Chromium, Rizin, Wireshark, and more updates for Fedora

Fedora Linux 8890 Published by

Fedora Linux has implemented a series of security updates, which include chromium-133.0.6943.141-1.fc40, rizin-0.7.4-5.fc40, cutter-re-2.3.4-6.fc40, wireshark-4.2.11-1.fc40, webkitgtk-2.46.6-1.fc40, xen-4.19.1-5.fc41, xorg-x11-server-21.1.16-1.fc41, and nodejs22-22.14.0-2.fc41:

Fedora 40 Update: chromium-133.0.6943.141-1.fc40
Fedora 40 Update: rizin-0.7.4-5.fc40
Fedora 40 Update: cutter-re-2.3.4-6.fc40
Fedora 40 Update: wireshark-4.2.11-1.fc40
Fedora 40 Update: webkitgtk-2.46.6-1.fc40
Fedora 41 Update: xen-4.19.1-5.fc41
Fedora 41 Update: xorg-x11-server-21.1.16-1.fc41
Fedora 41 Update: chromium-133.0.6943.141-1.fc41
Fedora 41 Update: iniparser-4.2.4-3.fc41
Fedora 41 Update: cutter-re-2.3.4-6.fc41
Fedora 41 Update: rizin-0.7.4-5.fc41
Fedora 41 Update: wireshark-4.4.4-1.fc41
Fedora 41 Update: nodejs22-22.14.0-2.fc41




[SECURITY] Fedora 40 Update: chromium-133.0.6943.141-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-eeba8bf9d8
2025-03-01 01:38:57.010450+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 40
Version : 133.0.6943.141
Release : 1.fc40
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to chromium-133.0.6943.141
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2025 Than Ngo [than@redhat.com] - 133.0.6943.141-1
- Update to 133.0.6943.141
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-eeba8bf9d8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: rizin-0.7.4-5.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f77f6c77a
2025-03-01 01:38:57.010399+00:00
--------------------------------------------------------------------------------

Name : rizin
Product : Fedora 40
Version : 0.7.4
Release : 5.fc40
URL : https://rizin.re/
Summary : UNIX-like reverse engineering framework and command-line tool-set
Description :
Rizin is a free and open-source Reverse Engineering framework, providing a
complete binary analysis experience with features like Disassembler,
Hexadecimal editor, Emulation, Binary inspection, Debugger, and more.

Rizin is a fork of radare2 with a focus on usability, working features and code
cleanliness.

--------------------------------------------------------------------------------
Update Information:

CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic
CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports
CVE-2024-31670 rizin: buffer overflow via create_cache_bins
CVE-2024-31668 rizin: improper neutralization of special elements via meta_set
function
CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due
legacy code
rizin 0.7.2 / cutter-re 2.3.4 (fix changelog)
rizin 0.7.2 / cutter-re 2.3.4
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 19 2025 Peter Oliver [rpm@mavit.org.uk] - 0.7.4-5
- Rebuild against tree-sitter-0.25.2-3.fc43
* Mon Feb 3 2025 Peter Oliver [rpm@mavit.org.uk] - 0.7.4-4
- Rebuild against tree-sitter-0.25.1-6.fc42
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.7.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Tue Dec 31 2024 Michal Ambroz - 0.7.4-2
- bump to version 0.7.4
* Sun Sep 1 2024 Yaakov Selkowitz [yselkowi@redhat.com] - 0.7.3-3
- Rebuilt for tree-sitter 0.23.0
* Fri Jul 19 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.7.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333933 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2333933
[ 2 ] Bug #2333934 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2333934
[ 3 ] Bug #2340020 - cutter-re: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340020
[ 4 ] Bug #2346253 - Non-responsive maintainer check for ret2libc
https://bugzilla.redhat.com/show_bug.cgi?id=2346253
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f77f6c77a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: cutter-re-2.3.4-6.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-6f77f6c77a
2025-03-01 01:38:57.010399+00:00
--------------------------------------------------------------------------------

Name : cutter-re
Product : Fedora 40
Version : 2.3.4
Release : 6.fc40
URL : https://cutter.re/
Summary : GUI for Rizin reverse engineering framework
Description :
Cutter is a Qt and C++ GUI for Rizin. Its goal is making an advanced,
customizable and FOSS reverse-engineering platform while keeping the user
experience at mind. Cutter is created by reverse engineers for reverse
engineers.

--------------------------------------------------------------------------------
Update Information:

CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic
CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports
CVE-2024-31670 rizin: buffer overflow via create_cache_bins
CVE-2024-31668 rizin: improper neutralization of special elements via meta_set
function
CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due
legacy code
rizin 0.7.2 / cutter-re 2.3.4 (fix changelog)
rizin 0.7.2 / cutter-re 2.3.4
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.3.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jan 1 2025 Michal Ambroz - 2.3.4-5
- Rebuild with new version of rizin 0.7.4
* Wed Jul 17 2024 Fedora Release Engineering [releng@fedoraproject.org] - 2.3.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333933 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2333933
[ 2 ] Bug #2333934 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2333934
[ 3 ] Bug #2340020 - cutter-re: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340020
[ 4 ] Bug #2346253 - Non-responsive maintainer check for ret2libc
https://bugzilla.redhat.com/show_bug.cgi?id=2346253
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-6f77f6c77a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: wireshark-4.2.11-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-04475838f9
2025-03-01 01:38:57.010379+00:00
--------------------------------------------------------------------------------

Name : wireshark
Product : Fedora 40
Version : 4.2.11
Release : 1.fc40
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.

It has many powerful features including a rich display filter language
and the ability to reassemble multiple protocol packets in order to, for
example, view a complete TCP stream, save the contents of a file which was
transferred over HTTP or CIFS, or play back an RTP audio stream.

--------------------------------------------------------------------------------
Update Information:

New version 4.2.11
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 20 2025 Michal Ruprich [mruprich@redhat.com] - 1:4.2.11-1
- New version 4.2.11
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2346670 - wireshark-4.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2346670
[ 2 ] Bug #2346741 - CVE-2025-1492 wireshark: Uncontrolled Recursion in Wireshark [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2346741
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-04475838f9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: webkitgtk-2.46.6-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-57805565ad
2025-03-01 01:38:57.010325+00:00
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 40
Version : 2.46.6
Release : 1.fc40
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Update to WebKitGTK 2.46.6:
Fix a crash when enabling Skia CPU rendering.
Fix several crashes and rendering issues.
Fix CVE-2024-54543, CVE-2025-24143, CVE-2025-24150, CVE-2025-24158,
CVE-2025-24162
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 11 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.6-1
- Update to WebKitGTK 2.46.6
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2344951 - CVE-2024-54543 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2344951
[ 2 ] Bug #2344953 - CVE-2025-24162 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2344953
[ 3 ] Bug #2344964 - CVE-2025-24143 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2344964
[ 4 ] Bug #2344967 - CVE-2025-24150 webkitgtk: Copying a URL from Web Inspector may lead to command injection [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2344967
[ 5 ] Bug #2344969 - CVE-2025-24158 webkitgtk: Processing web content may lead to a denial-of-service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2344969
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-57805565ad' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: xen-4.19.1-5.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-20f63c4273
2025-03-01 01:22:54.667856+00:00
--------------------------------------------------------------------------------

Name : xen
Product : Fedora 41
Version : 4.19.1
Release : 5.fc41
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor

--------------------------------------------------------------------------------
Update Information:

deadlock potential with VT-d and legacy PCI device pass-through
[XSA-467, CVE-2025-1713]
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 27 2025 Michael Young [m.a.young@durham.ac.uk] - 4.19.1-5
- deadlock potential with VT-d and legacy PCI device pass-through
[XSA-467, CVE-2025-1713]
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-20f63c4273' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: xorg-x11-server-21.1.16-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b40b12a89e
2025-03-01 01:22:54.667778+00:00
--------------------------------------------------------------------------------

Name : xorg-x11-server
Product : Fedora 41
Version : 21.1.16
Release : 1.fc41
URL : http://www.x.org
Summary : X.Org X11 X server
Description :
X.Org X11 X server.

--------------------------------------------------------------------------------
Update Information:

Update to xserver 21.1.16,
CVE fix for: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596,
CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600,
CVE-2025-26601
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2025 Olivier Fourdan [ofourdan@redhat.com] - 21.1.16-1
- Update to xserver 21.1.16 (#2347558)
- CVE fix for: CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597,
CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601
* Tue Feb 25 2025 Olivier Fourdan [ofourdan@redhat.com] - 21.1.15-3
- Fix DRI2 failure (#2347345)
* Sun Jan 19 2025 Fedora Release Engineering [releng@fedoraproject.org] - 21.1.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2347345 - When trying to start obs in X11 running LXDE, it causes a server abort because an include entry is missing
https://bugzilla.redhat.com/show_bug.cgi?id=2347345
[ 2 ] Bug #2347558 - xorg-x11-server-21.1.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2347558
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b40b12a89e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: chromium-133.0.6943.141-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-25ab311510
2025-03-01 01:22:54.667807+00:00
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 41
Version : 133.0.6943.141
Release : 1.fc41
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to chromium-133.0.6943.141
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 26 2025 Than Ngo [than@redhat.com] - 133.0.6943.141-1
- Update to 133.0.6943.141
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-25ab311510' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: iniparser-4.2.4-3.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-a1d884e467
2025-03-01 01:22:54.667783+00:00
--------------------------------------------------------------------------------

Name : iniparser
Product : Fedora 41
Version : 4.2.4
Release : 3.fc41
URL : https://github.com/ndevilla/iniparser
Summary : C library for parsing "INI-style" files
Description :
iniParser is an ANSI C library to parse "INI-style" files, often used to
hold application configuration information.

--------------------------------------------------------------------------------
Update Information:

Patched libiniparser to fix CVE-2025-0633
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 25 2025 David Cantrell [dcantrell@redhat.com] - 4.2.4-3
- Patch for CVE-2025-0633 - Heap Overflow in iniparser.c (#2346474)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2346474 - CVE-2025-0633 iniparser: Heap Overflow in iniparser.c
https://bugzilla.redhat.com/show_bug.cgi?id=2346474
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-a1d884e467' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: cutter-re-2.3.4-6.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1290a47fff
2025-03-01 01:22:54.667719+00:00
--------------------------------------------------------------------------------

Name : cutter-re
Product : Fedora 41
Version : 2.3.4
Release : 6.fc41
URL : https://cutter.re/
Summary : GUI for Rizin reverse engineering framework
Description :
Cutter is a Qt and C++ GUI for Rizin. Its goal is making an advanced,
customizable and FOSS reverse-engineering platform while keeping the user
experience at mind. Cutter is created by reverse engineers for reverse
engineers.

--------------------------------------------------------------------------------
Update Information:

CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic
CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports
CVE-2024-31670 rizin: buffer overflow via create_cache_bins
CVE-2024-31668 rizin: improper neutralization of special elements via meta_set
function
CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due
legacy code
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 16 2025 Fedora Release Engineering [releng@fedoraproject.org] - 2.3.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Wed Jan 1 2025 Michal Ambroz - 2.3.4-5
- Rebuild with new version of rizin 0.7.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333933 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2333933
[ 2 ] Bug #2333934 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2333934
[ 3 ] Bug #2340020 - cutter-re: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340020
[ 4 ] Bug #2346253 - Non-responsive maintainer check for ret2libc
https://bugzilla.redhat.com/show_bug.cgi?id=2346253
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1290a47fff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: rizin-0.7.4-5.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1290a47fff
2025-03-01 01:22:54.667719+00:00
--------------------------------------------------------------------------------

Name : rizin
Product : Fedora 41
Version : 0.7.4
Release : 5.fc41
URL : https://rizin.re/
Summary : UNIX-like reverse engineering framework and command-line tool-set
Description :
Rizin is a free and open-source Reverse Engineering framework, providing a
complete binary analysis experience with features like Disassembler,
Hexadecimal editor, Emulation, Binary inspection, Debugger, and more.

Rizin is a fork of radare2 with a focus on usability, working features and code
cleanliness.

--------------------------------------------------------------------------------
Update Information:

CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic
CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports
CVE-2024-31670 rizin: buffer overflow via create_cache_bins
CVE-2024-31668 rizin: improper neutralization of special elements via meta_set
function
CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due
legacy code
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 19 2025 Peter Oliver [rpm@mavit.org.uk] - 0.7.4-5
- Rebuild against tree-sitter-0.25.2-3.fc43
* Mon Feb 3 2025 Peter Oliver [rpm@mavit.org.uk] - 0.7.4-4
- Rebuild against tree-sitter-0.25.1-6.fc42
* Sat Jan 18 2025 Fedora Release Engineering [releng@fedoraproject.org] - 0.7.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
* Tue Dec 31 2024 Michal Ambroz - 0.7.4-2
- bump to version 0.7.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2333933 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2333933
[ 2 ] Bug #2333934 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2333934
[ 3 ] Bug #2340020 - cutter-re: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340020
[ 4 ] Bug #2346253 - Non-responsive maintainer check for ret2libc
https://bugzilla.redhat.com/show_bug.cgi?id=2346253
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1290a47fff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: wireshark-4.4.4-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-08e73d463e
2025-03-01 01:22:54.667702+00:00
--------------------------------------------------------------------------------

Name : wireshark
Product : Fedora 41
Version : 4.4.4
Release : 1.fc41
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.

It has many powerful features including a rich display filter language
and the ability to reassemble multiple protocol packets in order to, for
example, view a complete TCP stream, save the contents of a file which was
transferred over HTTP or CIFS, or play back an RTP audio stream.

--------------------------------------------------------------------------------
Update Information:

New version 4.4.4
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 20 2025 Michal Ruprich [mruprich@redhat.com] - 1:4.4.4-1
- New version 4.4.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2346670 - wireshark-4.4.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2346670
[ 2 ] Bug #2346742 - CVE-2025-1492 wireshark: Uncontrolled Recursion in Wireshark [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2346742
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-08e73d463e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: nodejs22-22.14.0-2.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e97e5c6ce3
2025-03-01 01:22:54.667691+00:00
--------------------------------------------------------------------------------

Name : nodejs22
Product : Fedora 41
Version : 22.14.0
Release : 2.fc41
URL : http://nodejs.org/
Summary : JavaScript runtime
Description :
Node.js is a platform built on Chrome's JavaScript runtime \
for easily building fast, scalable network applications. \
Node.js uses an event-driven, non-blocking I/O model that \
makes it lightweight and efficient, perfect for data-intensive \
real-time applications that run across distributed devices.}

--------------------------------------------------------------------------------
Update Information:

update for nodejs22-22.14.0-2
Update to version 22.13.1.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 19 2025 Jan Stan??k [jstanek@redhat.com] - 1:22.14.0-2
- Change the default stream condition to allow for range of Fedoras
- Rename the OPENSSL_NO_ENGINE guard patch to achieve the proper ordering
* Tue Feb 18 2025 tjuhasz [tjuhasz@redhat.com] - 1:22.14.0-1
- update to version 22.14.0 (bz#2344862)
* Thu Jan 23 2025 Jan Stan??k [jstanek@redhat.com] - 1:22.13.1-1
- Update to version 22.13.1 (rhbz#2330256)
* Wed Jan 22 2025 Tomas Juhasz [tjuhasz@redhat.com] - 1:22.13.0-1
- Updated to version 22.13.0
* Fri Jan 17 2025 Fedora Release Engineering [releng@fedoraproject.org] - 1:22.11.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2330256 - nodejs22-22.13.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2330256
[ 2 ] Bug #2341716 - CVE-2025-23083 nodejs22: Node.js Worker Thread Exposure via Diagnostics Channel [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2341716
[ 3 ] Bug #2344862 - nodejs22-22.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2344862
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e97e5c6ce3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


TypeScript 5.8 released

ProcPS, PostgreSQL, Wireshark, and more updates for SUSE

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...