Bug #1665273 - CVE-2018-20662 poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc https://bugzilla.redhat.com/show_bug.cgi?id=1665273 [ 2 ] Bug #1672419 - CVE-2019-7310 poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc https://bugzilla.redhat.com/show_bug.cgi?id=1672419 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-7085420900' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 15, 2019
Fedora
89
security advisoryFedoracritical threatFedora 28 FEDORA-2018-578fa05659 Critical: MinGW-Podofo Multiple Threats
Backport security fixes for: CVE-2017-7380, CVE-2017-7381, CVE-2017-7382, CVE-2017-7383, CVE-2017-5852, CVE-2017-5853, CVE-2017-6844, CVE-2017-5854, CVE-2017-5855, CVE-2017-5886, CVE-2018-8000, CVE-2017-6840, CVE-2017-6842, CVE-2017-6843, CVE-2017-6845, CVE-2017-6847, CVE-2017-6848, CVE-2017-7378, CVE-2017-7379, CVE-2017-7994, CVE-2017-8054, CVE-2017-8378, CVE-2017-8787,. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-578fa05659 2018-06-25 10:52:59.223386 --------------------------------------------------------------------------------Name : mingw-podofo Product : Fedora 28 Version : 0.9.5 Release : 6.fc28 URL : https://github.com/podofo/podofo Summary : MinGW Windows podofo library Description : MinGW Windows podofo library. --------------------------------------------------------------------------------Update Information: Backport security fixes for: CVE-2017-7380, CVE-2017-7381, CVE-2017-7382, CVE-2017-7383, CVE-2017-5852, CVE-2017-5853, CVE-2017-6844, CVE-2017-5854, CVE-2017-5855, CVE-2017-5886, CVE-2018-8000, CVE-2017-6840, CVE-2017-6842, CVE-2017-6843, CVE-2017-6845, CVE-2017-6847, CVE-2017-6848, CVE-2017-7378, CVE-2017-7379, CVE-2017-7994, CVE-2017-8054, CVE-2017-8378, CVE-2017-8787, CVE-2018-5295, CVE-2018-5308 --------------------------------------------------------------------------------ChangeLog: * Fri Jun 15 2018 Sandro Mani - 0.9.5-6 - Backport security fixes (taken from debian package): CVE-2017-7380, CVE-2017-7381, CVE-2017-7382, CVE-2017-7383, CVE-2017-5852, CVE-2017-5853, CVE-2017-6844, CVE-2017-5854, CVE-2017-5855, CVE-2017-5886, CVE-2018-8000, CVE-2017-6840, CVE-2017-6842, CVE-2017-6843, CVE-2017-6845, CVE-2017-6847, CVE-2017-6848, CVE-2017-7378, CVE-2017-7379, CVE-2017-7994, CVE-2017-8054, CVE-2017-8378, CVE-2017-8787, CVE-2018-5295, CVE-2018-5308 * Thu Feb 8 2018 Fedora Release Engineering - 0.9.5-5 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-578fa05659' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 25, 2018
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!