Fedora 38 Update: java-latest-openjdk-21.0.2.0.13-1.rolling.fc38
Fedora 38 Update: ansible-core-2.14.11-2.fc38
Fedora 38 Update: openssh-9.0p1-18.fc38
Fedora 39 Update: java-latest-openjdk-21.0.2.0.13-1.rolling.fc39
Fedora 39 Update: pgadmin4-7.8-3.fc39
Fedora 39 Update: mingw-python-jinja2-3.1.3-1.fc39
Fedora 38 Update: java-latest-openjdk-21.0.2.0.13-1.rolling.fc38
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-031294f746
2024-01-23 01:21:28.284508
--------------------------------------------------------------------------------
Name : java-latest-openjdk
Product : Fedora 38
Version : 21.0.2.0.13
Release : 1.rolling.fc38
URL : http://openjdk.java.net/
Summary : OpenJDK 21 Runtime Environment
Description :
The OpenJDK 21 runtime environment.
--------------------------------------------------------------------------------
Update Information:
Updated to latest security jdk update
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-031294f746' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
Fedora 38 Update: ansible-core-2.14.11-2.fc38
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-cfa5a5cbac
2024-01-23 01:21:28.284499
--------------------------------------------------------------------------------
Name : ansible-core
Product : Fedora 38
Version : 2.14.11
Release : 2.fc38
URL : https://ansible.com
Summary : A radically simple IT automation system
Description :
Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.
This is the base part of ansible (the engine).
--------------------------------------------------------------------------------
Update Information:
Mitigate CVE-2024-0690
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jan 19 2024 Maxwell G [maxwell@gtmx.me] - 2.14.11-2
- Mitigate CVE-2024-0690.
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-cfa5a5cbac' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
Fedora 38 Update: openssh-9.0p1-18.fc38
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-37627e432e
2024-01-23 01:21:28.284261
--------------------------------------------------------------------------------
Name : openssh
Product : Fedora 38
Version : 9.0p1
Release : 18.fc38
URL : http://www.openssh.com/portable.html
Summary : An open source implementation of SSH protocol version 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
--------------------------------------------------------------------------------
Update Information:
Forbid shell metasymbols in username/hostname
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 10 2024 Dmitry Belyavskiy [dbelyavs@redhat.com] - 9.0p1-18
- Forbid shell metasymbols in username/hostname
Resolves: CVE-2023-51385
- Fix Terrapin attack
Resolves: CVE-2023-48795
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-37627e432e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
Fedora 39 Update: java-latest-openjdk-21.0.2.0.13-1.rolling.fc39
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-c8a49099c6
2024-01-23 00:57:15.298681
--------------------------------------------------------------------------------
Name : java-latest-openjdk
Product : Fedora 39
Version : 21.0.2.0.13
Release : 1.rolling.fc39
URL : http://openjdk.java.net/
Summary : OpenJDK 21 Runtime Environment
Description :
The OpenJDK 21 runtime environment.
--------------------------------------------------------------------------------
Update Information:
Updated to latest security jdk update
--------------------------------------------------------------------------------
ChangeLog:
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-c8a49099c6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
Fedora 39 Update: pgadmin4-7.8-3.fc39
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-9818cb2406
2024-01-23 00:57:15.298490
--------------------------------------------------------------------------------
Name : pgadmin4
Product : Fedora 39
Version : 7.8
Release : 3.fc39
URL : https://www.pgadmin.org/
Summary : Administration tool for PostgreSQL
Description :
pgAdmin is the most popular and feature rich Open Source administration and development
platform for PostgreSQL, the most advanced Open Source database in the world.
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2023-26159. ---- Relax requirements.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 14 2024 Sandro Mani [manisandro@gmail.com] - 7.8-3
- Regenerate vendor tarball for newer follow-redirects (CVE-2023-26159)
* Sun Jan 14 2024 Sandro Mani [manisandro@gmail.com] - 7.8-2
- Relax boto3, botocore, psycopg3 requirements
* Sun Oct 22 2023 Sandro Mani [manisandro@gmail.com] - 7.8-1
- Update to 7.8
* Sat Sep 30 2023 Sandro Mani [manisandro@gmail.com] - 7.7-2
- Relax flask-wtf requires
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2256418 - TRIAGE CVE-2023-26159 pgadmin4: follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2256418
[ 2 ] Bug #2258325 - F39FailsToInstall: pgadmin4
https://bugzilla.redhat.com/show_bug.cgi?id=2258325
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-9818cb2406' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
Fedora 39 Update: mingw-python-jinja2-3.1.3-1.fc39
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ab372beea4
2024-01-23 00:57:15.298471
--------------------------------------------------------------------------------
Name : mingw-python-jinja2
Product : Fedora 39
Version : 3.1.3
Release : 1.fc39
URL : https://palletsprojects.com/p/jinja/
Summary : MinGW Windows Python Jinja2 library
Description :
MinGW Windows Python Jinja2 library.
--------------------------------------------------------------------------------
Update Information:
Update to jinja2-3.1.3, fixes CVE-2024-22195.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Jan 14 2024 Sandro Mani [manisandro@gmail.com] - 3.1.3-1
- Update to 3.1.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2257865 - CVE-2024-22195 mingw-python-jinja2: jinja2: HTML attribute injection when passing user input as keys to xmlattr filter [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2257865
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ab372beea4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--