Fedora Linux 8791 Published by

The following security updates have been released for Fedora Linux:

[SECURITY] Fedora 39 Update: seamonkey-2.53.19-1.fc39
[SECURITY] Fedora 39 Update: wireshark-4.0.17-1.fc39
[SECURITY] Fedora 40 Update: iwd-2.21-1.fc40
[SECURITY] Fedora 40 Update: libell-0.69-1.fc40
[SECURITY] Fedora 40 Update: bluez-5.78-1.fc40
[SECURITY] Fedora 40 Update: linux-firmware-20240909-1.fc40
[SECURITY] Fedora 40 Update: vim-9.1.719-1.fc40
[SECURITY] Fedora 40 Update: wireshark-4.2.7-1.fc40




[SECURITY] Fedora 39 Update: seamonkey-2.53.19-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-94f6f1b500
2024-09-11 01:49:03.839094
--------------------------------------------------------------------------------

Name : seamonkey
Product : Fedora 39
Version : 2.53.19
Release : 1.fc39
URL : http://www.seamonkey-project.org
Summary : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite (previously made
popular by Netscape and Mozilla). It includes an Internet browser,
advanced e-mail, newsgroup and feed client, a calendar, IRC client,
HTML editor and a tool to inspect the DOM for web pages. It is derived
from the application formerly known as Mozilla Application Suite.

--------------------------------------------------------------------------------
Update Information:

Update to 2.53.19
--------------------------------------------------------------------------------
ChangeLog:

* Sat Aug 31 2024 Dmitry Butskoy [Dmitry@Butskoy.name] 2.53.19-1
- update to 2.53.19
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-94f6f1b500' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 39 Update: wireshark-4.0.17-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-68faaf3451
2024-09-11 01:49:03.839073
--------------------------------------------------------------------------------

Name : wireshark
Product : Fedora 39
Version : 4.0.17
Release : 1.fc39
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.

It has many powerful features including a rich display filter language
and the ability to reassemble multiple protocol packets in order to, for
example, view a complete TCP stream, save the contents of a file which was
transferred over HTTP or CIFS, or play back an RTP audio stream.

--------------------------------------------------------------------------------
Update Information:

New version 4.0.17, fix for CVE-2024-8250
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 29 2024 Michal Ruprich [mruprich@redhat.com] - 1:4.0.17-1
- New version 4.0.17
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2298524 - wireshark-4.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2298524
[ 2 ] Bug #2308431 - CVE-2024-8250 wireshark: NTLMSSP dissector crash [fedora-39]
https://bugzilla.redhat.com/show_bug.cgi?id=2308431
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-68faaf3451' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: iwd-2.21-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-223428e702
2024-09-11 01:24:10.952377
--------------------------------------------------------------------------------

Name : iwd
Product : Fedora 40
Version : 2.21
Release : 1.fc40
URL : https://iwd.wiki.kernel.org/
Summary : Wireless daemon for Linux
Description :
The daemon and utilities for controlling and configuring the Wi-Fi network
hardware.

--------------------------------------------------------------------------------
Update Information:

libell 0.69:
Add support for getting remaining microseconds left on a timer.
Add support for setting link MTU on a network interface.
iwd 2.21:
Fix issue with pending scan requests after regdom update.
Fix issue with handling the rearming of the roaming timeout.
Fix issue with survey request and externally triggered scans.
Fix issue with RSSI fallback when setting CQM threshold fails.
Fix issue with FT-over-Air without offchannel support.
Add support for per station Affinities property.
bluez 5.78:
Fix issue with handling notification of scanned BISes to BASS
Fix issue with handling checking BIS caps against peer caps.
Fix issue with handling MGMT Set Device Flags overwrites.
Fix issue with handling ASE notification order.
Fix issue with handling BIG Info report events.
Fix issue with handling PACS Server role.
Fix issue with registering UHID_START multiple times.
Fix issue with pairing method not setting auto-connect.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 9 2024 Peter Robinson - 2.21-1
- Update to 2.21
* Mon Sep 2 2024 Miroslav Suchý - 2.20-2
- convert license to SPDX
* Thu Aug 29 2024 Peter Robinson - 2.20-1
- Update to 2.20
* Thu Jul 18 2024 Fedora Release Engineering - 2.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2294016 - CVE-2023-52424 iwd: 802.11: SSID Confusion attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2294016
[ 2 ] Bug #2307290 - libell-0.68 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2307290
[ 3 ] Bug #2310802 - libell-0.69 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2310802
[ 4 ] Bug #2310805 - iwd-2.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2310805
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-223428e702' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: libell-0.69-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-223428e702
2024-09-11 01:24:10.952377
--------------------------------------------------------------------------------

Name : libell
Product : Fedora 40
Version : 0.69
Release : 1.fc40
URL : https://01.org/ell
Summary : Embedded Linux library
Description :
The Embedded Linux* Library (ELL) provides core, low-level functionality for
system daemons. It typically has no dependencies other than the Linux kernel, C
standard library, and libdl (for dynamic linking). While ELL is designed to be
efficient and compact enough for use on embedded Linux platforms, it is not
limited to resource-constrained systems.

--------------------------------------------------------------------------------
Update Information:

libell 0.69:
Add support for getting remaining microseconds left on a timer.
Add support for setting link MTU on a network interface.
iwd 2.21:
Fix issue with pending scan requests after regdom update.
Fix issue with handling the rearming of the roaming timeout.
Fix issue with survey request and externally triggered scans.
Fix issue with RSSI fallback when setting CQM threshold fails.
Fix issue with FT-over-Air without offchannel support.
Add support for per station Affinities property.
bluez 5.78:
Fix issue with handling notification of scanned BISes to BASS
Fix issue with handling checking BIS caps against peer caps.
Fix issue with handling MGMT Set Device Flags overwrites.
Fix issue with handling ASE notification order.
Fix issue with handling BIG Info report events.
Fix issue with handling PACS Server role.
Fix issue with registering UHID_START multiple times.
Fix issue with pairing method not setting auto-connect.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 9 2024 Peter Robinson [pbrobinson@gmail.com] - 0.69-1
- Update to 0.69
* Thu Aug 29 2024 Peter Robinson [pbrobinson@gmail.com] - 0.68-1
- Update to 0.68
* Thu Jul 18 2024 Fedora Release Engineering [releng@fedoraproject.org] - 0.67-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2294016 - CVE-2023-52424 iwd: 802.11: SSID Confusion attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2294016
[ 2 ] Bug #2307290 - libell-0.68 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2307290
[ 3 ] Bug #2310802 - libell-0.69 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2310802
[ 4 ] Bug #2310805 - iwd-2.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2310805
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-223428e702' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: bluez-5.78-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-223428e702
2024-09-11 01:24:10.952377
--------------------------------------------------------------------------------

Name : bluez
Product : Fedora 40
Version : 5.78
Release : 1.fc40
URL : http://www.bluez.org/
Summary : Bluetooth utilities
Description :
Utilities for use in Bluetooth applications:
- avinfo
- bluemoon
- bluetoothctl
- bluetoothd
- btattach
- btmon
- hex2hcd
- mpris-proxy

The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A.

--------------------------------------------------------------------------------
Update Information:

libell 0.69:
Add support for getting remaining microseconds left on a timer.
Add support for setting link MTU on a network interface.
iwd 2.21:
Fix issue with pending scan requests after regdom update.
Fix issue with handling the rearming of the roaming timeout.
Fix issue with survey request and externally triggered scans.
Fix issue with RSSI fallback when setting CQM threshold fails.
Fix issue with FT-over-Air without offchannel support.
Add support for per station Affinities property.
bluez 5.78:
Fix issue with handling notification of scanned BISes to BASS
Fix issue with handling checking BIS caps against peer caps.
Fix issue with handling MGMT Set Device Flags overwrites.
Fix issue with handling ASE notification order.
Fix issue with handling BIG Info report events.
Fix issue with handling PACS Server role.
Fix issue with registering UHID_START multiple times.
Fix issue with pairing method not setting auto-connect.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 9 2024 Peter Robinson [pbrobinson@fedoraproject.org] - 5.78-1
- Update to 5.78
* Wed Jul 17 2024 Fedora Release Engineering [releng@fedoraproject.org] - 5.77-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2294016 - CVE-2023-52424 iwd: 802.11: SSID Confusion attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2294016
[ 2 ] Bug #2307290 - libell-0.68 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2307290
[ 3 ] Bug #2310802 - libell-0.69 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2310802
[ 4 ] Bug #2310805 - iwd-2.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2310805
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-223428e702' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: linux-firmware-20240909-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-f32e633786
2024-09-11 01:24:10.952370
--------------------------------------------------------------------------------

Name : linux-firmware
Product : Fedora 40
Version : 20240909
Release : 1.fc40
URL : http://www.kernel.org/
Summary : Firmware files used by the Linux kernel
Description :
This package includes firmware files required for some devices to
operate.

--------------------------------------------------------------------------------
Update Information:

Update to upstream 20240909:
i915: Update MTL DMC v2.23
cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops
amdgpu: Revert sienna cichlid dmcub firmware update
iwlwifi: add Bz FW for core89-58 release
rtl_nic: add firmware rtl8126a-3
update MT7921 WiFi/bluetooth device firmware
amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351
amdgpu: DMCUB updates forvarious AMDGPU ASICs
rtw89: 8922a: add fw format-1 v0.35.41.0
update MT7925 WiFi/bluetooth device firmware
rtl_bt: Add firmware and config files for RTL8922A
rtl_bt: Add firmware file for the the RTL8723CS Bluetooth part
rtl_bt: de-dupe identical config.bin files
rename rtl8723bs_config-OBDA8723.bin -> rtl_bt/rtl8723bs_config.bin
Update AMD SEV firmware
update firmware for MT7996
Revert "i915: Update MTL DMC v2.22"
ath12k: WCN7850 hw2.0: update board-2.bin
ath11k: WCN6855 hw2.0: update to
WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41
ath11k: WCN6855 hw2.0: update board-2.bin
ath11k: QCA2066 hw2.1: add to
WLAN.HSP.1.1-03926.13-QCAHSPSWPL_V2_SILICONZ_CE-2.52297.3
ath11k: QCA2066 hw2.1: add board-2.bin
ath11k: IPQ5018 hw1.0: update to WLAN.HK.2.6.0.1-01291-QCAHKSWPL_SILICONZ-1
qcom: vpu: add video firmware for sa8775p
amdgpu: DMCUB updates for various AMDGPU ASICs
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 9 2024 Peter Robinson - 20240909-1
- Update to upstream 20240909
- i915: Update MTL DMC v2.23
- cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops
- amdgpu: Revert sienna cichlid dmcub firmware update
- iwlwifi: add Bz FW for core89-58 release
- rtl_nic: add firmware rtl8126a-3
- update MT7921 WiFi/bluetooth device firmware
- amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351
- amdgpu: DMCUB updates forvarious AMDGPU ASICs
- rtw89: 8922a: add fw format-1 v0.35.41.0
- update MT7925 WiFi/bluetooth device firmware
- rtl_bt: Add firmware and config files for RTL8922A
- rtl_bt: Add firmware file for the the RTL8723CS Bluetooth part
- rtl_bt: de-dupe identical config.bin files
- rename rtl8723bs_config-OBDA8723.bin -> rtl_bt/rtl8723bs_config.bin
- Update AMD SEV firmware
- update firmware for MT7996
- Revert "i915: Update MTL DMC v2.22"
- ath12k: WCN7850 hw2.0: update board-2.bin
- ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41
- ath11k: WCN6855 hw2.0: update board-2.bin
- ath11k: QCA2066 hw2.1: add to WLAN.HSP.1.1-03926.13-QCAHSPSWPL_V2_SILICONZ_CE-2.52297.3
- ath11k: QCA2066 hw2.1: add board-2.bin
- ath11k: IPQ5018 hw1.0: update to WLAN.HK.2.6.0.1-01291-QCAHKSWPL_SILICONZ-1
- qcom: vpu: add video firmware for sa8775p
- amdgpu: DMCUB updates for various AMDGPU ASICs
* Mon Sep 2 2024 Miroslav Suchý - 20240811-3
- convert license to SPDX
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2306155 - CVE-2023-31315 linux-firmware: SMM Lock Bypass [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2306155
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-f32e633786' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



[SECURITY] Fedora 40 Update: vim-9.1.719-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-1f3759becc
2024-09-11 01:24:10.952348
--------------------------------------------------------------------------------

Name : vim
Product : Fedora 40
Version : 9.1.719
Release : 1.fc40
URL : http://www.vim.org/
Summary : The VIM editor
Description :
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2024-45306
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 6 2024 Zdenek Dohnal [zdohnal@redhat.com] - 2:9.1.719-1
- patchlevel 719
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2309344 - CVE-2024-45306 vim: heap-buffer-overflow in Vim [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2309344
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-1f3759becc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: wireshark-4.2.7-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-105eb3026f
2024-09-11 01:24:10.952211
--------------------------------------------------------------------------------

Name : wireshark
Product : Fedora 40
Version : 4.2.7
Release : 1.fc40
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.

It has many powerful features including a rich display filter language
and the ability to reassemble multiple protocol packets in order to, for
example, view a complete TCP stream, save the contents of a file which was
transferred over HTTP or CIFS, or play back an RTP audio stream.

--------------------------------------------------------------------------------
Update Information:

New version 4.2.7, fix for CVE-2024-8250
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 29 2024 Michal Ruprich [mruprich@redhat.com] - 1:4.2.7-1
- New version 4.2.7
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2298524 - wireshark-4.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2298524
[ 2 ] Bug #2308432 - CVE-2024-8250 wireshark: NTLMSSP dissector crash [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2308432
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-105eb3026f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--