Explore top 10 tips to secure your open-source projects now. Read More
×
A few fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-510a78f439 2025-05-25 02:12:06.542038+00:00 -------------------------------------------------------------------------------- Name : vyper Product : Fedora 41 Version : 0.4.1 Release : 4.fc41 URL : https://vyperlang.org Summary : Pythonic Smart Contract Language for the EVM Description : Pythonic Smart Contract Language for the EVM. -------------------------------------------------------------------------------- Update Information: A few fixes -------------------------------------------------------------------------------- ChangeLog: * Fri May 16 2025 Peter Lemenkov - 0.4.1-4 - Address two issues * Thu Apr 24 2025 Romain Geissler - 0.4.1-3 - Relax asttokens version dependency. * Mon Mar 31 2025 Peter Lemenkov - 0.4.1-2 - F41+: Use the provisional declarative buildsystem -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366718 - CVE-2025-47774 vyper: Vyper: Slice Length Zero Side-Effect Elision [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366718 [ 2 ] Bug #2366719 - CVE-2025-47774 vyper: Vyper: Slice Length Zero Side-Effect Elision [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366719 [ 3 ] Bug #2366742 - CVE-2025-47285 vyper: Vyper: Zero-Length Bytestring Side-Effect Skipping [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366742 [ 4 ] Bug #2366743 - CVE-2025-47285 vyper: Vyper: Zero-Length Bytestring Side-Effect Skipping [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366743 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-510a78f439' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
* bsc#1229079 * bsc#1229104 * bsc#1231497 * bsc#1231568 * bsc#1231759 . # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-202501:15288-1 Release Date: 2025-02-14T07:19:41Z Rating: moderate References: * bsc#1229079 * bsc#1229104 * bsc#1231497 * bsc#1231568 * bsc#1231759 * bsc#1232575 * bsc#1232769 * bsc#1232817 * bsc#1233202 * bsc#1233279 * bsc#1233630 * bsc#1233660 * bsc#1234123 * jsc#MSQA-914 Cross-References: * CVE-2024-22037 CVSS scores: * CVE-2024-22037 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22037 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Ubuntu 24.04 2404 An update that solves one vulnerability, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: spacecmd was updated to version 5.0.11-0: * Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 * IsInstalled function fix * Run systemctl daemon-reload after changing the container image config (bsc#1233279) * Coco-replicas-upgrade * Persist search server indexes (bsc#1231759) * Sync deletes files during migration (bsc#1233660) * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079) * Add --registry back to mgrpxy (bsc#1233202) * Only add java.hostname on migrated server if notpresent * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104) * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630) * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123) * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Use the uyuni network for all podman containers (bsc#1232817) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 24.04 2404 zypper in -t patch suse-ubu244ct-client-tools-202501-15288=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 24.04 2404 (all) * mgrctl-bash-completion-0.1.28-2.6.2 * mgrctl-fish-completion-0.1.28-2.6.2 * spacecmd-5.0.11-2.6.1 * mgrctl-zsh-completion-0.1.28-2.6.2 * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64) * mgrctl-0.1.28-2.6.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22037.html * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229104 * https://bugzilla.suse.com/show_bug.cgi?id=1231497 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1231759 * https://bugzilla.suse.com/show_bug.cgi?id=1232575 * https://bugzilla.suse.com/show_bug.cgi?id=1232769 * https://bugzilla.suse.com/show_bug.cgi?id=1232817 * https://bugzilla.suse.com/show_bug.cgi?id=1233202 * https://bugzilla.suse.com/show_bug.cgi?id=1233279 * https://bugzilla.suse.com/show_bug.cgi?id=1233630 * https://bugzilla.suse.com/show_bug.cgi?id=1233660 *https://bugzilla.suse.com/show_bug.cgi?id=1234123 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FMSQA-914&page_caps=&user_role= . SUSE Manager Client Tools security bulletin issued, addressing a fix for a specific vulnerability revealed on March 10, 2026.. SUSE Manager Update, Client Tools Security, Linux Patch Management, SUSE Security Advisory. . LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-8838 http://linux.oracle.com/errata/ELSA-2024-8838.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: python3.11-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-3.11.10-1.0.1.el8_10.i686.rpm python3.11-devel-3.11.10-1.0.1.el8_10.i686.rpm python3.11-devel-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-libs-3.11.10-1.0.1.el8_10.i686.rpm python3.11-libs-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-rpm-macros-3.11.10-1.0.1.el8_10.noarch.rpm python3.11-tkinter-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-debug-3.11.10-1.0.1.el8_10.i686.rpm python3.11-debug-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-idle-3.11.10-1.0.1.el8_10.i686.rpm python3.11-idle-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-test-3.11.10-1.0.1.el8_10.i686.rpm python3.11-test-3.11.10-1.0.1.el8_10.x86_64.rpm python3.11-tkinter-3.11.10-1.0.1.el8_10.i686.rpm aarch64: python3.11-3.11.10-1.0.1.el8_10.aarch64.rpm python3.11-devel-3.11.10-1.0.1.el8_10.aarch64.rpm python3.11-libs-3.11.10-1.0.1.el8_10.aarch64.rpm python3.11-rpm-macros-3.11.10-1.0.1.el8_10.noarch.rpm python3.11-tkinter-3.11.10-1.0.1.el8_10.aarch64.rpm python3.11-debug-3.11.10-1.0.1.el8_10.aarch64.rpm python3.11-idle-3.11.10-1.0.1.el8_10.aarch64.rpm python3.11-test-3.11.10-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//python3.11-3.11.10-1.0.1.el8_10.src.rpm Related CVEs: CVE-2024-6232 Description of changes: [3.11.10-1.0.1] - Update rpm-macros description [Orabug: 36024572] [3.11.10-1] - Update to 3.11.10 Resolves: RHEL-57400 _______________________________________________ El-errata mailing list
* bsc#1228256 * bsc#1228257 * bsc#1228258 Cross-References: . # Security update for bind Announcement ID: SUSE-SU-2024:2862-1 Rating: important References: * bsc#1228256 * bsc#1228257 * bsc#1228258 Cross-References: * CVE-2024-1737 * CVE-2024-1975 * CVE-2024-4076 CVSS scores: * CVE-2024-1737 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-1975 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4076 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: Update to 9.16.50: * Bug Fixes: * A regression in cache-cleaning code enabled memory use to grow significantly more quickly than before, until the configured max-cache-size limit was reached. This has been fixed. * Using rndc flush inadvertently caused cache cleaning to become less effective. This could ultimately lead to the configured max-cache-size limit being exceeded and has now been fixed. * The logic for cleaning up expired cached DNS records was tweaked to be more aggressive. This change helps with enforcing max-cache-ttl and max-ncache- ttl in a timely manner. * It was possible to trigger a use-after-free assertion when the overmem cache cleaning was initiated. This has been fixed. New Features: * Added RESOLVER.ARPA to the built in empty zones. * Security Fixes: * It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowingdown database processing. This has been addressed by adding a configurable limit to the number of records that can be stored per name and type in a cache or zone database. The default is 100, which can be tuned with the new max-types-per- name option. (CVE-2024-1737, bsc#1228256) * Validating DNS messages signed using the SIG(0) protocol (RFC 2931) could cause excessive CPU load, leading to a denial-of-service condition. Support for SIG(0) message validation was removed from this version of named. (CVE-2024-1975, bsc#1228257) * When looking up the NS records of parent zones as part of looking up DS records, it was possible for named to trigger an assertion failure if serve- stale was enabled. This has been fixed. (CVE-2024-4076, bsc#1228258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2862=1 openSUSE-SLE-15.5-2024-2862=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2862=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2862=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2862=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * bind-debuginfo-9.16.50-150500.8.21.1 * bind-debugsource-9.16.50-150500.8.21.1 * bind-utils-9.16.50-150500.8.21.1 * bind-9.16.50-150500.8.21.1 * bind-utils-debuginfo-9.16.50-150500.8.21.1 * openSUSE Leap 15.5 (noarch) * bind-doc-9.16.50-150500.8.21.1 * python3-bind-9.16.50-150500.8.21.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * bind-utils-9.16.50-150500.8.21.1 * bind-utils-debuginfo-9.16.50-150500.8.21.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-bind-9.16.50-150500.8.21.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * bind-debugsource-9.16.50-150500.8.21.1 * bind-debuginfo-9.16.50-150500.8.21.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bind-debugsource-9.16.50-150500.8.21.1 * bind-utils-9.16.50-150500.8.21.1 * bind-utils-debuginfo-9.16.50-150500.8.21.1 * bind-debuginfo-9.16.50-150500.8.21.1 * Basesystem Module 15-SP5 (noarch) * python3-bind-9.16.50-150500.8.21.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bind-debugsource-9.16.50-150500.8.21.1 * bind-9.16.50-150500.8.21.1 * bind-debuginfo-9.16.50-150500.8.21.1 * Server Applications Module 15-SP5 (noarch) * bind-doc-9.16.50-150500.8.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1737.html * https://www.suse.com/security/cve/CVE-2024-1975.html * https://www.suse.com/security/cve/CVE-2024-4076.html * https://bugzilla.suse.com/show_bug.cgi?id=1228256 * https://bugzilla.suse.com/show_bug.cgi?id=1228257 * https://bugzilla.suse.com/show_bug.cgi?id=1228258 . A critical safety notice outlining improvements to bind, encompassing resolutions for service interruption flaws.. SUSE Security Update, Bind Security Advisory, Denial of Service Fixes, Software Security Updates. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12408 http://linux.oracle.com/errata/ELSA-2024-12408.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: AAVMF-1.7.0-5.el7.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//edk2-1.7.0-5.el7.src.rpm Related CVEs: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2022-36763 CVE-2022-36764 CVE-2022-36765 Description of changes: * Tue Feb 27 2024 Aaron Young - Create new 1.7.0 release for OL7 which includes the following fixed CVEs: {CVE-2023-45229} {CVE-2023-45230} {CVE-2023-45231} {CVE-2023-45232} {CVE-2023-45233} {CVE-2023-45234} {CVE-2023-45235} {CVE-2022-36763} {CVE-2022-36764} {CVE-2022-36765} - Update to OpenSSL 3.0.10 which includes the following fixed CVEs: {CVE-2023-2975} {CVE-2023-1255} {CVE-2023-0401} {CVE-2023-0217} {CVE-2023-0216} {CVE-2023-0215} {CVE-2022-4203} {CVE-2022-3996} {CVE-2022-3602} {CVE-2022-3786} {CVE-2022-3358} {CVE-2022-2274} {CVE-2022-1473} {CVE-2022-1434} {CVE-2022-1343} {CVE-2021-4044} {CVE-2021-23839} * Tue Aug 22 2023 Aaron Young - Create new 1.6.6.cvm release for OL7 * Mon Aug 21 2023 Aaron Young - Create new 1.6.6 release for OL7 which includes the following fixed CVEs: {CVE-2019-14560} - Update to OpenSSL 1.1.1v which includes the following fixed CVEs: {CVE-2023-3817} {CVE-2023-3446} {CVE-2023-2650} {CVE-2023-0465} {CVE-2023-0466} {CVE-2023-0464} {CVE-2023-0286} {CVE-2023-0215} {CVE-2022-4450} {CVE-2022-4304} {CVE-2022-2097} {CVE-2022-2068} {CVE-2022-1292} {CVE-2022-0778} {CVE-2021-4160} {CVE-2021-3712} {CVE-2021-3711} {CVE-2021-3450} {CVE-2021-3449} {CVE-2021-23841} {CVE-2021-23840} {CVE-2020-1971} {CVE-2020-1967} {CVE-2019-1551} {CVE-2019-1563} {CVE-2019-1549} {CVE-2019-1547} {CVE-2019-1552} {CVE-2019-1543} {CVE-2018-0734} {CVE-2018-0735} * Tue Jun 13 2023 Aaron Young - Createnew 1.6.5.cvm release for OL7 * Mon Feb 27 2023 Aaron Young - Create new 1.6.4.cvm release for OL7 which includes the following fixed CVEs: {CVE-2021-38578} * Tue Jun 28 2022 Aaron Young - Create new 1.6.3 release for OL7 * Wed Jun 01 2022 Aaron Young - Create new 1.6.2 release for OL7 * Wed May 11 2022 Aaron Young - Create new 1.6.1 release for OL7 * Wed Apr 06 2022 Aaron Young - Create new 1.6.0 release for OL7 which includes the following fixed CVEs: {CVE-2022-0778} * Tue Nov 23 2021 Aaron Young - Create new 1.5.1 release for OL7 * Wed Jun 16 2021 Aaron Young - Create new 1.5.0 release for OL7 which includes the following fixed CVEs: {CVE-2021-23840} {CVE-2021-23841} {CVE-2021-38575} * Thu Feb 18 2021 Aaron Young - Create new 1.4.3 release for OL7 * Wed Jan 20 2021 Aaron Young - Create new 1.4.2 release for OL7 * Thu Dec 03 2020 Aaron Young - Create new 1.4.1 release for OL7 * Wed Nov 18 2020 Aaron Young - Create new 1.4.0 release for OL7 which includes the following fixed CVEs: {CVE-2019-14584} {CVE-2019-14562} {CVE-2019-11098} {CVE-2019-14559} {CVE-2019-14575} {CVE-2019-14559} {CVE-2019-14587} {CVE-2019-14558} {CVE-2019-14586} {CVE-2019-14563} * Sat Oct 10 2020 Aaron Young - Create new 1.3.4 release for OL7 * Wed Oct 07 2020 Aaron Young - Create new 1.3.3 release for OL7 * Fri Jul 31 2020 Aaron Young - Create new 1.3.2 release for OL7 * Fri May 01 2020 Aaron Young - Create new 1.3.1 release for OL7 * Wed Feb 05 2020 Aaron Young - Create new 1.3 release for OL7 which includes the following fixed CVEs: {CVE-2018-12182} {CVE-2019-13224} {CVE-2019-13225} {CVE-2019-14553} * Fri May 17 2019 Aaron Young - Create new 1.2 release for OL7 which includes the following fixed CVEs: {CVE-2017-5715} {CVE-2017-5731} {CVE-2017-5732} {CVE-2017-5733} {CVE-2017-5734} {CVE-2017-5735} {CVE-2017-5753} {CVE-2018-12178} {CVE-2018-12180} {CVE-2018-12181} {CVE-2018-3630} _______________________________________________ El-errata mailinglist
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-3259 http://linux.oracle.com/errata/ELSA-2024-3259.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: delve-1.21.2-3.0.1.module+el8.10.0+90307+cdf2b281.x86_64.rpm golang-1.21.9-1.module+el8.10.0+90336+233c4160.x86_64.rpm golang-bin-1.21.9-1.module+el8.10.0+90336+233c4160.x86_64.rpm golang-docs-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm golang-misc-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm golang-src-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm golang-tests-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm go-toolset-1.21.9-1.module+el8.10.0+90336+233c4160.x86_64.rpm aarch64: delve-1.21.2-3.0.1.module+el8.10.0+90307+cdf2b281.aarch64.rpm golang-1.21.9-1.module+el8.10.0+90336+233c4160.aarch64.rpm golang-bin-1.21.9-1.module+el8.10.0+90336+233c4160.aarch64.rpm golang-docs-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm golang-misc-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm golang-src-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm golang-tests-1.21.9-1.module+el8.10.0+90336+233c4160.noarch.rpm go-toolset-1.21.9-1.module+el8.10.0+90336+233c4160.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//delve-1.21.2-3.0.1.module+el8.10.0+90307+cdf2b281.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//golang-1.21.9-1.module+el8.10.0+90336+233c4160.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//go-toolset-1.21.9-1.module+el8.10.0+90336+233c4160.src.rpm Related CVEs: CVE-2023-45288 CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 Description of changes: delve golang [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 go-toolset [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 _______________________________________________ El-errata mailing list
This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-40ee18b2e7 2024-06-02 03:36:56.060441 -------------------------------------------------------------------------------- Name : rust-sevctl Product : Fedora 39 Version : 0.4.3 Release : 4.fc39 URL : Summary : Administrative utility for AMD SEV Description : Administrative utility for AMD SEV. -------------------------------------------------------------------------------- Update Information: This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html -------------------------------------------------------------------------------- ChangeLog: * Thu May 23 2024 Fabio Valentini - 0.4.3-4 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces. * Sat Jan 27 2024 Fedora Release Engineering - 0.4.3-3 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-40ee18b2e7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0249 https://linux.oracle.com/errata/ELSA-2024-0249.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: java-21-openjdk-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-demo-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-devel-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-headless-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-javadoc-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-javadoc-zip-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-jmods-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-src-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-static-libs-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-demo-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-demo-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-devel-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-devel-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-headless-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-headless-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-jmods-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-jmods-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-src-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-src-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-static-libs-fastdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm java-21-openjdk-static-libs-slowdebug-21.0.2.0.13-1.0.1.el9.x86_64.rpm aarch64: java-21-openjdk-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-demo-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-devel-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-headless-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-javadoc-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-javadoc-zip-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-jmods-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-src-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-static-libs-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-demo-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-demo-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-devel-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-devel-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-headless-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-headless-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-jmods-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-jmods-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-src-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-src-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-static-libs-fastdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm java-21-openjdk-static-libs-slowdebug-21.0.2.0.13-1.0.1.el9.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//java-21-openjdk-21.0.2.0.13-1.0.1.el9.src.rpm Related CVEs: CVE-2024-20918 CVE-2024-20919 CVE-2024-20921 CVE-2024-20945 CVE-2024-20952 Description of changes: [1:21.0.2.0.13-1.0.1] - Add Oracle vendor bug URL [1:21.0.2.0.13-1] - Rebase to 21.0.2.0.13 _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.