Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 28 articles for you...
89
security advisorysecurity updateintrusion detectionFedora 40 Update: suricata 2025-aa783e1cbd critical security advisory
Various security, performance, accuracy, and stability issues have been fixed.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-aa783e1cbd 2025-01-12 01:42:08.024032+00:00 -------------------------------------------------------------------------------- Name : suricata Product : Fedora 40 Version : 7.0.8 Release : 1.fc40 URL : / Summary : Intrusion Detection System Description : The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP Matching, and GeoIP identification. -------------------------------------------------------------------------------- Update Information: Various security, performance, accuracy, and stability issues have been fixed. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 3 2025 Steve Grubb 7.0.8-1 - New security and bugfix release * Tue Oct 22 2024 Richard W.M. Jones - 7.0.7-2 - Rebuild for Jansson 2.14 (https://lists.fedoraproject.org/archives/list/
Jan 12, 2025
•Critical
Fedora
100
security advisoryimportantkernel issueSUSE: 2024:3347-1 important: Kernel Live Patch 11 for SLE 15 SP5
* bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 . # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3347-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52502 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev-> mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha-> vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-> mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). *CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3347=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3347=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-6-150500.11.6.2 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-6-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_52-default-6-150500.11.6.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-6-150500.11.6.2 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-6-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_52-default-6-150500.11.6.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 *https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 . A recent security enhancement for the Linux Kernel resolves 14 vulnerabilities aimed at bolstering reliability on SUSE Enterprise 15 SP5.. Linux Kernel Update, SUSE Security Patch, Kernel Vulnerability Fix. . Severity: Important. LinuxSecurity.com Team
Sep 19, 2024
•Important
SuSE
89
security advisorykernel updateFedoraFedora 39: FEDORA-2024-d16d94b00d moderate: Kernel 6.7.6 Stability Update
The 6.7.6 stable kernel update contains a number of important fixes across the tree.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-d16d94b00d 2024-02-28 01:07:06.086832 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 39 Version : 6.7.6 Release : 200.fc39 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.7.6 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 23 2024 Justin M. Forbes [6.7.6-0] - Add CVE fix for 6.7.6 (Justin M. Forbes) - Linux v6.7.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2260044 - CVE-2024-23850 kernel: btrfs_get_root_ref has an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation https://bugzilla.redhat.com/show_bug.cgi?id=2260044 [ 2 ] Bug #2260046 - CVE-2024-23851 kernel: copy_params can attempt to allocate more than INT_MAX bytes and crash https://bugzilla.redhat.com/show_bug.cgi?id=2260046 [ 3 ] Bug #2265269 - CVE-2023-52437 kernel: Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" https://bugzilla.redhat.com/show_bug.cgi?id=2265269 [ 4 ] Bug #2265517 - CVE-2024-26585 kernel: tls: race between tx work scheduling and socket close https://bugzilla.redhat.com/show_bug.cgi?id=2265517 [ 5 ] Bug #2265518 - CVE-2024-26582 kernel: tls: use-after-free with partial reads and async decrypt https://bugzilla.redhat.com/show_bug.cgi?id=2265518 [ 6 ] Bug #2265519 - CVE-2024-26584 kernel: tls: handle backlogging of cryptorequests https://bugzilla.redhat.com/show_bug.cgi?id=2265519 [ 7 ] Bug #2265520 - CVE-2024-26583 kernel: tls: race between async notify and socket close https://bugzilla.redhat.com/show_bug.cgi?id=2265520 [ 8 ] Bug #2265646 - CVE-2024-26593 kernel: i2c: i801: Fix block process call transactions https://bugzilla.redhat.com/show_bug.cgi?id=2265646 [ 9 ] Bug #2265833 - CVE-2024-26603 kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer https://bugzilla.redhat.com/show_bug.cgi?id=2265833 [ 10 ] Bug #2266257 - CVE-2024-26604 kernel: null pointer dereference in kobject https://bugzilla.redhat.com/show_bug.cgi?id=2266257 [ 11 ] Bug #2266286 - CVE-2024-26606 kernel: signal epoll threads of self-work https://bugzilla.redhat.com/show_bug.cgi?id=2266286 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-d16d94b00d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 28, 2024
Fedora
89
security advisoryFedoracritical patchFedora 37 FEDORA-2023-d9509be489 Critical Kernel Update and Threats
The 6.4.10 stable kernel update contains a number of important fixes across the tree.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-d9509be489 2023-08-14 00:44:57.846913 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 37 Version : 6.4.10 Release : 100.fc37 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.4.10 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 11 2023 Justin M. Forbes [6.4.10-0] - More security bug fixes for 6.4.10 (Justin M. Forbes) - KVM: SEV: remove ghcb variable declarations (Paolo Bonzini) - KVM: SEV: only access GHCB fields once (Paolo Bonzini) - KVM: SEV: snapshot the GHCB before accessing it (Paolo Bonzini) - Add another bug fixed by the 6.4.10 release (Justin M. Forbes) - drm/amd/display: Fix a regression on Polaris cards (Mario Limonciello) - redhat/configs: Remove `CONFIG_HZ_1000 is not set` for aarch64 (Enric Balletbo i Serra) - Add new CVEs fixed in 6.4.9 to BugsFixed (Justin M. Forbes) - Linux v6.4.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2213802 - CVE-2023-4155 kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2213802 [ 2 ] Bug #2221609 - CVE-2023-4273 kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry https://bugzilla.redhat.com/show_bug.cgi?id=2221609 [ 3 ] Bug #2225511 - CVE-2023-4128 Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route https://bugzilla.redhat.com/show_bug.cgi?id=2225511 [ 4 ] Bug #2229498 - CVE-2023-4194 kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid https://bugzilla.redhat.com/show_bug.cgi?id=2229498 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-d9509be489' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Aug 14, 2023
•Critical
Fedora
202
security advisoryimportant updateopenSUSEFedora: 2023:0217-1 Urgent: Security Update for Firefox Released
An update that fixes 11 vulnerabilities is now available. . openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0193-1 Rating: important References: #1213462 Cross-References: CVE-2023-3727 CVE-2023-3728 CVE-2023-3730 CVE-2023-3732 CVE-2023-3733 CVE-2023-3734 CVE-2023-3735 CVE-2023-3736 CVE-2023-3737 CVE-2023-3738 CVE-2023-3740 Affected Products: openSUSE Backports SLE-15-SP4 openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 115.0.5790.102: * stability fix Chromium 115.0.5790.98: * Security: The Storage, Service Worker, and Communication APIs are now partitioned in third-party contexts to prevent certain types of side-channel cross-site tracking * HTTPS: Automatically and optimistically upgrade all main-frame navigations to HTTPS, with fast fallback to HTTP. * CSS: accept multiple values of the display property * CSS: support boolean context style container queries * CSS: support scroll-driven animations * Increase the maximum size of a WebAssembly.Module() on the main thread to 8 MB * FedCM: Support credential management mediation requirements for auto re-authentication * Deprecate the document.domain setter * Deprecate mutation events * Security fixes (boo#1213462): - CVE-2023-3727: Use after free in WebRTC - CVE-2023-3728: Use after free in WebRTC - CVE-2023-3730: Use after free in Tab Groups - CVE-2023-3732: Out of bounds memory access in Mojo - CVE-2023-3733: Inappropriate implementation in WebApp Installs - CVE-2023-3734: Inappropriate implementation in Picture InPicture - CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts - CVE-2023-3736: Inappropriate implementation in Custom Tabs - CVE-2023-3737: Inappropriate implementation in Notifications - CVE-2023-3738: Inappropriate implementation in Autofill - CVE-2023-3740: Insufficient validation of untrusted input in Themes - Various fixes from internal audits, fuzzing and other initiatives Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2023-193=1 - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-193=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): chromedriver-115.0.5790.102-bp155.2.13.1 chromedriver-debuginfo-115.0.5790.102-bp155.2.13.1 chromium-115.0.5790.102-bp155.2.13.1 chromium-debuginfo-115.0.5790.102-bp155.2.13.1 - openSUSE Backports SLE-15-SP4 (aarch64 x86_64): chromedriver-115.0.5790.102-bp154.2.99.1 chromium-115.0.5790.102-bp154.2.99.1 References: https://www.suse.com/security/cve/CVE-2023-3727.html https://www.suse.com/security/cve/CVE-2023-3728.html https://www.suse.com/security/cve/CVE-2023-3730.html https://www.suse.com/security/cve/CVE-2023-3732.html https://www.suse.com/security/cve/CVE-2023-3733.html https://www.suse.com/security/cve/CVE-2023-3734.html https://www.suse.com/security/cve/CVE-2023-3735.html https://www.suse.com/security/cve/CVE-2023-3736.html https://www.suse.com/security/cve/CVE-2023-3737.html https://www.suse.com/security/cve/CVE-2023-3738.html https://www.suse.com/security/cve/CVE-2023-3740.html https://bugzilla.suse.com/1213462 . A crucial patch for chromium tackles various vulnerabilities in Fedora, improving overall performance and safety.. openSUSEUpdate, Important Security Patch, Chromium Stability Fix. . Severity: Important. LinuxSecurity.com Team
Jul 26, 2023
•Important
OpenSUSE
89
security advisorysoftware updateFedoraFedora 37: FEDORA-2022-3094c02073 Moderate SeaMonkey Stability Fix
Some stability fixes. ---- Update to 2.53.14 Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey/ . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3094c02073 2022-11-10 22:04:44.625528 --------------------------------------------------------------------------------Name : seamonkey Product : Fedora 37 Version : 2.53.14 Release : 3.fc37 URL : https://www.seamonkey-project.org/ Summary : Web browser, e-mail, news, IRC client, HTML editor Description : SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. --------------------------------------------------------------------------------Update Information: Some stability fixes. ---- Update to 2.53.14 Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey/ . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them. --------------------------------------------------------------------------------ChangeLog: * Mon Oct 3 2022 Dmitry Butskoy 2.53.14-3 - add fix for mozbz 1443429 and mozbz 1443746, return no more broken patches * Sun Oct 2 2022 Dmitry Butskoy 2.53.14-2 - rebuild without potentially broken patches * Tue Sep 27 2022 Dmitry Butskoy 2.53.14-1 - update to2.53.14 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3094c02073' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 10, 2022
Fedora
89
security advisorysoftware updateFedoraFedora 35: 2022-C170581B99 Moderate: SeaMonkey 2.53.14 Stability Fix
Some stability fixes. ---- Update to 2.53.14 Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey/ . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-c170581b99 2022-10-11 11:12:38.238191 --------------------------------------------------------------------------------Name : seamonkey Product : Fedora 35 Version : 2.53.14 Release : 3.fc35 URL : https://www.seamonkey-project.org/ Summary : Web browser, e-mail, news, IRC client, HTML editor Description : SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. --------------------------------------------------------------------------------Update Information: Some stability fixes. ---- Update to 2.53.14 Note that besides the ordinary builds for the current Fedora and EPEL branches, there is an additional distro-independed build available at https://buc.fedorapeople.org/seamonkey/ . So if you have friends who use other Linux distro, but that distro does not provide SeaMonkey yet, you can recommend it for them. --------------------------------------------------------------------------------ChangeLog: * Mon Oct 3 2022 Dmitry Butskoy 2.53.14-3 - add fix for mozbz 1443429 and mozbz 1443746, return no more broken patches * Sun Oct 2 2022 Dmitry Butskoy 2.53.14-2 - rebuild without potentially broken patches * Tue Sep 27 2022 Dmitry Butskoy 2.53.14-1 - update to2.53.14 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-c170581b99' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 11, 2022
Fedora
217
security advisorycritical issueimportant updateOracle Linux 7 ELSA-2022-9669 Critical: QEMU Stability Update
The following updated rpms for Oracle Linux 7 have been uploaded to the Unb= reakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-9669 https://linux.oracle.com/errata/ELSA-2022-9669.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: ivshmem-tools-4.2.1-18.el7.aarch64.rpm qemu-4.2.1-18.el7.aarch64.rpm qemu-block-gluster-4.2.1-18.el7.aarch64.rpm qemu-block-iscsi-4.2.1-18.el7.aarch64.rpm qemu-block-rbd-4.2.1-18.el7.aarch64.rpm qemu-common-4.2.1-18.el7.aarch64.rpm qemu-img-4.2.1-18.el7.aarch64.rpm qemu-kvm-4.2.1-18.el7.aarch64.rpm qemu-kvm-core-4.2.1-18.el7.aarch64.rpm qemu-system-aarch64-4.2.1-18.el7.aarch64.rpm qemu-system-aarch64-core-4.2.1-18.el7.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/qemu-4.2.1-18.el7.src.rpm Related CVEs: CVE-2021-3507 CVE-2021-4206 CVE-2021-4207 Description of changes: [15:4.2.1-18.el7] - block: introduce max_hw_iov for use in scsi-generic (Paolo Bonzini) [Orabug: 33785156] - file-posix: try BLKSECTGET on block devices too, do not round to power of 2 (Paolo Bonzini) [Orabug: 33785156] - block: add max_hw_transfer to BlockLimits (Paolo Bonzini) [Orabug: 33785156] - block-backend: align max_transfer to request alignment (Paolo Bonzini) [Orabug: 33785156] - osdep: provide ROUND_DOWN macro (Paolo Bonzini) [Orabug: 33785156] - scsi-generic: pass max_segments via max_iov field in BlockLimits (Paolo Bonzini) [Orabug: 33785156] - file-posix: fix max_iov for /dev/sg devices (Paolo Bonzini) [Orabug: 33785156] - display/qxl-render: fix race condition in qxl_cursor (CVE-2021-4207) (Mauro Matteo Cascella) [Orabug: 34049511] {CVE-2021-4207} - ui/cursor: fix integer overflow in cursor_alloc (CVE-2021-4206) (Mauro Matteo Cascella) [Orabug: 34049509] {CVE-2021-4206} - hw/block/fdc: Prevent end-of-track overrun (CVE-2021-3507) (Philippe Mathieu-Daud=E9) [Orabug: 32860387] {CVE-2021-3507} - pc: q35: Bump max_cpus to 512 (Suravee Suthikulpanit) [Orabug: 34314249] - tests/qtest: fixpvpanic-pci-test (Mark Kanda) [Orabug: 34284763] - libqos: pci-pc: use 32-bit write for EJ register (Paolo Bonzini) [Orabug: 34284758] - libqos: usb-hcd-ehci: use 32-bit write for config register (Paolo Bonzini) [Orabug: 34284768] - target/i386/kvm: Fix disabling MPX on "-cpu host" with MPX-capable host (Maciej S. Szmigiero) [Orabug: 33528615] - i386: Mask SVM features if nested SVM is disabled (Eduardo Habkost) [Orabug: 33860224] - ide: Cap LBA28 capacity announcement to 2^28-1 (Samuel Thibault) [Orabug: 25327652] - tests/acpi: update expected arm/virt tables (Mark Kanda) [Orabug: 34132842] _______________________________________________ El-errata mailing list
Aug 02, 2022
•Critical
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!