Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisoryfedoraupdateFedora 43 incus 6.23 Dependency Removed Advisory 2026-094b7621cf
Remove incus dependency from incus-agent. Update to 6.23. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-094b7621cf 2026-04-20 00:44:47.956847+00:00 -------------------------------------------------------------------------------- Name : incus Product : Fedora 43 Version : 6.23 Release : 3.fc43 URL : https://linuxcontainers.org/incus Summary : Powerful system container and virtual machine manager Description : Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon. -------------------------------------------------------------------------------- Update Information: Remove incus dependency from incus-agent. Update to 6.23 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Carl George - 6.23-3 - Remove incus dependency from incus-agent rhbz#2456888 * Mon Apr 6 2026 Reto Gantenbein - 6.23-2 - Fix static builds of vendored dependencies (RHBZ 2419661) * Mon Apr 6 2026 Reto Gantenbein - 6.23-1 - Update to 6.23 * Mon Mar 30 2026 Neal Gompa - 6.19.1-4 - Drop selinux subpackage in favor of container-selinux * Tue Feb 3 2026 Maxwell G - 6.19.1-3 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 6.19.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2412713 - CVE-2025-58183 incus: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412713 [ 2 ] Bug #2419345 - incus-6.23.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2419345 [ 3 ] Bug #2419661 - incus-agent must bestatically linked for VM exec to work https://bugzilla.redhat.com/show_bug.cgi?id=2419661 [ 4 ] Bug #2432455 - CVE-2026-23954 incus: container image templating arbitrary host file read and write [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2432455 [ 5 ] Bug #2432457 - CVE-2026-23953 incus: container environment configuration newline injection [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2432457 [ 6 ] Bug #2436657 - Incus VMs do not boot due to unknown audio driver https://bugzilla.redhat.com/show_bug.cgi?id=2436657 [ 7 ] Bug #2441179 - CVE-2025-69725 incus: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2441179 [ 8 ] Bug #2452042 - CVE-2026-33542 incus: Incus: Image cache poisoning due to insufficient image fingerprint validation [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452042 [ 9 ] Bug #2452044 - CVE-2026-33897 incus: Incus: Arbitrary file read/write as root via pongo2 template chroot bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452044 [ 10 ] Bug #2452046 - CVE-2026-33711 incus: Incus: Local privilege escalation or denial of service via predictable temporary file paths [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452046 [ 11 ] Bug #2452048 - CVE-2026-33743 incus: Incus: Denial of Service via specially crafted storage bucket backup [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452048 [ 12 ] Bug #2452106 - CVE-2026-33945 incus: Incus: Privilege escalation and denial of service via path traversal in systemd credential configuration [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2452106 [ 13 ] Bug #2456888 - Installing incus-agent installs the entire incus stack https://bugzilla.redhat.com/show_bug.cgi?id=2456888 -------------------------------------------------------------------------------- This update canbe installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-094b7621cf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 20, 2026
•Informational
Fedora
89
security advisoryfedorapatchFedora 43: Key Update on Dependency Management in openapi-python-client
add patch to remove dependency upper bound versions remove obsolete patches that updated upper bound versions clean up spec file formatting. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ce3d358bcc 2025-11-05 02:09:57.817582+00:00 -------------------------------------------------------------------------------- Name : openapi-python-client Product : Fedora 43 Version : 0.26.2 Release : 6.fc43 URL : https://github.com/openapi-generators/openapi-python-client Summary : Generate modern Python clients from OpenAPI Description : The openapi-python-client is a powerful tool designed to generate modern Python clients from OpenAPI 3.0+ documents supporting both synchronous and asynchronous HTTP requests. It automates the creation of Python classes and methods that correspond to the endpoints and schema defined in your OpenAPI specification, making it easier to interact with your API in a type-safe manner. -------------------------------------------------------------------------------- Update Information: add patch to remove dependency upper bound versions remove obsolete patches that updated upper bound versions clean up spec file formatting -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 26 2025 Do\u011fukan a\u011fatay - 0.26.2-6 - clean up spec file formatting - Separate `%generate_buildrequires` after %prep section - Consolidate %doc directives into single line - Remove %license directive (already handled by %pyproject_save_files -l) * Sun Oct 26 2025 Do\u011fukan a\u011fatay - 0.26.2-5 - add patch to remove dependency upper bound versions -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ce3d358bcc' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for Fedora 43 addressing important patch for openapi-python-client to improve dependency management and formatting.. Fedora 43, openapi-python-client, security advisory, package update, Python clients. . Severity: Important. LinuxSecurity.com Team
Nov 05, 2025
•Important
Fedora
100
security advisorysecurity patchsystem stabilitySUSE Leap 15.4-5: 2024:128 critical: cloud-init security patch
* bsc#1198269 * bsc#1201010 * bsc#1214169 * bsc#1215740 * bsc#1215794 . # Security update for cloud-init Announcement ID: SUSE-SU-2024:0128-1 Rating: moderate References: * bsc#1198269 * bsc#1201010 * bsc#1214169 * bsc#1215740 * bsc#1215794 * bsc#1216007 * bsc#1216011 Cross-References: * CVE-2023-1786 CVSS scores: * CVE-2023-1786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-1786 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP1 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.0 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.0 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.0 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability and has six security fixes can now be installed. ## Description: Thisupdate for cloud-init contains the following fixes: * Move fdupes call back to %install.(bsc#1214169) * Update to version 23.3. (bsc#1216011) * (bsc#1215794) * (bsc#1215740) * (bsc#1216007) * Bump pycloudlib to 1!5.1.0 for ec2 mantic daily image support (#4390) * Fix cc_keyboard in mantic (LP: #2030788) * ec2: initialize get_instance_userdata return value to bytes (#4387) [Noah Meyerhans] * cc_users_groups: Add doas/opendoas support (#4363) [dermotbradley] * Fix pip-managed ansible * status: treat SubState=running and MainPID=0 as service exited * azure/imds: increase read-timeout to 30s (#4372) [Chris Patterson] * collect-logs fix memory usage (SC-1590) (#4289) [Alec Warren] (LP: #1980150) * cc_mounts: Use fallocate to create swapfile on btrfs (#4369) * Undocument nocloud-net (#4318) * feat(akamai): add akamai to settings.py and apport.py (#4370) * read-version: fallback to get_version when git describe fails (#4366) * apt: fix cloud-init status --wait blocking on systemd v 253 (#4364) * integration tests: Pass username to pycloudlib (#4324) * Bump pycloudlib to 1!5.1.0 (#4353) * cloud.cfg.tmpl: reorganise, minimise/reduce duplication (#4272) [dermotbradley] * analyze: fix (unexpected) timestamp parsing (#4347) [Mina GaliÄ] * cc_growpart: fix tests to run on FreeBSD (#4351) [Mina GaliÄ] * subp: Fix spurious test failure on FreeBSD (#4355) [Mina GaliÄ] * cmd/clean: fix tests on non-Linux platforms (#4352) [Mina GaliÄ] * util: Fix get_proc_ppid() on non-Linux systems (#4348) [Mina GaliÄ] * cc_wireguard: make tests pass on FreeBSD (#4346) [Mina GaliÄ] * unittests: fix breakage in test_read_cfg_paths_fetches_cached_datasource (#4328) [Ani Sinha] * Fix test_tools.py collection (#4315) * cc_keyboard: add Alpine support (#4278) [dermotbradley] * Flake8 fixes (#4340) [Robert Schweikert] * cc_mounts: Fix swapfile not working on btrfs (#4319) [çç 饼] (LP: #1884127) * ds-identify/CloudStack: $DS_MAYBE if vmrunning on vmware/xen (#4281) [Wei Zhou] * ec2: Support double encoded userdata (#4275) [Noah Meyerhans] * cc_mounts: xfs is a Linux only FS (#4334) [Mina GaliÄ] * tests/net: fix TestGetInterfaces' mock coverage for get_master (#4336) [Chris Patterson] * change openEuler to openeuler and fix some bugs in openEuler (#4317) [sxt1001] * Replace flake8 with ruff (#4314) * NM renderer: set default IPv6 addr-gen-mode for all interfaces to eui64 (#4291) [Ani Sinha] * cc_ssh_import_id: add Alpine support and add doas support (#4277) [dermotbradley] * sudoers not idempotent (SC-1589) (#4296) [Alec Warren] (LP: #1998539) * Added support for Akamai Connected Cloud (formerly Linode) (#4167) [Will Smith] * Fix reference before assignment (#4292) * Overhaul module reference page (#4237) [Sally] * replaced spaces with commas for setting passenv (#4269) [Alec Warren] * DS VMware: modify a few log level (#4284) [PengpengSun] * tools/read-version refactors and unit tests (#4268) * Ensure get_features() grabs all features (#4285) * Don't always require passlib dependency (#4274) * tests: avoid leaks into host system checking of ovs-vsctl cmd (#4275) * Fix NoCloud kernel commandline key parsing (#4273) * testing: Clear all LRU caches after each test (#4249) * Remove the crypt dependency (#2139) [Gonéri Le Bouder] * logging: keep current file mode of log file if its stricter than the new mode (#4250) [Ani Sinha] * Remove default membership in redundant groups (#4258) [Dave Jones] (LP: #1923363) * doc: improve datasource_creation.rst (#4262) * Remove duplicate Integration testing button (#4261) [Rishita Shaw] * tools/read-version: fix the tool so that it can handle version parsing errors (#4234) [Ani Sinha] * net/dhcp: add udhcpc support (#4190) [Jean-François Roche] * DS VMware: add i386 arch dir to deployPkg plugin search path [PengpengSun] * LXD moved from linuxcontainers.org to Canonical [Simon Deziel] * cc_mounts.py: Add noteabout issue with creating mounts inside mounts (#4232) [dermotbradley] * lxd: install lxd from snap, not deb if absent in image * landscape: use landscape-config to write configuration * Add deprecation log during init of DataSourceDigitalOcean (#4194) [tyb- truth] * doc: fix typo on apt.primary.arches (#4238) [Dan Bungert] * Inspect systemd state for cloud-init status (#4230) * instance-data: add system-info and features to combined-cloud-config (#4224) * systemd: Block login until config stage completes (#2111) (LP: #2013403) * tests: proposed should invoke apt-get install -t= -proposed (#4235) * cloud.cfg.tmpl: reinstate ca_certs entry (#4236) [dermotbradley] * Remove feature flag override ability (#4228) * tests: drop stray unrelated file presence test (#4227) * Update LXD URL (#4223) [Sally] * schema: add network v1 schema definition and validation functions * tests: daily PPA for devel series is version 99.daily update tests to match (#4225) * instance-data: write /run/cloud-init/combined-cloud-config.json * mount parse: Fix matching non-existent directories (#4222) [Mina GaliÄ] * Specify build-system for pep517 (#4218) * Fix network v2 metric rendering (#4220) * Migrate content out of FAQ page (SD-1187) (#4205) [Sally] * setup: fix generation of init templates (#4209) [Mina GaliÄ] * docs: Correct some bootcmd example wording * fix changelog * tests: reboot client to assert x-shellscript-per-boot is triggered * nocloud: parse_cmdline no longer detects nocloud-net datasource (#4204) (LP: 4203, #2025180) * Add docstring and typing to mergemanydict (#4200) * BSD: add dsidentify to early startup scripts (#4182) [Mina GaliÄ] * handler: report errors on skipped merged cloud-config.txt parts (LP: #1999952) * Add cloud-init summit writeups (#4179) [Sally] * tests: Update test_clean_log for oci (#4187) * gce: improve ephemeral fallback NIC selection (CPC-2578) (#4163) * tests: pin pytest 7.3.1 to avoid adverse testpathsbehavior (#4184) * Ephemeral Networking for FreeBSD (#2165) [Mina GaliÄ] * Clarify directory syntax for nocloud local filesystem. (#4178) * Set default renderer as sysconfig for centos/rhel (#4165) [Ani Sinha] * Test static routes and netplan 0.106 * FreeBSD fix parsing of mount and mount options (#2146) [Mina GaliÄ] * test: add tracking bug id (#4164) * tests: can't match MAC for LXD container veth due to netplan 0.106 (#4162) * Add kaiwalyakoparkar as a contributor (#4156) [Kaiwalya Koparkar] * BSD: remove datasource_list from cloud.cfg template (#4159) [Mina GaliÄ] * launching salt-minion in masterless mode (#4110) [Denis Halturin] * tools: fix run-container builds for rockylinux/8 git hash mismatch (#4161) * fix doc lint: spellchecker tripped up (#4160) [Mina GaliÄ] * Support Ephemeral Networking for BSD (#2127) * Added / fixed support for static routes on OpenBSD and FreeBSD (#2157) [Kadir Mueller] * cc_rsyslog: Refactor for better multi-platform support (#4119) [Mina GaliÄ] (LP: #1798055) * tests: fix test_lp1835584 (#4154) * cloud.cfg mod names: docs and rename salt_minion and set_password (#4153) * vultr: remove check_route check (#2151) [Jonas Chevalier] * Update SECURITY.md (#4150) [Indrranil Pawar] * Update CONTRIBUTING.rst (#4149) [Indrranil Pawar] * Update .github-cla-signers (#4151) [Indrranil Pawar] * Standardise module names in cloud.cfg.tmpl to only use underscore (#4128) [dermotbradley] * Modify PR template so autoclose works From 23.2.2 * Fix NoCloud kernel commandline key parsing (#4273) (Fixes: #4271) (LP: #2028562) * Fix reference before assignment (#4292) (Fixes: #4288) (LP: #2028784) From 23.2.1 * nocloud: Fix parse_cmdline detection of nocloud-net datasource (#4204) (Fixes: 4203) (LP: #2025180) From 23.2 * BSD: simplify finding MBR partitions by removing duplicate code [Mina GaliÄ] * tests: bump pycloudlib version for mantic builds * network-manager: Set higher autoconnect priority for nmkeyfiles (#3671) [Ani Sinha] * alpine.py: change the locale file used (#4139) [dermotbradley] * cc_ntp: Sync up with current FreeBSD ntp.conf (#4122) [Mina GaliÄ] * config: drop refresh_rmc_and_interface as RHEL 7 no longer supported [Robert Schweikert] * docs: Add feedback button to docs * net/sysconfig: enable sysconfig renderer if network manager has ifcfg-rh plugin (#4132) [Ani Sinha] * For Alpine use os-release PRETTY_NAME (#4138) [dermotbradley] * network_manager: add a method for ipv6 static IP configuration (#4127) [Ani Sinha] * correct misnamed template file host.mariner.tmpl (#4124) [dermotbradley] * nm: generate ipv6 stateful dhcp config at par with sysconfig (#4115) [Ani Sinha] * Add templates for GitHub Issues * Add 'peers' and 'allow' directives in cc_ntp (#3124) [Jacob Salmela] * FreeBSD: Fix user account locking (#4114) [Mina GaliÄ] (GH: #1854594) * FreeBSD: add ResizeGrowFS class to cc_growpart (#2334) [Mina GaliÄ] * Update tests in Azure TestCanDevBeReformatted class (#2771) [Ksenija Stanojevic] * Replace Launchpad references with GitHub Issues * Fix KeyError in iproute pformat (#3287) [Dmitry Zykov] * schema: read_cfg_paths call init.fetch to lookup /v/l/c/instance * azure/errors: introduce reportable errors for imds (#3647) [Chris Patterson] * FreeBSD (and friends): better identify MBR slices (#2168) [Mina GaliÄ] (LP: #2016350) * azure/errors: add host reporting for dhcp errors (#2167) [Chris Patterson] * net: purge blacklist_drivers across net and azure (#2160) [Chris Patterson] * net: refactor hyper-v VF filtering and apply to get_interfaces() (#2153) [Chris Patterson] * tests: avoid leaks to underlying filesystem for /etc/cloud/clean.d (#2251) * net: refactor find_candidate_nics_on_linux() to use get_interfaces() (#2159) [Chris Patterson] * resolv_conf: Allow > 3 nameservers (#2152) [Major Hayden] * Remove mount NTFS error message (#2134) [Ksenija Stanojevic] * integration tests: fiximage specification parsing (#2166) * ci: add hypothesis scheduled GH check (#2149) * Move supported distros list to docs (#2162) * Fix logger, use instance rather than module function (#2163) * README: Point to Github Actions build status (#2158) * Revert "fix linux-specific code on bsd (#2143)" (#2161) * Do not generate dsa and ed25519 key types when crypto FIPS mode is enabled (#2142) [Ani Sinha] (LP: 2017761) * Add documentation label automatically (#2156) * sources/azure: report success to host and introduce kvp module (#2141) [Chris Patterson] * setup.py: use pkg-config for udev/rules path (#2137) [dankm] * openstack/static: honor the DNS servers associated with a network (#2138) [Gonéri Le Bouder] * fix linux-specific code on bsd (#2143) * cli: schema validation of jinja template user-data (SC-1385) (#2132) (LP: #1881925) * gce: activate network discovery on every boot (#2128) * tests: update integration test to assert 640 across reboots (#2145) * Make user/vendor data sensitive and remove log permissions (#2144) (LP: #2013967) * Update kernel command line docs (SC-1457) (#2133) * docs: update network configuration path links (#2140) [d1r3ct0r] * sources/azure: report failures to host via kvp (#2136) [Chris Patterson] * net: Document use of `ip route append` to add routes (#2130) * dhcp: Add missing mocks (#2135) * azure/imds: retry fetching metadata up to 300 seconds (#2121) [Chris Patterson] * [1/2] DHCP: Refactor dhcp client code (#2122) * azure/errors: treat traceback_base64 as string (#2131) [Chris Patterson] * azure/errors: introduce reportable errors (#2129) [Chris Patterson] * users: schema permit empty list to indicate create no users * azure: introduce identity module (#2116) [Chris Patterson] * Standardize disabling cloud-init on non-systemd (#2112) * Update .github-cla-signers (#2126) [Rob Tongue] * NoCloud: Use seedfrom protocol to determine mode (#2107) * rhel: Remove sysvinit files. (#2114) * tox.ini:set -vvvv --showlocals for pytest (#2104) [Chris Patterson] * Fix NoCloud kernel commandline semi-colon args * run-container: make the container/VM timeout configurable (#2118) [Paride Legovini] * suse: Remove sysvinit files. (#2115) * test: Backport assert_call_count for old requests (#2119) * Add "licebmi" as contributor (#2113) [Mark Martinez] * Adapt DataSourceScaleway to upcoming IPv6 support (#2033) [Louis Bouchard] * rhel: make sure previous-hostname file ends with a new line (#2108) [Ani Sinha] * Adding contributors for DataSourceAkamai (#2110) [acourdavAkamai] * Cleanup ephemeral IP routes on exception (#2100) [sxt1001] * commit 09a64badfb3f51b1b391fa29be19962381a4bbeb [sxt1001] (LP: #2011291) * Standardize kernel commandline user interface (#2093) * config/cc_resizefs: fix do_resize arguments (#2106) [Chris Patterson] * Fix test_dhclient_exits_with_error (#2105) * net/dhcp: catch dhclient failures and raise NoDHCPLeaseError (#2083) [Chris Patterson] * sources/azure: move pps handling out of _poll_imds() (#2075) [Chris Patterson] * tests: bump pycloudlib version (#2102) * schema: do not manipulate draft4 metaschema for jsonschema 2.6.0 (#2098) * sources/azure/imds: don't count timeout errors as connection errors (#2074) [Chris Patterson] * Fix Python 3.12 unit test failures (#2099) * integration tests: Refactor instance checking (#1989) * ci: migrate remaining jobs from travis to gh (#2085) * missing ending quote in instancedata docs(#2094) [Hong L] * refactor: stop passing log instances to cc_* handlers (#2016) [d1r3ct0r] * tests/vmware: fix test_no_data_access_method failure (#2092) [Chris Patterson] * Don't change permissions of netrules target (#2076) (LP: #2011783) * tests/sources: patch util.get_cmdline() for datasource tests (#2091) [Chris Patterson] * macs: ignore duplicate MAC for devs with driver driver qmi_wwan (#2090) (LP: #2008888) * Fedora: Enable CA handling (#2086) [FrantiÅ¡ek Zatloukal] * Senddhcp-client-identifier for InfiniBand ports (#2043) [Waleed Mousa] * cc_ansible: complete the examples and doc (#2082) [Yves] * bddeb: for dev package, derive debhelper-compat from host system * apport: only prompt for cloud_name when instance-data.json is absent * datasource: Optimize datasource detection, fix bugs (#2060) * Handle non existent ca-cert-config situation (#2073) [Shreenidhi Shedi] * sources/azure: add networking check for all source PPS (#2061) [Chris Patterson] * do not attempt dns resolution on ip addresses (#2040) * chore: fix style tip (#2071) * Fix metadata IP in instancedata.rst (#2063) [Brian Haley] * util: Pass deprecation schedule in deprecate_call() (#2064) * config: Update grub-dpkg docs (#2058) * docs: Cosmetic improvements and styling (#2057) [s-makin] * cc_grub_dpkg: Added UEFI support (#2029) [Alexander Birkner] * tests: Write to /var/spool/rsyslog to adhere to apparmor profile (#2059) * oracle-ds: prefer system_cfg over ds network config source (#1998) (LP: #1956788) * Remove dead code (#2038) * source: Force OpenStack when it is only option (#2045) (LP: #2008727) * cc_ubuntu_advantage: improve UA logs discovery * sources/azure: fix regressions in IMDS behavior (#2041) [Chris Patterson] * tests: fix test_schema (#2042) * dhcp: Cleanup unused kwarg (#2037) * sources/vmware/imc: fix-missing-catch-few-negtive-scenarios (#2027) [PengpengSun] * dhclient_hook: remove vestigal dhclient_hook command (#2015) * log: Add standardized deprecation tooling (SC-1312) (#2026) * Enable SUSE based distros for ca handling (#2036) [Robert Schweikert] From 23.1.2 * Make user/vendor data sensitive and remove log permissions (LP: #2013967) (CVE-2023-1786) * Remove six dependency (bsc#1198269) * Update to version 22.4 (bsc#1201010) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for yourproduct: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2024-128=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-128=1 * Public Cloud Module 15-SP1 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2024-128=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-128=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-128=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-128=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-128=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * cloud-init-doc-23.3-150100.8.71.1 * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cloud-init-doc-23.3-150100.8.71.1 * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 * Public Cloud Module 15-SP1 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.71.1 * cloud-init-config-suse-23.3-150100.8.71.1 ## References: * https://www.suse.com/security/cve/CVE-2023-1786.html * https://bugzilla.suse.com/show_bug.cgi?id=1198269 * https://bugzilla.suse.com/show_bug.cgi?id=1201010 * https://bugzilla.suse.com/show_bug.cgi?id=1214169 *https://bugzilla.suse.com/show_bug.cgi?id=1215740 * https://bugzilla.suse.com/show_bug.cgi?id=1215794 * https://bugzilla.suse.com/show_bug.cgi?id=1216007 * https://bugzilla.suse.com/show_bug.cgi?id=1216011 . SUSE releases a critical update for cloud-init, rectifying significant vulnerabilities and improving the overall efficiency of the system.. cloud-init update, openSUSE security patch, SUSE Linux advisory. . LinuxSecurity.com Team
Jan 17, 2024
SuSE
89
security advisorymoderateFedoraFedora 33: FEDORA-2020-64e54abd9f Moderate: Grafana SAML Dependency Removed
update to upstream 7.3.6 Note regarding CVE-2020-27846: SAML is not supported in the open source version of Grafana, however the dependency on crewjam/saml is also present in the open source version. This update removes this dependency altogether.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-64e54abd9f 2021-01-05 01:25:20.773355 --------------------------------------------------------------------------------Name : grafana Product : Fedora 33 Version : 7.3.6 Release : 1.fc33 URL : https://grafana.com/ Summary : Metrics dashboard and graph editor Description : Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. --------------------------------------------------------------------------------Update Information: update to upstream 7.3.6 Note regarding CVE-2020-27846: SAML is not supported in the open source version of Grafana, however the dependency on crewjam/saml is also present in the open source version. This update removes this dependency altogether. --------------------------------------------------------------------------------ChangeLog: * Mon Dec 21 2020 Andreas Gerstmayr 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML (not supported in the open source version of Grafana) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-64e54abd9f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 04, 2021
Fedora
89
security advisorymoderatefedoraFedora 32 Grafana 7.3.6 Moderate: SAML Dependency Removal Advisory
update to upstream 7.3.6 Note regarding CVE-2020-27846: SAML is not supported in the open source version of Grafana, however the dependency on crewjam/saml is also present in the open source version. This update removes this dependency altogether.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-968067abfa 2021-01-05 01:18:53.060756 --------------------------------------------------------------------------------Name : grafana Product : Fedora 32 Version : 7.3.6 Release : 1.fc32 URL : https://grafana.com/ Summary : Metrics dashboard and graph editor Description : Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. --------------------------------------------------------------------------------Update Information: update to upstream 7.3.6 Note regarding CVE-2020-27846: SAML is not supported in the open source version of Grafana, however the dependency on crewjam/saml is also present in the open source version. This update removes this dependency altogether. --------------------------------------------------------------------------------ChangeLog: * Mon Dec 21 2020 Andreas Gerstmayr 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML (not supported in the open source version of Grafana) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-968067abfa' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 04, 2021
•Important
Fedora
89
security advisoryFedorasecurity fixFedora 25: FEDORA-2017-f5ad4107cc moderate: fedpkg security fixes
**Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-f5ad4107cc 2017-11-24 22:08:20.089266 --------------------------------------------------------------------------------Name : fedpkg Product : Fedora 25 Version : 1.30 Release : 4.fc25 URL : https://pagure.io/fedpkg Summary : Fedora utility for working with dist-git Description : Provides the fedpkg command for working with dist-git --------------------------------------------------------------------------------Update Information: **Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container-build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't installbin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) --------------------------------------------------------------------------------References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 [ 2 ] Bug #1509322 - fedpkg > = 1.30-1 depends on bash-completion https://bugzilla.redhat.com/show_bug.cgi?id=1509322 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade fedpkg' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 24, 2017
•Important
Fedora
89
security advisoryfedorasoftware enhancementFedora Update: Resolves Issues and Enhances Functionality - 2017-11-23
**Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-ea72793352 2017-11-23 19:11:32.486230 --------------------------------------------------------------------------------Name : rpkg Product : Fedora 26 Version : 1.51 Release : 2.fc26 URL : https://pagure.io/rpkg Summary : Python library for interacting with rpm+git Description : Python library for interacting with rpm+git --------------------------------------------------------------------------------Update Information: **Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container-build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin andconfig files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) --------------------------------------------------------------------------------References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 [ 2 ] Bug #1509322 - fedpkg > = 1.30-1 depends on bash-completion https://bugzilla.redhat.com/show_bug.cgi?id=1509322 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade rpkg' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 23, 2017
•Informational
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!