Advisories, Articles, News, Threat Research, Vulnerabilities, , , , ,
Cyber Security Articles

Fedora Security Updates

Released updates Filtered on: type(security)

  • dotnet9.0-9.0.107-1.fc42
    on June 13, 2025 at 2:23 pm

    FEDORA-2025-77d16adbcd Packages in this update: dotnet9.0-9.0.107-1.fc42 Update description: This is the .NET monthly update for June 2025. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.6/9.0.107.md Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.6/9.0.6.md

  • dotnet9.0-9.0.107-1.fc41
    on June 13, 2025 at 2:22 pm

    FEDORA-2025-092006d075 Packages in this update: dotnet9.0-9.0.107-1.fc41 Update description: This is the .NET monthly update for June 2025. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.6/9.0.107.md Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.6/9.0.6.md

  • apache-commons-beanutils-1.9.4-39.fc41
    on June 13, 2025 at 8:33 am

    FEDORA-2025-3eb7c0066f Packages in this update: apache-commons-beanutils-1.9.4-39.fc41 Update description: Fix improper access control vulnerability Resolves: CVE-2025-48734

  • apache-commons-beanutils-1.9.4-39.fc42
    on June 13, 2025 at 8:33 am

    FEDORA-2025-48e8e5f8ed Packages in this update: apache-commons-beanutils-1.9.4-39.fc42 Update description: Fix improper access control vulnerability Resolves: CVE-2025-48734

  • chromium-137.0.7151.103-1.el10_1
    on June 13, 2025 at 5:46 am

    FEDORA-EPEL-2025-73b10a6316 Packages in this update: chromium-137.0.7151.103-1.el10_1 Update description: Update to 137.0.7151.103 CVE-2025-5958: Use after free in Media CVE-2025-5959: Type Confusion in V8

  • chromium-137.0.7151.103-1.el9
    on June 13, 2025 at 5:46 am

    FEDORA-EPEL-2025-549cb45f1c Packages in this update: chromium-137.0.7151.103-1.el9 Update description: Update to 137.0.7151.103 CVE-2025-5958: Use after free in Media CVE-2025-5959: Type Confusion in V8

  • mediawiki-1.43.1-1.fc42
    on June 13, 2025 at 3:08 am

    FEDORA-2025-01bd4e4d20 Packages in this update: mediawiki-1.43.1-1.fc42 Update description: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/OXIGQIHBL26HFKG6TT5SWSH7K7W6RO4H/ https://phabricator.wikimedia.org/T382326

  • chromium-137.0.7151.103-1.fc41
    on June 12, 2025 at 2:15 pm

    FEDORA-2025-aa9ea529fb Packages in this update: chromium-137.0.7151.103-1.fc41 Update description: Update to 137.0.7151.103 CVE-2025-5958: Use after free in Media CVE-2025-5959: Type Confusion in V8

  • chromium-137.0.7151.103-1.fc42
    on June 12, 2025 at 2:15 pm

    FEDORA-2025-41bc291ca0 Packages in this update: chromium-137.0.7151.103-1.fc42 Update description: Update to 137.0.7151.103 CVE-2025-5958: Use after free in Media CVE-2025-5959: Type Confusion in V8

  • thunderbird-128.11.1-1.fc41
    on June 12, 2025 at 9:30 am

    FEDORA-2025-883496c803 Packages in this update: thunderbird-128.11.1-1.fc41 Update description: Update to 128.11.1 https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/

  • thunderbird-128.11.1-1.fc42
    on June 12, 2025 at 9:30 am

    FEDORA-2025-1ac9269cc4 Packages in this update: thunderbird-128.11.1-1.fc42 Update description: Update to 128.11.1 https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/

  • perl-File-Find-Rule-0.35-1.fc41
    on June 12, 2025 at 7:24 am

    FEDORA-2025-047d8f57ea Packages in this update: perl-File-Find-Rule-0.35-1.fc41 Update description: Fix CVE-2011-10007

  • perl-File-Find-Rule-0.35-1.fc42
    on June 12, 2025 at 7:21 am

    FEDORA-2025-eef56e1ee1 Packages in this update: perl-File-Find-Rule-0.35-1.fc42 Update description: Fix CVE-2011-10007

  • perl-CryptX-0.087-1.fc43
    on June 11, 2025 at 9:48 pm

    FEDORA-2025-a99a329e1b Packages in this update: perl-CryptX-0.087-1.fc43 Update description: Automatic update for perl-CryptX-0.087-1.fc43. Changelog * Wed Jun 11 2025 Xavier Bachelot <xavier@bachelot.org> – 0.087-1 – Update to 0.087 (RHBZ#2372355,RHBZ#2372356,RHBZ#2372357,RHBZ#2372358) – Fix CVE-2025-40914

  • konsole5-23.08.5-2.el9
    on June 11, 2025 at 4:49 pm

    FEDORA-EPEL-2025-9c03a7aa1d Packages in this update: konsole5-23.08.5-2.el9 Update description: FIx CVE-2025-49091 – Konsole Remote Code Execution Vulnerability

  • konsole5-22.04.1-2.el8
    on June 11, 2025 at 4:49 pm

    FEDORA-EPEL-2025-5fa07de5ca Packages in this update: konsole5-22.04.1-2.el8 Update description: FIx CVE-2025-49091 – Konsole Remote Code Execution Vulnerability

  • libtpms-0.9.7-1.fc41
    on June 10, 2025 at 5:28 pm

    FEDORA-2025-25aa48d158 Packages in this update: libtpms-0.9.7-1.fc41 Update description: Upgrade to libtpms 0.9.7 fixing CVE-2025-49133

  • libtpms-0.10.1-1.fc42
    on June 10, 2025 at 5:18 pm

    FEDORA-2025-77cdabc09b Packages in this update: libtpms-0.10.1-1.fc42 Update description: Upgrade to libtpms 0.10.1 fixing CVE-2025-49133

  • kea-2.6.3-1.el9
    on June 9, 2025 at 2:28 pm

    FEDORA-EPEL-2025-a36cdc1182 Packages in this update: kea-2.6.3-1.el9 Update description: New version 2.6.3 (rhbz#2368989) Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 kea.conf: Remove /tmp/ from socket-name for existing configurations kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention kea.conf: Restrict directory permissions Sync service files with upstream Fix leases ownership when switching from root to kea user (rhbz#2324168) Release Notes: The new default configuration file, kea-ctrl-agent.conf, introduces an authentication setting, “password-file”, which restricts access to the REST API. On Fedora, the kea-api-password file is automatically populated with a pseudo-random password to secure new installations. For system upgrades, it is strongly recommended to update any custom configurations to restrict access to the REST API. For more details, including information on CVE fixes and incompatible changes, refer to the upstream release notes: https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt

  • kea-2.6.3-1.fc41
    on June 9, 2025 at 12:03 pm

    FEDORA-2025-b870671130 Packages in this update: kea-2.6.3-1.fc41 Update description: New version 2.6.3 (rhbz#2368989) Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 kea.conf: Remove /tmp/ from socket-name for existing configurations kea.conf: Set pseudo-random password for default config to secure fresh install and allow CA startup without user intervention kea.conf: Restrict directory permissions Sync service files with upstream Fix leases ownership when switching from root to kea user (rhbz#2324168) Release Notes: The new default configuration file, kea-ctrl-agent.conf, introduces an authentication setting, “password-file”, which restricts access to the REST API. On Fedora, the kea-api-password file is automatically populated with a pseudo-random password to secure new installations. For system upgrades, it is strongly recommended to update any custom configurations to restrict access to the REST API. For more details, including information on CVE fixes and incompatible changes, refer to the upstream release notes: https://downloads.isc.org/isc/kea/2.6.3/Kea-2.6.3-ReleaseNotes.txt

Share Websitecyber

Related Posts:

We are an ethical website cyber security team and we perform security assessments to protect our clients.