Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 436
Alerts This Week
Warning Icon 1 436

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":2,"type":"x","order":3,"pct":66.67,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 4 articles for you...
89

Fedora 40: ICECAT 2025-bca38111fc critical: Use-After-Free issue

Rebuild with pregenerated cbindgen. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-bca38111fc 2025-04-30 01:59:13.913534+00:00 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 40 Version : 115.22.0 Release : 2.rh1.fc40 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: Rebuild with pregenerated cbindgen -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 20 2025 Antonio Trande - 2:115.22.0-2.rh1 - Upload regenerated built-in cbindgen * Fri Apr 4 2025 AntonioTrande - 2:115.22.0-1.rh1 - Release 115.22.0 * Tue Mar 4 2025 Antonio Trande - 2:115.21.0-1.rh1 - Release 115.21.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2357926 - CVE-2025-3416 icecat: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2357926 [ 2 ] Bug #2357938 - CVE-2025-3416 icecat: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2357938 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-bca38111fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . The newly released GNU IceCat update for Fedora 40 tackles serious security flaws while incorporating notable improvements.. GNU IceCat security, Fedora updates, browser vulnerabilities, IceCat enhancements, security fixes. . LinuxSecurity.com Team

Calendar%202 Apr 30, 2025 Fedora
89

Fedora 41: icecat 2025-883816b756 critical: use-after-free in rust-openssl

Rebuild with pregenerated cbindgen. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-883816b756 2025-04-30 01:36:38.945450+00:00 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 41 Version : 115.22.0 Release : 2.rh1.fc41 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: Rebuild with pregenerated cbindgen -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 20 2025 Antonio Trande - 2:115.22.0-2.rh1 - Upload regenerated built-incbindgen -------------------------------------------------------------------------------- References: [ 1 ] Bug #2357926 - CVE-2025-3416 icecat: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2357926 [ 2 ] Bug #2357938 - CVE-2025-3416 icecat: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2357938 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-883816b756' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Fedora 41 upgrade of IceCat addresses vulnerability issues, with fresh updates ready for user installation.. GNU IceCat, Fedora Update, security advisory, Linux browser, update instructions. . LinuxSecurity.com Team

Calendar%202 Apr 30, 2025 Fedora
89

Fedora 42: 2025-17f64d2c4d moderate: IceCat JavaScript Fix

Rebuild with pregenerated cbindgen. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-17f64d2c4d 2025-04-29 20:37:25.511152+00:00 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 42 Version : 115.22.0 Release : 2.rh1.fc42 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: Rebuild with pregenerated cbindgen -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 20 2025 Antonio Trande - 2:115.22.0-2.rh1 - Upload regenerated built-incbindgen -------------------------------------------------------------------------------- References: [ 1 ] Bug #2357926 - CVE-2025-3416 icecat: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2357926 [ 2 ] Bug #2357938 - CVE-2025-3416 icecat: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch` [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2357938 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-17f64d2c4d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . IceCat 115.22.0-2.rh1 for Fedora 42 enhances user protection against vulnerabilities in JavaScript through added security functionalities.. Fedora icecat security update JavaScript mitigation. . LinuxSecurity.com Team

Calendar%202 Apr 29, 2025 Fedora
89

Fedora 41: FEDORA-2024-ff0115e6ac critical: icecat security fixes

Fix CVE-2024-11693 CVE-2024-11697 CVE-2024-11692. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ff0115e6ac 2024-12-19 04:06:20.748106+00:00 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 41 Version : 115.18.0 Release : 2.rh2.fc41 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: Fix CVE-2024-11693 CVE-2024-11697 CVE-2024-11692 -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2024 Antonio Trande - 2:115.18.0-2.rh2 - Fix CVE-2024-11693 CVE-2024-11697CVE-2024-11692 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ff0115e6ac' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Addressing a range of CVE vulnerabilities in the icecat browser update for Fedora 41. Ensure your system's safety by updating now!. Fedora updates, icecat browser, JavaScript security, Fedora security, GNU IceCat. . LinuxSecurity.com Team

Calendar%202 Dec 19, 2024 Fedora
89

Fedora 40: FEDORA-2024-7f67755963 moderate: icecat JavaScript issues

Fix CVE-2024-11693 CVE-2024-11697 CVE-2024-11692. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-7f67755963 2024-12-19 03:59:44.539063+00:00 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 40 Version : 115.18.0 Release : 2.rh2.fc40 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: Fix CVE-2024-11693 CVE-2024-11697 CVE-2024-11692 -------------------------------------------------------------------------------- ChangeLog: * Sun Dec 8 2024 Antonio Trande - 2:115.18.0-2.rh2 - Fix CVE-2024-11693 CVE-2024-11697CVE-2024-11692 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7f67755963' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Fedora 40 introduces vital enhancements for Icecat, focusing on critical vulnerabilities in JavaScript. Discover the details behind these strengthened security measures.. Fedora icecat security update, browser network security, JavaScript threats mitigation. . LinuxSecurity.com Team

Calendar%202 Dec 19, 2024 Fedora
89

Fedora 39: 2023-035866b576 moderate: Icecat Denial Of Service

- Release 115.3.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-035866b576 2023-11-03 18:20:20.952309 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 39 Version : 115.3.1 Release : 7.rh2.fc39 URL : http://www.gnu.org/software/gnuzilla/ Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * HTTPS Everywhere HTTPS Everywhere is an extension that encrypts your communications with many major websites, making your browsing more secure. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: - Release 115.3.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 2 2023 Antonio Trande - 2:115.3.1-7.rh2 - Add missing installed files * Sun Oct 1 2023 Antonio Trande - 2:115.3.1-6.rh2 - Exclude manpage temporarily * Sun Oct 1 2023 Antonio Trande - 2:115.3.1-5.rh2 - Upload new source archive rh2 * Sat Sep 30 2023 Antonio Trande - 2:115.3.1-4.rh1 - Fix icecatview.html file * Sat Sep 30 2023 Antonio Trande - 2:115.3.1-3.rh1 - Fix filesfor processing MOZBUILD * Fri Sep 29 2023 Antonio Trande - 2:115.3.1-2.rh1 - Release 115.3.1 rh1| Fix clang path * Fri Sep 29 2023 Antonio Trande - 2:115.3.1-1.rh1 - Release 115.3.1 rh1| Epoch 2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2208177 - CVE-2023-26117 icecat: angularjs: Regular expression denial of service via the $resource service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208177 [ 2 ] Bug #2208185 - CVE-2023-26116 icecat: angularjs: Regular Expression Denial of Service via angular.copy() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208185 [ 3 ] Bug #2208195 - CVE-2023-26118 icecat: angularjs: Regular Expression Denial of Service via the element [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208195 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-035866b576' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Explore the Fedora 39 Icecat update with details on its security fixesand enhancements.. Fedora 39 Icecat Update, GNU Software Security, Network Security Enhancements. . LinuxSecurity.com Team

Calendar%202 Nov 03, 2023 Fedora
89

Fedora 38: FEDORA-2023-7342330743 Moderate: IceCat Regex Issues

- Release 115.3.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-7342330743 2023-10-18 01:45:22.977713 -------------------------------------------------------------------------------- Name : icecat Product : Fedora 38 Version : 115.3.1 Release : 7.rh2.fc38 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * HTTPS Everywhere HTTPS Everywhere is an extension that encrypts your communications with many major websites, making your browsing more secure. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. -------------------------------------------------------------------------------- Update Information: - Release 115.3.1 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 2 2023 Antonio Trande - 2:115.3.1-7.rh2 - Add missing installed files * Sun Oct 1 2023 Antonio Trande - 2:115.3.1-6.rh2 - Exclude manpage temporarily * Sun Oct 1 2023 Antonio Trande - 2:115.3.1-5.rh2 - Upload new source archive rh2 * Sat Sep 30 2023 Antonio Trande - 2:115.3.1-4.rh1 - Fix icecatview.html file * Sat Sep 30 2023 Antonio Trande - 2:115.3.1-3.rh1 - Fix files for processing MOZBUILD * Fri Sep29 2023 Antonio Trande - 2:115.3.1-2.rh1 - Release 115.3.1 rh1| Fix clang path * Fri Sep 29 2023 Antonio Trande - 2:115.3.1-1.rh1 - Release 115.3.1 rh1| Epoch 2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2208177 - CVE-2023-26117 icecat: angularjs: Regular expression denial of service via the $resource service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208177 [ 2 ] Bug #2208185 - CVE-2023-26116 icecat: angularjs: Regular Expression Denial of Service via angular.copy() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208185 [ 3 ] Bug #2208195 - CVE-2023-26118 icecat: angularjs: Regular Expression Denial of Service via the element [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208195 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-7342330743' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Ubuntu 23.04 introduces LibreOffice 7.5.1 with enhanced functionalities and numerous security patches.Key update highlights included!. Fedora Update, IceCat Browser, Security Issues. . LinuxSecurity.com Team

Calendar%202 Oct 18, 2023 Fedora
89

Fedora 36 Advisory: Icecat Critical Fix for Firefox 2022-42ea499a7d

This update provides the latest release of Firefox, with many bug fixes including critical security issues. It also includes updates to gcc and annobin which were necessary to build Firefox, with the following fixes: * fix up promoted SUBREG handling (#2045160, PR rtl-optimization/104839) * fix up check for asm goto (PR rtl-optimization/104777) * Upstream bugs. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-42ea499a7d 2022-03-17 18:37:10.061250 --------------------------------------------------------------------------------Name : icecat Product : Fedora 36 Version : 91.7.0 Release : 1.rh1.fc36 URL : Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. * HTTPS Everywhere HTTPS Everywhere is an extension that encrypts your communications with many major websites, making your browsing more secure. * ViewTube Watch videos from video sharing websites with extra options. * A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript. * A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup. --------------------------------------------------------------------------------Update Information: This update provides the latest release of Firefox, with many bug fixes including critical security issues. It also includes updates to gccand annobin which were necessary to build Firefox, with the following fixes: * fix up promoted SUBREG handling (#2045160, PR rtl-optimization/104839) * fix up check for asm goto (PR rtl-optimization/104777) * Upstream bugs () fixed: 70077, 79493, 80270, 84519, 87496, 88134, 90148, 91384, 96526, 99297, 99555, 99585, 100400, 100407, 100541, 100757, 101325, 101636, 101983, 102276, 102429, 103037, 103302, 103443, 103521, 103836, 103845, 103856, 103984, 104061, 104121, 104131, 104132, 104133, 104154, 104208, 104381, 104430, 104434, 104489, 104529, 104533, 104540, 104550, 104552, 104558, 104573, 104589, 104601, 104602, 104618, 104619, 104627, 104633, 104637, 104644, 104648, 104656, 104659, 104664, 104667, 104674, 104675, 104676, 104677, 104679, 104681, 104682, 104686, 104687, 104698, 104700, 104704, 104715, 104716, 104721, 104724, 104725, 104726, 104727, 104728, 104730, 104732, 104736, 104748, 104757, 104758, 104761, 104775, 104779, 104781, 104782, 104784, 104791, 104794, 104797, 104807, 104825, 104838 --------------------------------------------------------------------------------ChangeLog: * Tue Mar 8 2022 Antonio Trande - 91.7.0-1.rh1 - Release 91.7.0 * Sun Mar 6 2022 Antonio Trande - 91.6.1-1.rh1 - Release 91.6.1 * Fri Feb 18 2022 Antonio Trande - 91.6.0-2.rh1 - Patched for GCC-12 * Tue Feb 15 2022 Antonio Trande - 91.6.0-1.rh1 - Release 91.6.0 * Sat Feb 5 2022 Jiri Vanek - 91.5.0-4.rh1 - Rebuilt for java-17-openjdk as system jdk * Tue Jan 25 2022 Parag Nemade - 91.5.0-3.rh1 - Update hunspell directory path F36 Change https://fedoraproject.org/wiki/Changes/Hunspell_dictionary_dir_change * Thu Jan 20 2022 Fedora Release Engineering - 91.5.0-2.rh1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2045160 - Cython: FTBFS in Fedora rawhide/f36 ppc64le https://bugzilla.redhat.com/show_bug.cgi?id=2045160 [ 2 ] Bug #2045380 -firefox: FTBFS in Fedora rawhide/f36 https://bugzilla.redhat.com/show_bug.cgi?id=2045380 [ 3 ] Bug #2045404 - game-music-emu: FTBFS in Fedora rawhide/f36 https://bugzilla.redhat.com/show_bug.cgi?id=2045404 [ 4 ] Bug #2056613 - gcc-12.0.1-0.8.fc36 gives wrong -Wdangling-pointer warnings related to `for(;;)` https://bugzilla.redhat.com/show_bug.cgi?id=2056613 [ 5 ] Bug #2057193 - f36 composes still have firefox 96, f34 f35 have firefox 97 https://bugzilla.redhat.com/show_bug.cgi?id=2057193 [ 6 ] Bug #2057492 - internal compiler error by kstars build with gcc-12.0.1-0.8.fc37.ppc64le https://bugzilla.redhat.com/show_bug.cgi?id=2057492 [ 7 ] Bug #2060755 - Firefox: GCC 12 linking error https://bugzilla.redhat.com/show_bug.cgi?id=2060755 [ 8 ] Bug #2063961 - Fedora ARM - Firefox fails to open on aarch64 Workstation https://bugzilla.redhat.com/show_bug.cgi?id=2063961 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-42ea499a7d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list,report it: https://pagure.io/fedora-infrastructure . The latest icecat update on Fedora 36 brings significant security enhancements by incorporating Firefox patches, effectively resolving critical vulnerabilities and bugs.. Fedora Icecat Update, Firefox Security Fix, Software Patch, Critical Update, Open Source Security. . LinuxSecurity.com Team

Calendar%202 Mar 17, 2022 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":2,"type":"x","order":3,"pct":66.67,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200