Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 224 articles for you...
100
security advisorymoderateSuSESUSE Linux 15 SP7 Avahi Moderate Crash Risk Advisory SUSE-SU-2026-1441-1
An update that solves one vulnerability can now be installed.. # Security update for avahi Announcement ID: SUSE-SU-2026:1441-1 Release Date: 2026-04-17T14:18:38Z Rating: moderate References: * bsc#1257235 Cross-References: * CVE-2026-24401 CVSS scores: * CVE-2026-24401 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-24401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-24401 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for avahi fixes the following issue: * CVE-2026-24401: avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record (bsc#1257235). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1441=1 openSUSE-SLE-15.6-2026-1441=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1441=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1441=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1441=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libavahi-glib-devel-0.8-150600.15.15.1 * avahi-qt5-debugsource-0.8-150600.15.15.1 * libavahi-common3-debuginfo-0.8-150600.15.15.1 *libavahi-glib1-debuginfo-0.8-150600.15.15.1 * python3-avahi-gtk-0.8-150600.15.15.1 * avahi-0.8-150600.15.15.1 * libdns_sd-0.8-150600.15.15.1 * avahi-utils-debuginfo-0.8-150600.15.15.1 * libavahi-qt5-1-0.8-150600.15.15.1 * libavahi-libevent1-debuginfo-0.8-150600.15.15.1 * avahi-utils-gtk-0.8-150600.15.15.1 * avahi-debugsource-0.8-150600.15.15.1 * libavahi-gobject0-0.8-150600.15.15.1 * avahi-compat-howl-devel-0.8-150600.15.15.1 * libhowl0-0.8-150600.15.15.1 * avahi-autoipd-0.8-150600.15.15.1 * python3-avahi-0.8-150600.15.15.1 * libavahi-libevent1-0.8-150600.15.15.1 * libavahi-qt5-1-debuginfo-0.8-150600.15.15.1 * libavahi-qt5-devel-0.8-150600.15.15.1 * libavahi-ui-gtk3-0-0.8-150600.15.15.1 * libavahi-common3-0.8-150600.15.15.1 * typelib-1_0-Avahi-0_6-0.8-150600.15.15.1 * libavahi-client3-0.8-150600.15.15.1 * avahi-utils-gtk-debuginfo-0.8-150600.15.15.1 * avahi-utils-0.8-150600.15.15.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150600.15.15.1 * avahi-autoipd-debuginfo-0.8-150600.15.15.1 * libdns_sd-debuginfo-0.8-150600.15.15.1 * libavahi-glib1-0.8-150600.15.15.1 * libavahi-gobject0-debuginfo-0.8-150600.15.15.1 * avahi-compat-mDNSResponder-devel-0.8-150600.15.15.1 * libavahi-core7-0.8-150600.15.15.1 * avahi-glib2-debugsource-0.8-150600.15.15.1 * libavahi-core7-debuginfo-0.8-150600.15.15.1 * libavahi-client3-debuginfo-0.8-150600.15.15.1 * libavahi-devel-0.8-150600.15.15.1 * libavahi-gobject-devel-0.8-150600.15.15.1 * libhowl0-debuginfo-0.8-150600.15.15.1 * avahi-debuginfo-0.8-150600.15.15.1 * openSUSE Leap 15.6 (x86_64) * libavahi-glib1-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-common3-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-client3-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-client3-32bit-0.8-150600.15.15.1 * avahi-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-common3-32bit-0.8-150600.15.15.1 * libdns_sd-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-glib1-32bit-0.8-150600.15.15.1 * libdns_sd-32bit-0.8-150600.15.15.1 * openSUSE Leap 15.6 (noarch) * avahi-lang-0.8-150600.15.15.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libavahi-glib1-64bit-0.8-150600.15.15.1 * avahi-64bit-debuginfo-0.8-150600.15.15.1 * libavahi-glib1-64bit-debuginfo-0.8-150600.15.15.1 * libavahi-client3-64bit-debuginfo-0.8-150600.15.15.1 * libavahi-client3-64bit-0.8-150600.15.15.1 * libdns_sd-64bit-0.8-150600.15.15.1 * libdns_sd-64bit-debuginfo-0.8-150600.15.15.1 * libavahi-common3-64bit-debuginfo-0.8-150600.15.15.1 * libavahi-common3-64bit-0.8-150600.15.15.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libavahi-glib-devel-0.8-150600.15.15.1 * libavahi-common3-debuginfo-0.8-150600.15.15.1 * libavahi-glib1-debuginfo-0.8-150600.15.15.1 * avahi-0.8-150600.15.15.1 * libdns_sd-0.8-150600.15.15.1 * avahi-utils-debuginfo-0.8-150600.15.15.1 * libavahi-libevent1-debuginfo-0.8-150600.15.15.1 * libavahi-gobject0-0.8-150600.15.15.1 * avahi-debugsource-0.8-150600.15.15.1 * avahi-compat-howl-devel-0.8-150600.15.15.1 * libhowl0-0.8-150600.15.15.1 * libavahi-libevent1-0.8-150600.15.15.1 * libavahi-ui-gtk3-0-0.8-150600.15.15.1 * libavahi-common3-0.8-150600.15.15.1 * typelib-1_0-Avahi-0_6-0.8-150600.15.15.1 * libavahi-client3-0.8-150600.15.15.1 * avahi-utils-0.8-150600.15.15.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150600.15.15.1 * libdns_sd-debuginfo-0.8-150600.15.15.1 * libavahi-glib1-0.8-150600.15.15.1 * libavahi-gobject0-debuginfo-0.8-150600.15.15.1 * avahi-compat-mDNSResponder-devel-0.8-150600.15.15.1 * libavahi-core7-0.8-150600.15.15.1 * avahi-glib2-debugsource-0.8-150600.15.15.1 * libavahi-core7-debuginfo-0.8-150600.15.15.1 * libavahi-client3-debuginfo-0.8-150600.15.15.1 * libavahi-devel-0.8-150600.15.15.1 * libhowl0-debuginfo-0.8-150600.15.15.1 * avahi-debuginfo-0.8-150600.15.15.1 * Basesystem Module 15-SP7 (noarch) * avahi-lang-0.8-150600.15.15.1 * Basesystem Module 15-SP7 (x86_64) * libavahi-common3-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-client3-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-client3-32bit-0.8-150600.15.15.1 * avahi-32bit-debuginfo-0.8-150600.15.15.1 * libavahi-common3-32bit-0.8-150600.15.15.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * avahi-glib2-debugsource-0.8-150600.15.15.1 * avahi-autoipd-0.8-150600.15.15.1 * libavahi-gobject-devel-0.8-150600.15.15.1 * avahi-utils-gtk-debuginfo-0.8-150600.15.15.1 * avahi-debuginfo-0.8-150600.15.15.1 * avahi-autoipd-debuginfo-0.8-150600.15.15.1 * avahi-utils-gtk-0.8-150600.15.15.1 * avahi-debugsource-0.8-150600.15.15.1 * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.8-150600.15.15.1 * python3-avahi-0.8-150600.15.15.1 * avahi-debuginfo-0.8-150600.15.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24401.html * https://bugzilla.suse.com/show_bug.cgi?id=1257235 . Update for avahi resolves a moderate issue with potential remote access crashes via unsolicited responses.. SUSE, Avahi, Security Update, Remote Access, CVE-2026-24401. . LinuxSecurity.com Team
Apr 17, 2026
SuSE
202
security advisorysecurity issuesegmentation faultopenSUSE Backports SLE-15-SP7 micropython Vulnerability 2026-0050-1
An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for micropython ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0050-1 Rating: low References: #1257803 Cross-References: CVE-2025-59438 CVE-2026-1998 CVSS scores: CVE-2025-59438 (SUSE): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for micropython fixes the following issues: - CVE-2026-1998: Fixed a segmentation fault in 'mp_map_lookup' via 'mp_import_all' (boo#1257803) - Version 1.26.1 * esp32: update esp_tinyusb component to v1.7.6 * tools: add an environment variable MICROPY_MAINTAINER_BUILD * esp32: add IDF Component Lockfiles to git repo * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev - Fix building on single core systems * Skip tests/thread/stress_schedule.py when single core system detected - Build with mbedtls-3.6.5 instead of bundled 3.6.2 to fix CVE-2025-59438 - Version 1.26.0 * Added machine.I2CTarget for creating I2C target devices on multiple ports. * New MCU support: STM32N6xx (800 MHz, ML accel) and ESP32-C2 (WiFi + BLE). * Major float accuracy boost (~28% ~98%), constant folding in compiler. * Optimized native/Viper emitters; reduced heap use for slices. * Time functions standardized (1970 2099); new boards across ESP32, SAMD, STM32, Zephyr. * ESP32: ESP-IDF 5.4.2, flash auto-detect, PCNT class, LAN8670 PHY. * RP2: compressed errors, better lightsleep, hardIRQ timers. * Zephyr v4.0.0: PWM, SoftI2C/SPI, BLE runtime services, boot.py/main.py support. * mpremote adds fs tree, improved df, portable config paths. * Updated lwIP, LittleFS, libhydrogen, stm32lib; expanded hardware/CI tests. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-50=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 x86_64): micropython-1.26.1-bp157.5.1 mpy-tools-1.26.1-bp157.5.1 - openSUSE Backports SLE-15-SP7 (noarch): mpremote-1.26.1-bp157.5.1 References: https://www.suse.com/security/cve/CVE-2025-59438.html https://www.suse.com/security/cve/CVE-2026-1998.html https://bugzilla.suse.com/1257803 . Update for micropython resolves two identified issues in openSUSE 15, advising installation of security patches.. openSUSE micropython update low severity security patch CVE-2025-59438. . Severity: Low. LinuxSecurity.com Team
Feb 15, 2026
•Low
OpenSUSE
100
security advisorymoderateSuSESUSE Linux Micro iperf Moderate Fix for Segmentation Fault 2024-53580
An update that solves one vulnerability can now be installed.. # Security update for iperf Announcement ID: SUSE-SU-2026:20295-1 Release Date: 2025-04-22T14:08:15Z Rating: moderate References: * bsc#1234705 Cross-References: * CVE-2024-53580 CVSS scores: * CVE-2024-53580 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53580 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53580 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for iperf fixes the following issues: Update to 3.18 (bsc#1234705, CVE-2024-53580): * SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. (CVE-2024-53580) This has now been fixed. (PR#1810) * UDP packets per second now reports the correct number of packets, by reporting NET_SOFTERROR if there's a EAGAIN/EINTR errno if no data was sent (#1367/PR#1379). * Several segmentation faults related to threading were fixed. One where `pthread_cancel` was called on an improperly initialized thread (#1801), another where threads were being recycled (#1760/PR#1761), and another where threads were improperly handling signals (#1750/PR#1752). * A segmentation fault from calling `freeaddrinfo` with `NULL` was fixed (PR#1755). * Some JSON options were fixed, including checking the size for `json_read` (PR#1709), but the size limit was removed for received server output (PR#1779). * A rcv-timeout error has been fixed. The Nread timeout was hardcoded and timed out before the `--rcv-timeout` option * There is no longer a limit on the omit time period * Fixed an output crash under 32-bit big-endian systems * An issue was fixed where CPU utilization was unexpectedly highduring limited baud rate tests. The `--pacing-timer` option was removed, but it is still available in the library * Add SCTP information to `--json` output and fixed compile error when SCTP is not supported (#1731). * `--fq-rate` was changed from a uint to a uint64 to allow pacing above 32G. Not yet tested on big-endian systems * Build with OpenSSL for key based authentication support ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-296=1 ## Package List: * SUSE Linux Micro Extras 6.0 (aarch64 ppc64le s390x x86_64) * libiperf0-debuginfo-3.18-1.1 * iperf-debugsource-3.18-1.1 * libiperf0-3.18-1.1 * iperf-debuginfo-3.18-1.1 * iperf-3.18-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53580.html * https://bugzilla.suse.com/show_bug.cgi?id=1234705 . Mitigate the JSON security flaw in iperf with this crucial SUSE update. Ensure system reliability and performance improvements.. iperf update,SUSE patch,security flaw resolution,network performance fix,SUSE Linux Micro. . LinuxSecurity.com Team
Feb 13, 2026
SuSE
202
security advisorybug fixsegmentation faultopenSUSE MicroPython Minor Crash Warning for version 2026-20199-2
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for micropython ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20199-1 Rating: low References: * bsc#1257803 Cross-References: * CVE-2026-1998 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for micropython fixes the following issues: Changes in micropython: - CVE-2026-1998: Fixed segmentation fault in `mp_map_lookup` via `mp_import_all` (bsc#1257803). - Version 1.26.1 * esp32: update esp_tinyusb component to v1.7.6 * tools: add an environment variable MICROPY_MAINTAINER_BUILD * esp32: add IDF Component Lockfiles to git repo * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev - Fix building on single core systems * Skip tests/thread/stress_schedule.py when single core system detected Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-122=1 Package List: - openSUSE Leap 16.0: micropython-1.26.1-bp160.1.1 mpremote-1.26.1-bp160.1.1 mpy-tools-1.26.1-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-1998.html . Install the latest openSUSE micropython update to resolve a segmentation fault issue and improve stability for users.. openSUSE, Micropython, Patch Update. . Severity: Low. LinuxSecurity.com Team
Feb 12, 2026
•Low
OpenSUSE
197
security advisorydebianmemory corruptionDebian 11: DLA-4443-1 DCMTK Important MemCorruption SegFault CVE-2025-14607
Two vulnerabilities have been addressed in DCMTK, a collection of libraries and applications implementing large parts of the DICOM standard for medical images. CVE-2025-14607 Possible memory corruption caused by illegal attributes in datasets which. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4443-1
Jan 19, 2026
•Important
Debian LTS
202
security advisorymoderatememory corruptionopenSUSE: dcmtk Moderate Memory Issues Segmentation Faults 2026:0005-1
An update that solves two vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for dcmtk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0005-1 Rating: moderate References: #1254123 #1255292 #1255464 Cross-References: CVE-2025-14607 CVE-2025-14841 Affected Products: openSUSE Backports SLE-15-SP6 openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for dcmtk fixes the following issues: - Update to 3.7.0. See docs/CHANGES.370 for the full list of changes * CVE-2025-14841: invalid messages may trigger a segmentation fault due to a NULL pointer dereference (boo#1255292). * CVE-2025-14607: manipulation to component dcmdata could lead to memory corruption (boo#1255464). - Avoid unnecessary dependencies (boo#1254123): Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-5=1 - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2026-5=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): dcmtk-3.7.0-bp157.3.6.1 dcmtk-debuginfo-3.7.0-bp157.3.6.1 dcmtk-debugsource-3.7.0-bp157.3.6.1 dcmtk-devel-3.7.0-bp157.3.6.1 libdcmtk20-3.7.0-bp157.3.6.1 libdcmtk20-debuginfo-3.7.0-bp157.3.6.1 - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): dcmtk-3.7.0-bp156.4.15.1 dcmtk-devel-3.7.0-bp156.4.15.1 libdcmtk20-3.7.0-bp156.4.15.1 References: https://www.suse.com/security/cve/CVE-2025-14607.html https://www.suse.com/security/cve/CVE-2025-14841.html https://bugzilla.suse.com/1254123 https://bugzilla.suse.com/1255292 https://bugzilla.suse.com/1255464 . An openSUSE Security Update for dcmtk addressing two vulnerabilities that could lead to memory issues and crashes.. openSUSE Security,dcmtool update,moderate risk,backports SLE. . LinuxSecurity.com Team
Jan 09, 2026
OpenSUSE
203
security advisorydenial of serviceimportantMageia 9: Transfig Important CVE-2025-46397 Segfault Risks MGASA-2025-0253
MGASA-2025-0253 - Updated transfig packages fix security vulnerabilities. MGASA-2025-0253 - Updated transfig packages fix security vulnerabilities Publication date: 31 Oct 2025 URL: https://advisories.mageia.org/MGASA-2025-0253.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-46397, CVE-2025-46398, CVE-2025-46399, CVE-2025-46400 Description: fig2dev stack-overflow. (CVE-2025-46397) fig2dev stack-overflow via read_objects. (CVE-2025-46398) fig2dev segmentation fault vulnerability. (CVE-2025-46399) fig2dev segmentation fault in read_arcobject. (CVE-2025-46400) References: - https://bugs.mageia.org/show_bug.cgi?id=34309 - - https://www.cve.org/CVERecord?id=CVE-2025-46397 - https://www.cve.org/CVERecord?id=CVE-2025-46398 - https://www.cve.org/CVERecord?id=CVE-2025-46399 - https://www.cve.org/CVERecord?id=CVE-2025-46400 SRPMS: - 9/core/transfig-3.2.9a-1.1.mga9 . Updated transfig packages in Mageia address multiple security threats, including stack overflow and segfault vulnerabilities.. Mageia Transfig Security, Stack Overflow Fix, Segmentation Fault Vulnerability. . Severity: Important. LinuxSecurity.com Team
Nov 01, 2025
•Important
Mageia
89
security advisoryfedorasegmentation faultFedora 41: Critical Performance Fixes for mingw-exiv2 CVE-2025-54080
Update to exiv2-0.28.7, fixes CVE-2025-54080 and CVE-2025-55304.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-e5ab9a2288 2025-10-22 01:31:30.739329+00:00 -------------------------------------------------------------------------------- Name : mingw-exiv2 Product : Fedora 41 Version : 0.28.7 Release : 1.fc41 URL : https://exiv2.org/ Summary : MinGW Windows exiv2 library Description : MinGW Windows exiv2 library. -------------------------------------------------------------------------------- Update Information: Update to exiv2-0.28.7, fixes CVE-2025-54080 and CVE-2025-55304. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 2 2025 Sandro Mani - 0.28.7-1 - Update to 0.28.7 * Fri Aug 29 2025 Sandro Mani - 0.28.6-1 - Update to 0.28.6 * Thu Jul 24 2025 Fedora Release Engineering - 0.28.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Sun Mar 23 2025 Sandro Mani - 0.28.5-1 - Update to 0.28.5 * Sat Mar 22 2025 Sandro Mani - 0.27.7-3 - Rebuild * Fri Jan 17 2025 Fedora Release Engineering - 0.27.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2391816 - CVE-2025-54080 mingw-exiv2: Exiv2 Segmentation Faults [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2391816 [ 2 ] Bug #2391837 - CVE-2025-55304 mingw-exiv2: Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2391837 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e5ab9a2288' at the command line. For more information, refer to the dnf documentationavailable at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 22, 2025
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!