Fedora Linux 8797 Published by

The following security updates have been released for Fedora Linux 40:

[SECURITY] Fedora 40 Update: firefox-129.0-1.fc40
[SECURITY] Fedora 40 Update: nss-3.103.0-1.fc40
[SECURITY] Fedora 40 Update: python3.13-3.13.0~rc1-2.fc40
[SECURITY] Fedora 40 Update: neatvnc-0.8.1-1.fc40




[SECURITY] Fedora 40 Update: firefox-129.0-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-7f0a88301b
2024-08-12 01:37:03.479573
--------------------------------------------------------------------------------

Name : firefox
Product : Fedora 40
Version : 129.0
Release : 1.fc40
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

--------------------------------------------------------------------------------
Update Information:

Update NSS to 3.103.0
Update to Firefox 129.0
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 30 2024 Martin Stransky [stransky@redhat.com] - 129.0-1
- Update to 129.0
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-7f0a88301b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: nss-3.103.0-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-7f0a88301b
2024-08-12 01:37:03.479573
--------------------------------------------------------------------------------

Name : nss
Product : Fedora 40
Version : 3.103.0
Release : 1.fc40
URL : http://www.mozilla.org/projects/security/pki/nss/
Summary : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

--------------------------------------------------------------------------------
Update Information:

Update NSS to 3.103.0
Update to Firefox 129.0
--------------------------------------------------------------------------------
ChangeLog:

* Mon Aug 5 2024 Frantisek Krenzelok [krenzelok.frantisek@gmail.com] - 3.103.0-1
- Update NSS to 3.103.0
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-7f0a88301b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: python3.13-3.13.0~rc1-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-bec5d0df1f
2024-08-12 01:37:03.479549
--------------------------------------------------------------------------------

Name : python3.13
Product : Fedora 40
Version : 3.13.0~rc1
Release : 2.fc40
URL : https://www.python.org/
Summary : Version 3.13 of the Python interpreter
Description :
Python 3.13 is an accessible, high-level, dynamically typed, interpreted
programming language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3.13 package provides the "python3.13" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3.13-libs package,
which should be installed automatically along with python3.13.
The remaining parts of the Python standard library are broken out into the
python3.13-tkinter and python3.13-test packages, which may need to be installed
separately.

Documentation for Python is provided in the python3.13-docs package.

Packages containing additional libraries for Python are generally named with
the "python3.13-" prefix.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-6923.
Fix SystemError in PyEval_GetLocals()
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 6 2024 Miro Hrončok - 3.13.0~rc1-2
- Fix SystemError in PyEval_GetLocals()
- Fixes: rhbz#2303107
- Security fix for CVE-2024-6923
- Fixes: rhbz#2303160
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2302255 - CVE-2024-6923 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
https://bugzilla.redhat.com/show_bug.cgi?id=2302255
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-bec5d0df1f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: neatvnc-0.8.1-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-1fbf7f22e0
2024-08-12 01:37:03.479356
--------------------------------------------------------------------------------

Name : neatvnc
Product : Fedora 40
Version : 0.8.1
Release : 1.fc40
URL : https://github.com/any1/neatvnc
Summary : a liberally licensed VNC server library
Description :

This is a liberally licensed VNC server library that's intended to be
fast and neat. Note: This is a beta release, so the interface is not
yet stable.

--------------------------------------------------------------------------------
Update Information:

new version RHBZ #2302449,2302450
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 2 2024 Bob Hepple [bob.hepple@gmail.com] - 0.8.1-1
- new version RHBZ #2302449,2302450
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.8.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2302449 - CVE-2024-42458 neatvnc: improper validation of chosen security type [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2302449
[ 2 ] Bug #2302450 - CVE-2024-42458 neatvnc: improper validation of chosen security type [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2302450
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-1fbf7f22e0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--