Fedora Linux 8555 Published by

The following updates have been released for Fedora Linux:

Fedora 38 Update: kernel-6.6.6-100.fc38
Fedora 38 Update: perl-CryptX-0.080-1.fc38
Fedora 39 Update: chromium-120.0.6099.109-1.fc39
Fedora 39 Update: kernel-6.6.6-200.fc39
Fedora 39 Update: python-jupyter-server-2.7.2-2.fc39
Fedora 39 Update: perl-CryptX-0.080-1.fc39




Fedora 38 Update: kernel-6.6.6-100.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-a8afe852a3
2023-12-14 01:51:57.490323
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 38
Version : 6.6.6
Release : 100.fc38
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.6.6 stable kernel update reverts the problematic cfg80211 patch that was
brought into the 6.6.5 kernel ---- The 6.6.5 stable kernel update contains a
number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 11 2023 Augusto Caringi [acaringi@redhat.com] [6.6.6-0]
- redhat/configs: Enable UCLAMP_TASK for PipeWire and WirePlumber (Neal Gompa)
- Linux v6.6.6
* Fri Dec 8 2023 Augusto Caringi [acaringi@redhat.com] [6.6.5-0]
- Add io_uring CVE for 6.6.5 (Justin M. Forbes)
- Linux v6.6.5
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2253249 - CVE-2023-6560 kernel: io_uring out of boundary memory access in __io_uaddr_map()
https://bugzilla.redhat.com/show_bug.cgi?id=2253249
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-a8afe852a3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 38 Update: perl-CryptX-0.080-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-b4b9b38f23
2023-12-14 01:51:57.490278
--------------------------------------------------------------------------------

Name : perl-CryptX
Product : Fedora 38
Version : 0.080
Release : 1.fc38
URL : https://metacpan.org/release/CryptX
Summary : Cryptographic toolkit
Description :
This Perl library provides a cryptography based on LibTomCrypt library.

--------------------------------------------------------------------------------
Update Information:

Update to 0.080 Fix CVE-2019-17362 in bundled libtomcrypt
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 4 2023 Xavier Bachelot [xavier@bachelot.org] - 0.080-1
- Update to 0.080 (RHBZ#2242102)
* Mon Oct 2 2023 Xavier Bachelot [xavier@bachelot.org] - 0.079-1
- Update to 0.079 (RHBZ#2241629)
- Fix CVE-2019-17362 in bundled libtomcrypt
- Add upstream patch to fix tests with Math::BigInt 1.999840+ (RHBZ#2240587)
* Fri Aug 25 2023 Xavier Bachelot [xavier@bachelot.org] - 0.078-4
- Don't Requires: perl(Math::BigFloat) for tests subpackage on EL7 (RHBZ#2234802)
* Thu Jul 20 2023 Fedora Release Engineering [releng@fedoraproject.org] - 0.078-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jul 11 2023 Jitka Plesnikova [jplesnik@redhat.com] - 0.078-2
- Perl 5.38 rebuild
* Thu May 11 2023 Xavier Bachelot [xavier@bachelot.org] - 0.078-1
- Update to 0.078 (RHBZ#2120043)
- Convert license to SPDX
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-b4b9b38f23' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 39 Update: chromium-120.0.6099.109-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-1fe02ca797
2023-12-14 01:30:12.883654
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 39
Version : 120.0.6099.109
Release : 1.fc39
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

update to 120.0.6099.109 - High CVE-2023-6702: Type Confusion in V8
- High CVE-2023-6703: Use after free in Blink - High CVE-2023-6704: Use
after free in libavif - High CVE-2023-6705: Use after free in WebRTC
- High CVE-2023-6706: Use after free in FedCM - Medium CVE-2023-6707: Use
after free in CSS ---- Update to 120.0.6099.71
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 13 2023 Than Ngo [than@redhat.com] - 120.0.6099.109-1
- update to 120.0.6099.109
* High CVE-2023-6702: Type Confusion in V8
* High CVE-2023-6703: Use after free in Blink
* High CVE-2023-6704: Use after free in libavif
* High CVE-2023-6705: Use after free in WebRTC
* High CVE-2023-6706: Use after free in FedCM
* Medium CVE-2023-6707: Use after free in CSS
* Fri Dec 8 2023 Than Ngo [than@redhat.com] - 120.0.6099.71-1
- update to 120.0.6099.71
* Wed Dec 6 2023 Than Ngo [than@redhat.com] - 120.0.6099.62-2
- drop unsupported ldflag which caused build failure
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-1fe02ca797' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 39 Update: kernel-6.6.6-200.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-4df366ee80
2023-12-14 01:30:12.883620
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 39
Version : 6.6.6
Release : 200.fc39
URL : https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 6.6.6 stable kernel update reverts the problematic cfg80211 patch that was
brought into the 6.6.5 kernel ---- The 6.6.5 stable kernel update contains a
number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 11 2023 Augusto Caringi [acaringi@redhat.com] [6.6.6-0]
- redhat/configs: Enable UCLAMP_TASK for PipeWire and WirePlumber (Neal Gompa)
- Linux v6.6.6
* Fri Dec 8 2023 Augusto Caringi [acaringi@redhat.com] [6.6.5-0]
- Add io_uring CVE for 6.6.5 (Justin M. Forbes)
- Linux v6.6.5
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2253249 - CVE-2023-6560 kernel: io_uring out of boundary memory access in __io_uaddr_map()
https://bugzilla.redhat.com/show_bug.cgi?id=2253249
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-4df366ee80' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 39 Update: python-jupyter-server-2.7.2-2.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-5beead493f
2023-12-14 01:30:12.883526
--------------------------------------------------------------------------------

Name : python-jupyter-server
Product : Fedora 39
Version : 2.7.2
Release : 2.fc39
URL : https://jupyter-server.readthedocs.io
Summary : The backend for Jupyter web applications
Description :
The Jupyter Server provides the backend (i.e. the core services,
APIs, and REST endpoints) for Jupyter web applications like
Jupyter notebook, JupyterLab, and Voila.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2023-49080 (rhbz#2252897)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 5 2023 Lumir Balhar [lbalhar@redhat.com] - 2.7.2-2
- Security fix for CVE-2023-49080 (rhbz#2252897)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2252897 - CVE-2023-49080 python-jupyter-server: jupyter-server: Server errors include tracebacks with path information [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2252897
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-5beead493f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 39 Update: perl-CryptX-0.080-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-1f0ac1260e
2023-12-14 01:30:12.883518
--------------------------------------------------------------------------------

Name : perl-CryptX
Product : Fedora 39
Version : 0.080
Release : 1.fc39
URL : https://metacpan.org/release/CryptX
Summary : Cryptographic toolkit
Description :
This Perl library provides a cryptography based on LibTomCrypt library.

--------------------------------------------------------------------------------
Update Information:

Update to 0.080 Fix CVE-2019-17362 in bundled libtomcrypt
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 4 2023 Xavier Bachelot [xavier@bachelot.org] - 0.080-1
- Update to 0.080 (RHBZ#2242102)
* Mon Oct 2 2023 Xavier Bachelot [xavier@bachelot.org] - 0.079-1
- Update to 0.079 (RHBZ#2241629)
- Fix CVE-2019-17362 in bundled libtomcrypt
- Add upstream patch to fix tests with Math::BigInt 1.999840+ (RHBZ#2240587)
* Fri Aug 25 2023 Xavier Bachelot [xavier@bachelot.org] - 0.078-4
- Don't Requires: perl(Math::BigFloat) for tests subpackage on EL7 (RHBZ#2234802)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-1f0ac1260e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--