Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
202
security advisoryimportantdomain validationopenSUSE Leap 15.2: 2021:1214-1 Important: NodeJS12 Stream Issues
An update that fixes 5 vulnerabilities is now available. . openSUSE Security Update: Security update for nodejs12 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1214-1 Rating: important References: #1188881 #1188917 #1189368 #1189369 #1189370 Cross-References: CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-3672 CVSS scores: CVE-2021-22930 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2021-22931 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-22939 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-22940 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3672 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for nodejs12 fixes the following issues: Update to 12.22.5: - CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (bsc#1189370, bsc#1188881) - CVE-2021-22940: Use after free on close http2 on stream canceling (bsc#1189368) - CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (bsc#1189369) - CVE-2021-22930: http2: fixes use after free on close http2 on stream canceling (bsc#1188917) This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1214=1 Package List: - openSUSE Leap 15.2 (i586 x86_64): nodejs12-12.22.5-lp152.3.18.1 nodejs12-debuginfo-12.22.5-lp152.3.18.1 nodejs12-debugsource-12.22.5-lp152.3.18.1 nodejs12-devel-12.22.5-lp152.3.18.1 npm12-12.22.5-lp152.3.18.1 - openSUSE Leap 15.2 (noarch): nodejs12-docs-12.22.5-lp152.3.18.1 References: https://www.suse.com/security/cve/CVE-2021-22930.html https://www.suse.com/security/cve/CVE-2021-22931.html https://www.suse.com/security/cve/CVE-2021-22939.html https://www.suse.com/security/cve/CVE-2021-22940.html https://www.suse.com/security/cve/CVE-2021-3672.html https://bugzilla.suse.com/1188881 https://bugzilla.suse.com/1188917 https://bugzilla.suse.com/1189368 https://bugzilla.suse.com/1189369 https://bugzilla.suse.com/1189370 . Release note for openSUSE addressing significant concerns in nodejs12 related to stream processing and domain verification.. OpenSUSE NodeJS Update, NodeJS Security Issues, NodeJS Important Fix, NodeJS Security Patch. . Severity: Important. LinuxSecurity.com Team
Aug 31, 2021
•Important
OpenSUSE
89
security advisorysoftware updateFedoraFedora 30: FEDORA-2019-a8121923d5 Critical Update for php-typo3-phar
## php-typo3-phar-stream-wrapper2 ### v2.1.2 Handling mime-type & Windows paths #### Resolved Issues - \#34: Normalize resolved Windows path to Unix-style - \#42: Avoid analysing non-phar files on alias resolving - \#40: Add Windows tests using AppVeyor - \#33: Add alternative mime-type resolving (without ext- fileinfo) ### v2.1.1 Phar Alias Handling & Performance Releases v3.1.1 and. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-a8121923d5 2019-06-27 00:54:08.536484 --------------------------------------------------------------------------------Name : php-typo3-phar-stream-wrapper2 Product : Fedora 30 Version : 2.1.2 Release : 1.fc30 URL : https://github.com/TYPO3/phar-stream-wrapper Summary : Interceptors for PHP's native phar:// stream handling (v2) Description : Interceptors for PHP's native phar:// stream handling (v2). Autoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php --------------------------------------------------------------------------------Update Information: ## php-typo3-phar-stream-wrapper2 ### v2.1.2 Handling mime-type & Windows paths #### Resolved Issues - \#34: Normalize resolved Windows path to Unix-style -\#42: Avoid analysing non-phar files on alias resolving - \#40: Add Windows tests using AppVeyor - \#33: Add alternative mime-type resolving (without ext-fileinfo) ### v2.1.1 Phar Alias Handling & Performance Releases v3.1.1 and v.2.1.1 aim to overcome drawbacks in Phar's alias resolving from Phar stub as well as solving performance aspects. ### v2.1.0 Phar Alias Handling #### Description Releases v3.1.0 and v.2.1.0 aim to overcome drawbacks in Phar's alias resolving (either by Phar archives using `Phar::setAlias()` in meta-data or `Phar::mapPhar()` in stub code). Merged pull-requests - Phar alias resolving (v3: #10, #12, v2: #14, #15) - Phar alias handling and (v3: #16, #17, v2: #20) #### Migration In case custom Assertableinterceptors have been used, path resolving has to be adjusted in order to make use of alias resolving features. ##### before - example in v3.0.1 $baseFile Helper::determineBaseFile($path); ##### after - example in v3.1.0 $invocation = Manager::instance()-> resolve($path); $baseName $invocation-> getBaseName(); // previously called $baseFile #### Open Issues There have been reports about flaws using `stream_select()` and according `stream_cast()` in `PharStreamWrapper`. Since it was not possible to reproduce the behavior in an isolated scenario and specific platform requiresments were not clear, these aspects have not been covered by these releses - see #8 and #19 for details. #### Features - added low-level `Phar\Reader` for stub & meta-data (incl. alias) and their model representations - added `Resolver\PharInvocationResolver` in order to resolve/handle alias names - added `Interceptor\ConjunctionInterceptor` for combining multiple interceptors - added `Interceptor\PharMetaDataInterceptor` for actually testing against insecure deserialization in meta-data of Phar archives ## php-brumann-polyfill-unserialize Backports unserialize options introduced in PHP 7.0 to older PHP versions. This was originally designed as a Proof of Concept for Symfony Issue [#21090](https://github.com/symfony/symfony/pull/21090). You can use this package in projects that rely on PHP versions older than PHP 7.0. In case you are using PHP 7.0+ the original unserialize() will be used instead. From the [documentation](https://www.php.net/manual/en/function.unserialize.php): > Warning: Do not pass untrusted user input to unserialize(). Unserialization > can result in code being loaded and executed due to object instantiation and > autoloading, and a malicious user may be able to exploit this. This warning holds true even when `allowed_classes` is used. --------------------------------------------------------------------------------ChangeLog: * Sun Jun 16 2019 Shawn Iwinski - 2.1.2-1 -Update to 2.1.2 (RHBZ #1708652, #1708653, #1708646, #1708649) - https://typo3.org/security/advisory/typo3-psa-2019-007/ - https://nvd.nist.gov/vuln/detail/CVE-2019-11831 - https://typo3.org/security/advisory/typo3-psa-2019-008/ - https://nvd.nist.gov/vuln/detail/CVE-2019-11830 --------------------------------------------------------------------------------References: [ 1 ] Bug #1708649 - CVE-2019-11831 phar-stream-wrapper: TYP03 does not prevent directory traversal resulting in bypass of deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708649 [ 2 ] Bug #1708646 - CVE-2019-11830 phar-stream-wrapper: mishandling of phar stub parsing leads to bypass a deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708646 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-a8121923d5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 26, 2019
•Critical
Fedora
172
security advisorydenial of servicearbitrary code executionUbuntu 18.10 and 18.04 LTS: USN-3845-2 Security Advisory for FreeRDP
Several security issues were fixed in FreeRDP.. ========================================================================Ubuntu Security Notice USN-3845-2 May 28, 2019 freerdp vulnerabilities ======================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in FreeRDP. Software Description: - freerdp: RDP client for Windows Terminal Services Details: USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 18.10. Original advisory details: Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8784, CVE-2018-8785) Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-8786, CVE-2018-8787) Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8788) Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8789) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libfreerdp-client1.1 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.10.1 Ubuntu 18.04 LTS: libfreerdp-client1.1 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3845-2 https://ubuntu.com/security/notices/USN-3845-1 CVE-2018-8786, CVE-2018-8787, CVE-2018-8788, CVE-2018-8789 Package Information: https://launchpad.net/ubuntu/+source/freerdp/1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.10.1 https://launchpad.net/ubuntu/+source/freerdp/1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.04.1 . Several FreeRDP security issues in Ubuntu addressed in this advisory. Updates include critical threats to services.. FreeRDP Security Issues, Ubuntu Update Advisory, Denial of Service, Arbitrary Code Execution. . Severity: Critical. LinuxSecurity.com Team
May 28, 2019
•Critical
Ubuntu
89
security advisorymoderateupdateFedora 29: FEDORA-2019-d5f883429d Moderate: php-typo3 Buffer Overflow
- [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1) - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory/typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2019-11831) - [TYPO3-PSA-2019-008](https://typo3.org/security/advisory/typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-2019-11830) -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-d5f883429d 2019-05-17 03:16:51.085034 --------------------------------------------------------------------------------Name : php-typo3-phar-stream-wrapper Product : Fedora 29 Version : 3.1.1 Release : 1.fc29 URL : https://github.com/TYPO3/phar-stream-wrapper Summary : Interceptors for PHP's native phar:// stream handling Description : Interceptors for PHP's native phar:// stream handling. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php --------------------------------------------------------------------------------Update Information: - [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1) - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory/typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2019-11831) -[TYPO3-PSA-2019-008](https://typo3.org/security/advisory/typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-2019-11830) -[3.1.0](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.0) --------------------------------------------------------------------------------References: [ 1 ] Bug #1708649 - CVE-2019-11831 phar-stream-wrapper: TYP03 does not prevent directory traversal resulting in bypass of deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708649 [ 2 ] Bug #1708646 - CVE-2019-11830 phar-stream-wrapper: mishandling of phar stub parsing leads to bypass a deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708646 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-d5f883429d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 16, 2019
Fedora
89
security advisorysecurity updatesecurity issueFedora 28: FEDORA-2019-4d93cf2b34 Critical: php-typo3 Directory Traversal
- [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1) - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory/typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2019-11831) - [TYPO3-PSA-2019-008](https://typo3.org/security/advisory/typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-2019-11830) -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-4d93cf2b34 2019-05-17 01:18:20.521154 --------------------------------------------------------------------------------Name : php-typo3-phar-stream-wrapper Product : Fedora 28 Version : 3.1.1 Release : 1.fc28 URL : https://github.com/TYPO3/phar-stream-wrapper Summary : Interceptors for PHP's native phar:// stream handling Description : Interceptors for PHP's native phar:// stream handling. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php --------------------------------------------------------------------------------Update Information: - [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1) - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory/typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2019-11831) -[TYPO3-PSA-2019-008](https://typo3.org/security/advisory/typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-2019-11830) -[3.1.0](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.0) --------------------------------------------------------------------------------References: [ 1 ] Bug #1708649 - CVE-2019-11831 phar-stream-wrapper: TYP03 does not prevent directory traversal resulting in bypass of deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708649 [ 2 ] Bug #1708646 - CVE-2019-11830 phar-stream-wrapper: mishandling of phar stub parsing leads to bypass a deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708646 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-4d93cf2b34' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 16, 2019
•Critical
Fedora
89
security advisorycriticalFedoraFedora 30: 2019-3c89837025 Critical: Php-Typo3 Stream Handling Issue
- [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1) - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory/typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2019-11831) - [TYPO3-PSA-2019-008](https://typo3.org/security/advisory/typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-2019-11830) -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-3c89837025 2019-05-17 01:03:28.819291 --------------------------------------------------------------------------------Name : php-typo3-phar-stream-wrapper Product : Fedora 30 Version : 3.1.1 Release : 1.fc30 URL : https://github.com/TYPO3/phar-stream-wrapper Summary : Interceptors for PHP's native phar:// stream handling Description : Interceptors for PHP's native phar:// stream handling. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper/autoload.php --------------------------------------------------------------------------------Update Information: - [3.1.1](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.1) - [TYPO3-PSA-2019-007](https://typo3.org/security/advisory/typo3-psa-2019-007/) / [CVE-2019-11831](https://nvd.nist.gov/vuln/detail/CVE-2019-11831) -[TYPO3-PSA-2019-008](https://typo3.org/security/advisory/typo3-psa-2019-008/) / [CVE-2019-11830](https://nvd.nist.gov/vuln/detail/CVE-2019-11830) -[3.1.0](https://github.com/TYPO3/phar-stream-wrapper/releases/tag/v3.1.0) --------------------------------------------------------------------------------ChangeLog: * Wed May 8 2019 Shawn Iwinski - 3.1.1-1 - Update to 3.1.1 (TYPO3-PSA-2019-007) --------------------------------------------------------------------------------References: [ 1 ] Bug #1708649 - CVE-2019-11831 phar-stream-wrapper: TYP03 does not prevent directory traversal resulting in bypass of deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708649 [ 2 ] Bug #1708646 - CVE-2019-11830 phar-stream-wrapper: mishandling of phar stub parsing leads to bypass a deserialization of protection mechanism https://bugzilla.redhat.com/show_bug.cgi?id=1708646 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-3c89837025' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 16, 2019
•Critical
Fedora
89
security advisorymoderateFedoraFedora 29: FEDORA-2019-46107f296c Moderate: PHP TYPO3 Stream Handling
## drupal8 Upstream: - - - - - -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-46107f296c 2019-03-07 21:01:57.449113 --------------------------------------------------------------------------------Name : php-typo3-phar-stream-wrapper2 Product : Fedora 29 Version : 2.0.1 Release : 1.fc29 URL : https://github.com/TYPO3/phar-stream-wrapper Summary : Interceptors for PHP's native phar:// stream handling (v2) Description : Interceptors for PHP's native phar:// stream handling (v2). Autoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php --------------------------------------------------------------------------------Update Information: ## drupal8 Upstream: - https://www.drupal.org/project/drupal/releases/8.6.10 - https://www.drupal.org/SA-CORE-2019-003 -https://www.drupal.org/project/drupal/releases/8.6.9 -https://www.drupal.org/project/drupal/releases/8.6.8 -https://www.drupal.org/project/drupal/releases/8.6.7 -https://www.drupal.org/project/drupal/releases/8.6.6 -https://www.drupal.org/SA-CORE-2019-002 - https://www.drupal.org/SA-CORE-2019-001 - https://www.drupal.org/project/drupal/releases/8.6.5 -https://www.drupal.org/project/drupal/releases/8.6.4 -https://www.drupal.org/project/drupal/releases/8.6.3 RPM: - Fix autoloader ## php-typo3-phar-stream-wrapper2 Interceptors for PHP's native `phar://` stream handling (v2). --------------------------------------------------------------------------------References: [ 1 ] Bug #1680307 - Review Request: php-typo3-phar-stream-wrapper2 - Interceptors for PHP's native phar:// stream handling (v2) https://bugzilla.redhat.com/show_bug.cgi?id=1680307 [ 2 ] Bug #1662604 - Drupal8 package missing dependency for php-zendframework-zend-loader https://bugzilla.redhat.com/show_bug.cgi?id=1662604 [ 3 ] Bug #1673117 - drupal8-8.6.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673117 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-46107f296c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 07, 2019
Fedora
89
security advisoryFedoracritical updateFedora 28: FEDORA-2019-6a0717dc9a Critical: php-typo3-phar-stream-wrapper2
## drupal8 Upstream: - - - - - -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-6a0717dc9a 2019-03-07 20:05:50.287853 --------------------------------------------------------------------------------Name : php-typo3-phar-stream-wrapper2 Product : Fedora 28 Version : 2.0.1 Release : 1.fc28 URL : https://github.com/TYPO3/phar-stream-wrapper Summary : Interceptors for PHP's native phar:// stream handling (v2) Description : Interceptors for PHP's native phar:// stream handling (v2). Autoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php --------------------------------------------------------------------------------Update Information: ## drupal8 Upstream: - - - - - - - - - - - RPM: - Fix autoloader ## php-typo3-phar-stream-wrapper2 Interceptors for PHP's native `phar://` stream handling (v2). --------------------------------------------------------------------------------References: [ 1 ] Bug #1680307 - Review Request: php-typo3-phar-stream-wrapper2 - Interceptors for PHP's native phar:// stream handling (v2) https://bugzilla.redhat.com/show_bug.cgi?id=1680307 [ 2 ] Bug #1662604 - Drupal8 package missing dependency for php-zendframework-zend-loader https://bugzilla.redhat.com/show_bug.cgi?id=1662604 [ 3 ] Bug #1673117 - drupal8-8.6.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673117 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-6a0717dc9a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 07, 2019
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!