Fedora Linux 8799 Published by

Fedora Linux has been updated with multiple security enhancements, including mysql8.0-8.0.40-1.fc40, polkit-125-1.fc41.1, webkitgtk-2.46.3-1.fc41, krb5-1.21.3-3.fc41, and mysql8.0-8.0.40-1.fc41:

Fedora 40 Update: mysql8.0-8.0.40-1.fc40
Fedora 41 Update: polkit-125-1.fc41.1
Fedora 41 Update: webkitgtk-2.46.3-1.fc41
Fedora 41 Update: krb5-1.21.3-3.fc41
Fedora 41 Update: mysql8.0-8.0.40-1.fc41




[SECURITY] Fedora 40 Update: mysql8.0-8.0.40-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-0c1c9227e5
2024-11-02 03:31:37.798139
--------------------------------------------------------------------------------

Name : mysql8.0
Product : Fedora 40
Version : 8.0.40
Release : 1.fc40
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.

--------------------------------------------------------------------------------
Update Information:

MySQL 8.0.40
Release notes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-40.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct 21 2024 Lars Tangvald [lars.tangvald@oracle.com] - 8.0.40-1
- Update to MySQL 8.0.40
- Use auto* macros to simplify patch mgt
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2319437 - mysql8.0: Oracle CPU 2024-10 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2319437
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-0c1c9227e5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: polkit-125-1.fc41.1


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-d2e583eab4
2024-11-02 02:23:24.193176
--------------------------------------------------------------------------------

Name : polkit
Product : Fedora 41
Version : 125
Release : 1.fc41.1
URL : https://github.com/polkit-org/polkit
Summary : An authorization framework
Description :
polkit is a toolkit for defining and handling authorizations. It is
used for allowing unprivileged processes to speak to privileged
processes.

--------------------------------------------------------------------------------
Update Information:

Setting loglevels and target via LogControl now allowed to root only
https://github.com/polkit-org/polkit/issues/506
https://github.com/polkit-org/polkit/issues/507
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 31 2024 Jan Rybar [jrybar@redhat.com] - 125-1.1
- Setting loglevels and target via LogControl now allowed to root only
- dropped %attr from /usr/share/polkit-1
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-d2e583eab4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: webkitgtk-2.46.3-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4e0b4ce6ad
2024-11-02 02:23:24.193161
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 41
Version : 2.46.3
Release : 1.fc41
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Update to WebKitGTK 2.46.3:
Flatten layers to a plane when preseve-3d style is set.
Fix DuckDuckGo links by adding a user agent quirk.
Fix several crashes and rendering issues.
Fixes: CVE-2024-44244, CVE-2024-44296
Changes from WebKitGTK 2.46.2:
Own well-known bus name on a11y bus.
Improve memory consumption when putImageData is used repeatedly on accelerated
canvas.
Disable cached web process suspension for now to prevent leaks.
Improve text kerning with different combinations of antialias and hinting
settings.
Destroy all network sessions on process exit.
Fix visible rectangle calculation when there are animations.
Fix the build with ENABLE_NOTIFICATIONS=OFF.
Fix several crashes and rendering issues.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 30 2024 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.3-1
- Update to 2.46.3
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2323288 - CVE-2024-44244 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2323288
[ 2 ] Bug #2323301 - CVE-2024-44296 webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2323301
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4e0b4ce6ad' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: krb5-1.21.3-3.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-c0961d31b8
2024-11-02 02:23:24.193115
--------------------------------------------------------------------------------

Name : krb5
Product : Fedora 41
Version : 1.21.3
Release : 3.fc41
URL : https://web.mit.edu/kerberos/www/
Summary : The Kerberos network authentication system
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of sending passwords over the network in unencrypted form.

--------------------------------------------------------------------------------
Update Information:

Security:
CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad (support for
Message-Authenticator attribute)
Marvin attack: Removal of the "RSA" method for PKINIT
Fix of miscellaneous mistakes in the code
Enhancement:
Rework of TCP request timeout (disabled by default, global timeout setting
added)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 30 2024 Julien Rische [jrische@redhat.com] - 1.21.3-3
- libkrad: implement support for Message-Authenticator (CVE-2024-3596)
Resolves: rhbz#2304071
- Fix various issues detected by static analysis
Resolves: rhbz#2322704
- Remove RSA protocol for PKINIT
Resolves: rhbz#2322706
- Make TCP waiting time configurable
Resolves: rhbz#2322711
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2304071 - libkrad: implement support for Message-Authenticator (CVE-2024-3596)
https://bugzilla.redhat.com/show_bug.cgi?id=2304071
[ 2 ] Bug #2322704 - Fix various issues detected by static analysis
https://bugzilla.redhat.com/show_bug.cgi?id=2322704
[ 3 ] Bug #2322706 - Remove RSA protocol for PKINIT
https://bugzilla.redhat.com/show_bug.cgi?id=2322706
[ 4 ] Bug #2322711 - Make TCP waiting time configurable
https://bugzilla.redhat.com/show_bug.cgi?id=2322711
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-c0961d31b8' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: mysql8.0-8.0.40-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-9bef6cc6d4
2024-11-02 02:23:24.193044
--------------------------------------------------------------------------------

Name : mysql8.0
Product : Fedora 41
Version : 8.0.40
Release : 1.fc41
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.

--------------------------------------------------------------------------------
Update Information:

MySQL 8.0.40
Release notes:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-40.html
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct 21 2024 Lars Tangvald [lars.tangvald@oracle.com] - 8.0.40-1
- Update to MySQL 8.0.40
- Use auto* macros to simplify patch mgt
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2319437 - mysql8.0: Oracle CPU 2024-10 [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2319437
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-9bef6cc6d4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--