Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
89
security advisoryfedorabuffer overflowFedora 42 Binaryen Important Buffer Overflow CVE-2025-14956 2026-3831e11232
Fixes CVE-2025-14956 .. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3831e11232 2026-04-30 01:28:38.068267+00:00 -------------------------------------------------------------------------------- Name : binaryen Product : Fedora 42 Version : 126 Release : 1.fc42 URL : https://github.com/WebAssembly/binaryen Summary : Compiler and toolchain infrastructure library for WebAssembly Description : Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: * Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form but also accepts a general control flow graph for compilers that prefer that. * Fast: Binaryen's internal IR uses compact data structures and is designed for completely parallel codegen and optimization, using all available CPU cores. Binaryen's IR also compiles down to WebAssembly extremely easily and quickly because it is essentially a subset of WebAssembly. * Effective: Binaryen's optimizer has many passes that can improve code very significantly (e.g. local coloring to coalesce local variables; dead code elimination; precomputing expressions when possible at compile time; etc.). These optimizations aim to make Binaryen powerful enough to be used as a compiler backend by itself. One specific area of focus is on WebAssembly-specific optimizations (that general-purpose compilers might not do), which you can think of as wasm minification , similar to minification for JavaScript, CSS, etc., all of which are language-specific (an example of such an optimization is block return value generation in SimplifyLocals). -------------------------------------------------------------------------------- Update Information: Fixes CVE-2025-14956. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 22 2026 Dominik Mierzejewski - 126-1 - update to 126 (resolves rhbz#2439791) - backport upstream fix for https://github.com/WebAssembly/binaryen/issues/8360 * Fri Jan 16 2026 Fedora Release Engineering - 125-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 125-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Nov 26 2025 Dominik Mierzejewski - 125-1 - update to 125 (resolves rhbz#2416026) * Sat Sep 27 2025 Dominik Mierzejewski - 124-1 - update to 124 (resolves rhbz#2392739) * Wed Jul 23 2025 Fedora Release Engineering - 123-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Sun Mar 30 2025 Dominik Mierzejewski - 123-1 - update to 123 (resolves rhbz#2354967) * Tue Mar 4 2025 Dominik Mierzejewski - 122-2 - unbundle FP16 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2429126 - CVE-2025-14956 binaryen: heap-based buffer overflow in WasmBinaryReader::readExpression() when parsing a malformed WebAssembly binary [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2429126 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3831e11232' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Apr 30, 2026
•Important
Fedora
89
security advisoryfedorabuffer overflowFedora 43 binaryen Critical Buffer Overflow Fix FEDORA-2026-fb3e461878
Fixes CVE-2025-14956 .. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fb3e461878 2026-04-30 01:19:30.574296+00:00 -------------------------------------------------------------------------------- Name : binaryen Product : Fedora 43 Version : 126 Release : 1.fc43 URL : https://github.com/WebAssembly/binaryen Summary : Compiler and toolchain infrastructure library for WebAssembly Description : Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: * Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form but also accepts a general control flow graph for compilers that prefer that. * Fast: Binaryen's internal IR uses compact data structures and is designed for completely parallel codegen and optimization, using all available CPU cores. Binaryen's IR also compiles down to WebAssembly extremely easily and quickly because it is essentially a subset of WebAssembly. * Effective: Binaryen's optimizer has many passes that can improve code very significantly (e.g. local coloring to coalesce local variables; dead code elimination; precomputing expressions when possible at compile time; etc.). These optimizations aim to make Binaryen powerful enough to be used as a compiler backend by itself. One specific area of focus is on WebAssembly-specific optimizations (that general-purpose compilers might not do), which you can think of as wasm minification , similar to minification for JavaScript, CSS, etc., all of which are language-specific (an example of such an optimization is block return value generation in SimplifyLocals). -------------------------------------------------------------------------------- Update Information: Fixes CVE-2025-14956. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 22 2026 Dominik Mierzejewski - 126-1 - update to 126 (resolves rhbz#2439791) - backport upstream fix for https://github.com/WebAssembly/binaryen/issues/8360 * Fri Jan 16 2026 Fedora Release Engineering - 125-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 125-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2429127 - CVE-2025-14956 binaryen: heap-based buffer overflow in WasmBinaryReader::readExpression() when parsing a malformed WebAssembly binary [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429127 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fb3e461878' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 30, 2026
•Critical
Fedora
89
security advisorymoderatefedoraFedora 36 Update: Binaryen Enhancements in Release 2023-b1234abcd5
Bug fixes and incremental optimization improvements. ---- Bugfix release including fix for CVE-2021-45290 and CVE-2021-45293.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-a662b2def6 2022-01-25 01:10:00.815558 --------------------------------------------------------------------------------Name : binaryen Product : Fedora 35 Version : 105 Release : 1.fc35 URL : https://github.com/WebAssembly/binaryen Summary : Compiler and toolchain infrastructure library for WebAssembly Description : Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: * Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form but also accepts a general control flow graph for compilers that prefer that. * Fast: Binaryen's internal IR uses compact data structures and is designed for completely parallel codegen and optimization, using all available CPU cores. Binaryen's IR also compiles down to WebAssembly extremely easily and quickly because it is essentially a subset of WebAssembly. * Effective: Binaryen's optimizer has many passes that can improve code very significantly (e.g. local coloring to coalesce local variables; dead code elimination; precomputing expressions when possible at compile time; etc.). These optimizations aim to make Binaryen powerful enough to be used as a compiler backend by itself. One specific area of focus is on WebAssembly-specific optimizations (that general-purpose compilers might not do), which you can think of as wasm minification , similar to minification for JavaScript, CSS, etc., all of which are language-specific (an example of such an optimization is block return value generation inSimplifyLocals). --------------------------------------------------------------------------------Update Information: Bug fixes and incremental optimization improvements. ---- Bugfix release including fix for CVE-2021-45290 and CVE-2021-45293. --------------------------------------------------------------------------------ChangeLog: * Sun Jan 16 2022 Dominik Mierzejewski 105-1 - update to 105 (#2040105) * Tue Jan 11 2022 Dominik Mierzejewski 104-1 - update to 104 (#2033827) - fixes CVE-2021-45290 (#2037323, #2037325) - fixes CVE-2021-45293 (#2037324, #2037326) --------------------------------------------------------------------------------References: [ 1 ] Bug #2033827 - binaryen-104 is available https://bugzilla.redhat.com/show_bug.cgi?id=2033827 [ 2 ] Bug #2037325 - CVE-2021-45290 binaryen: assertion abort in wasm::handle_unreachable [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037325 [ 3 ] Bug #2037326 - CVE-2021-45293 binaryen: Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037326 [ 4 ] Bug #2040105 - binaryen-105 is available https://bugzilla.redhat.com/show_bug.cgi?id=2040105 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-a662b2def6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 24, 2022
•Important
Fedora
89
security advisoryFedoramemory issueFedora 34: 2022-9a1e4d4123b Low: WebAssembly Memory Handling Flaw
Bug fixes and incremental optimization improvements. ---- Bugfix release including fix for CVE-2021-45290 and CVE-2021-45293.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-9d18d4159e 2022-01-25 01:02:31.955857 --------------------------------------------------------------------------------Name : binaryen Product : Fedora 34 Version : 105 Release : 1.fc34 URL : https://github.com/WebAssembly/binaryen Summary : Compiler and toolchain infrastructure library for WebAssembly Description : Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: * Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form but also accepts a general control flow graph for compilers that prefer that. * Fast: Binaryen's internal IR uses compact data structures and is designed for completely parallel codegen and optimization, using all available CPU cores. Binaryen's IR also compiles down to WebAssembly extremely easily and quickly because it is essentially a subset of WebAssembly. * Effective: Binaryen's optimizer has many passes that can improve code very significantly (e.g. local coloring to coalesce local variables; dead code elimination; precomputing expressions when possible at compile time; etc.). These optimizations aim to make Binaryen powerful enough to be used as a compiler backend by itself. One specific area of focus is on WebAssembly-specific optimizations (that general-purpose compilers might not do), which you can think of as wasm minification , similar to minification for JavaScript, CSS, etc., all of which are language-specific (an example of such an optimization is block return value generation inSimplifyLocals). --------------------------------------------------------------------------------Update Information: Bug fixes and incremental optimization improvements. ---- Bugfix release including fix for CVE-2021-45290 and CVE-2021-45293. --------------------------------------------------------------------------------ChangeLog: * Sun Jan 16 2022 Dominik Mierzejewski 105-1 - update to 105 (#2040105) * Tue Jan 11 2022 Dominik Mierzejewski 104-1 - update to 104 (#2033827) - fixes CVE-2021-45290 (#2037323, #2037325) - fixes CVE-2021-45293 (#2037324, #2037326) --------------------------------------------------------------------------------References: [ 1 ] Bug #2033827 - binaryen-104 is available https://bugzilla.redhat.com/show_bug.cgi?id=2033827 [ 2 ] Bug #2037325 - CVE-2021-45290 binaryen: assertion abort in wasm::handle_unreachable [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037325 [ 3 ] Bug #2037326 - CVE-2021-45293 binaryen: Invalid memory address dereference in wasm::WasmBinaryBuilder::visitLet [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037326 [ 4 ] Bug #2040105 - binaryen-105 is available https://bugzilla.redhat.com/show_bug.cgi?id=2040105 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-9d18d4159e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 24, 2022
•Low
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!