Fedora Linux 8801 Published by

Fedora Linux has implemented a series of security updates, which include squid-6.12-2.fc40, opendmarc-1.4.2-21.fc40, python-werkzeug-3.0.6-1.fc40, xorg-x11-server-1.20.14-36, expat-2.6.4-1.fc41, squid-6.12-2.fc41, opendmarc-1.4.2-21.fc41, python-werkzeug-3.0.6-1.fc41, and squid-6.12-2.fc39:

[SECURITY] Fedora 40 Update: squid-6.12-2.fc40
[SECURITY] Fedora 40 Update: opendmarc-1.4.2-21.fc40
[SECURITY] Fedora 40 Update: python-werkzeug-3.0.6-1.fc40
[SECURITY] Fedora 40 Update: xorg-x11-server-1.20.14-36.fc40
[SECURITY] Fedora 41 Update: expat-2.6.4-1.fc41
[SECURITY] Fedora 41 Update: squid-6.12-2.fc41
[SECURITY] Fedora 41 Update: opendmarc-1.4.2-21.fc41
[SECURITY] Fedora 41 Update: python-werkzeug-3.0.6-1.fc41
[SECURITY] Fedora 39 Update: squid-6.12-2.fc39




[SECURITY] Fedora 40 Update: squid-6.12-2.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-c8dda5112a
2024-11-11 05:08:19.329113
--------------------------------------------------------------------------------

Name : squid
Product : Fedora 40
Version : 6.12
Release : 2.fc40
URL : http://www.squid-cache.org
Summary : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

--------------------------------------------------------------------------------
Update Information:

new version 6.12
important security update
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 1 2024 Luboš Uhliarik - 7:6.12-2
- Disable ESI support since ESI support has been also removed from squid 7
- Resolves: CVE-2024-45802 squid: Denial of Service processing ESI
response content
* Wed Oct 23 2024 Luboš Uhliarik - 7:6.12-1
- new version 6.12
- Fix TCP_MISS_ABORTED/100 erros when uploading
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2312498 - squid-6.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2312498
[ 2 ] Bug #2322214 - CVE-2024-45802 squid: Denial of Service processing ESI response content [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322214
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-c8dda5112a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: opendmarc-1.4.2-21.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-044dcdff8e
2024-11-11 05:08:19.329099
--------------------------------------------------------------------------------

Name : opendmarc
Product : Fedora 40
Version : 1.4.2
Release : 21.fc40
URL : http://www.trusteddomain.org/opendmarc.html
Summary : A DMARC milter and library
Description :
OpenDMARC (Domain-based Message Authentication, Reporting & Conformance)
provides an open source library that implements the DMARC verification
service plus a milter-based filter application that can plug in to any
milter-aware MTA, including sendmail, Postfix, or any other MTA that supports
the milter protocol.

The DMARC sender authentication system is still a draft standard, working
towards RFC status.

The database schema required for some functions is provided in
/usr/share/opendmarc/db. The rddmarc tools are provided in
/usr/share/opendmarc/contrib/rddmarc.

--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2024-25768 - Closes rhbz#2266175 rhbz#2266174
Convert to %autorelease and %autochangelog
Simplify spec
Remove checks on if systemd is present
Remove checks on old Fedora releases
Remove checks on EL7 or older
Use %make macros
Other misc changes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 30 2024 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 1.4.2-21
- Fix for CVE-2024-25768 - Closes rhbz#2266175 rhbz#2266174
* Tue Oct 29 2024 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 1.4.2-15
- Simplify spec
- Remove checks on if systemd is present
- Remove checks on old Fedora releases
- Remove checks on EL7 or older
- Use make macros
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 1.4.2-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-044dcdff8e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: python-werkzeug-3.0.6-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-5cf9589726
2024-11-11 05:08:19.329070
--------------------------------------------------------------------------------

Name : python-werkzeug
Product : Fedora 40
Version : 3.0.6
Release : 1.fc40
URL : https://werkzeug.palletsprojects.com
Summary : Comprehensive WSGI web application library
Description :
Werkzeug
========

Werkzeug started as simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI utility
modules. It includes a powerful debugger, full featured request and
response objects, HTTP utilities to handle entity tags, cache control
headers, HTTP dates, cookie handling, file uploads, a powerful URL
routing system and a bunch of community contributed addon modules.

Werkzeug is unicode aware and doesn't enforce a specific template
engine, database adapter or anything else. It doesn't even enforce
a specific way of handling requests and leaves all that up to the
developer. It's most useful for end user applications which should work
on as many server environments as possible (such as blogs, wikis,
bulletin boards, etc.).

--------------------------------------------------------------------------------
Update Information:

Update to 3.0.6
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 1 2024 František Zatloukal - 3.0.6-1
- Update to 3.0.6
* Thu Oct 10 2024 Troy Dawson - 3.0.4-3
- Fix License: python-werkzeug uses BSD-3-Clause
* Wed Sep 4 2024 Miroslav Suchý - 3.0.4-2
- convert license to SPDX
* Thu Aug 22 2024 František Zatloukal - 3.0.4-1
- Update to 3.0.4 (RHBZ#2307082)
* Fri Jul 19 2024 Fedora Release Engineering - 3.0.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
* Fri Jun 7 2024 Python Maint - 3.0.3-3
- Rebuilt for Python 3.13
* Fri Jun 7 2024 Python Maint - 3.0.3-2
- Bootstrap for Python 3.13
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-5cf9589726' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: xorg-x11-server-1.20.14-36.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-1ab3e0f8b5
2024-11-11 05:08:19.328991
--------------------------------------------------------------------------------

Name : xorg-x11-server
Product : Fedora 40
Version : 1.20.14
Release : 36.fc40
URL : http://www.x.org
Summary : X.Org X11 X server
Description :
X.Org X11 X server

--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2024-9632
--------------------------------------------------------------------------------
ChangeLog:

* Tue Oct 29 2024 José Expósito - 1.20.14-36
- CVE fix for CVE-2024-9632
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-1ab3e0f8b5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: expat-2.6.4-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ccc5045ab9
2024-11-11 02:18:50.551758
--------------------------------------------------------------------------------

Name : expat
Product : Fedora 41
Version : 2.6.4
Release : 1.fc41
URL : https://libexpat.github.io/
Summary : An XML parser library
Description :
This is expat, the C library for parsing XML, written by James Clark. Expat
is a stream oriented XML parser. This means that you register handlers with
the parser prior to starting the parse. These handlers are called when the
parser discovers the associated structures in the document being parsed. A
start tag is an example of the kind of structures for which you may
register handlers.

--------------------------------------------------------------------------------
Update Information:

Rebase to version 2.6.4
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 7 2024 Tomas Korbar [tkorbar@redhat.com] - 2.6.4-1
- Rebase to version 2.6.4
- Resolves: CVE-2024-50602
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ccc5045ab9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: squid-6.12-2.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4a05e3cd17
2024-11-11 02:18:50.551538
--------------------------------------------------------------------------------

Name : squid
Product : Fedora 41
Version : 6.12
Release : 2.fc41
URL : http://www.squid-cache.org
Summary : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

--------------------------------------------------------------------------------
Update Information:

new version 6.12
important security update
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 1 2024 Luboš Uhliarik - 7:6.12-2
- Disable ESI support since ESI support has been also removed from squid 7
- Resolves: CVE-2024-45802 squid: Denial of Service processing ESI
response content
* Wed Oct 23 2024 Luboš Uhliarik - 7:6.12-1
- new version 6.12
- Fix TCP_MISS_ABORTED/100 erros when uploading
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2312498 - squid-6.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2312498
[ 2 ] Bug #2322214 - CVE-2024-45802 squid: Denial of Service processing ESI response content [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322214
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4a05e3cd17' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 41 Update: opendmarc-1.4.2-21.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-513cf04db3
2024-11-11 02:18:50.551505
--------------------------------------------------------------------------------

Name : opendmarc
Product : Fedora 41
Version : 1.4.2
Release : 21.fc41
URL : http://www.trusteddomain.org/opendmarc.html
Summary : A DMARC milter and library
Description :
OpenDMARC (Domain-based Message Authentication, Reporting & Conformance)
provides an open source library that implements the DMARC verification
service plus a milter-based filter application that can plug in to any
milter-aware MTA, including sendmail, Postfix, or any other MTA that supports
the milter protocol.

The DMARC sender authentication system is still a draft standard, working
towards RFC status.

The database schema required for some functions is provided in
/usr/share/opendmarc/db. The rddmarc tools are provided in
/usr/share/opendmarc/contrib/rddmarc.

--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2024-25768 - Closes rhbz#2266175 rhbz#2266174
Convert to %autorelease and %autochangelog
Simplify spec
Remove checks on if systemd is present
Remove checks on old Fedora releases
Remove checks on EL7 or older
Use %make macros
Other misc changes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 30 2024 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 1.4.2-21
- Fix for CVE-2024-25768 - Closes rhbz#2266175 rhbz#2266174
* Tue Oct 29 2024 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 1.4.2-15
- Simplify spec
- Remove checks on if systemd is present
- Remove checks on old Fedora releases
- Remove checks on EL7 or older
- Use make macros
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-513cf04db3' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: python-werkzeug-3.0.6-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-08eb67ed86
2024-11-11 02:18:50.551478
--------------------------------------------------------------------------------

Name : python-werkzeug
Product : Fedora 41
Version : 3.0.6
Release : 1.fc41
URL : https://werkzeug.palletsprojects.com
Summary : Comprehensive WSGI web application library
Description :
Werkzeug
========

Werkzeug started as simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI utility
modules. It includes a powerful debugger, full featured request and
response objects, HTTP utilities to handle entity tags, cache control
headers, HTTP dates, cookie handling, file uploads, a powerful URL
routing system and a bunch of community contributed addon modules.

Werkzeug is unicode aware and doesn't enforce a specific template
engine, database adapter or anything else. It doesn't even enforce
a specific way of handling requests and leaves all that up to the
developer. It's most useful for end user applications which should work
on as many server environments as possible (such as blogs, wikis,
bulletin boards, etc.).

--------------------------------------------------------------------------------
Update Information:

Update to 3.0.6
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 1 2024 František Zatloukal - 3.0.6-1
- Update to 3.0.6
* Thu Oct 10 2024 Troy Dawson - 3.0.4-3
- Fix License: python-werkzeug uses BSD-3-Clause
* Wed Sep 4 2024 Miroslav Suchý - 3.0.4-2
- convert license to SPDX
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-08eb67ed86' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 39 Update: squid-6.12-2.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-b73b600af7
2024-11-11 01:45:10.188213
--------------------------------------------------------------------------------

Name : squid
Product : Fedora 39
Version : 6.12
Release : 2.fc39
URL : http://www.squid-cache.org
Summary : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

--------------------------------------------------------------------------------
Update Information:

new version 6.12
important security update
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 1 2024 Luboš Uhliarik - 7:6.12-2
- Disable ESI support since ESI support has been also removed from squid 7
- Resolves: CVE-2024-45802 squid: Denial of Service processing ESI
response content
* Wed Oct 23 2024 Luboš Uhliarik - 7:6.12-1
- new version 6.12
- Fix TCP_MISS_ABORTED/100 erros when uploading
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2312498 - squid-6.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2312498
[ 2 ] Bug #2322214 - CVE-2024-45802 squid: Denial of Service processing ESI response content [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2322214
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-b73b600af7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------