Fedora Linux 8791 Published by

Security updates for Fedora Linux now include webkitgtk-2.46.4-1.fc41, wireshark-4.4.2-1.fc41, qbittorrent-5.0.2-1.fc40, and wireshark-4.2.9-1.fc40:

Fedora 41 Update: webkitgtk-2.46.4-1.fc41
Fedora 41 Update: wireshark-4.4.2-1.fc41
Fedora 40 Update: qbittorrent-5.0.2-1.fc40
Fedora 40 Update: wireshark-4.2.9-1.fc40




[SECURITY] Fedora 41 Update: webkitgtk-2.46.4-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-472d01833c
2024-12-01 03:51:42.913790+00:00
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 41
Version : 2.46.4
Release : 1.fc41
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Improve memory consumption and performance of Canvas getImageData.
Fix preserve-3D intersection rendering.
Fix video dimensions since GStreamer 1.24.9.
Fix the HTTP-based remote Web Inspector not loading in Chromium.
Fix content filters not working on about:blank iframes.
Fix several crashes and rendering issues.
Fix CVE-2024-44308, CVE-2024-44309
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 27 2024 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.4-1
- Update to 2.46.4
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2327930 - CVE-2024-44309 webkitgtk: data isolation bypass vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2327930
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-472d01833c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 41 Update: wireshark-4.4.2-1.fc41


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-f9f740bc60
2024-12-01 03:51:42.913669+00:00
--------------------------------------------------------------------------------

Name : wireshark
Product : Fedora 41
Version : 4.4.2
Release : 1.fc41
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.

It has many powerful features including a rich display filter language
and the ability to reassemble multiple protocol packets in order to, for
example, view a complete TCP stream, save the contents of a file which was
transferred over HTTP or CIFS, or play back an RTP audio stream.

--------------------------------------------------------------------------------
Update Information:

New version 4.4.2
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 21 2024 Michal Ruprich [mruprich@redhat.com] - 1:4.4.2-1
- New version 4.4.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2327682 - wireshark-4.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2327682
[ 2 ] Bug #2327790 - CVE-2024-11596 wireshark: Buffer Over-read in Wireshark [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2327790
[ 3 ] Bug #2327792 - CVE-2024-11595 wireshark: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2327792
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-f9f740bc60' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: qbittorrent-5.0.2-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-ab5ad835c1
2024-12-01 03:37:40.166848+00:00
--------------------------------------------------------------------------------

Name : qbittorrent
Product : Fedora 40
Version : 5.0.2
Release : 1.fc40
URL : https://www.qbittorrent.org
Summary : A Bittorrent Client
Description :
A Bittorrent client using rb_libtorrent and a Qt6 Graphical User Interface.
It aims to be as fast as possible and to provide multi-OS, unicode support.

--------------------------------------------------------------------------------
Update Information:

Update to 5.0.2 fix rhbz#2326888
--------------------------------------------------------------------------------
ChangeLog:

* Sat Nov 23 2024 Filipe Rosset [rosset.filipe@gmail.com] - 1:5.0.2-1
- Update to 5.0.2 fix rhbz#2326888
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2262473 - [abrt] qbittorrent: qAbort(): qbittorrent killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=2262473
[ 2 ] Bug #2323595 - CVE-2024-51774 qbittorrent: RCE Vulnerability in qBittorrent Due to Improper SSL/TLS Certificate Validation [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2323595
[ 3 ] Bug #2323596 - CVE-2024-51774 qbittorrent: RCE Vulnerability in qBittorrent Due to Improper SSL/TLS Certificate Validation [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2323596
[ 4 ] Bug #2326888 - qbittorrent-5.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2326888
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-ab5ad835c1' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: wireshark-4.2.9-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-0b563ad294
2024-12-01 03:37:40.166776+00:00
--------------------------------------------------------------------------------

Name : wireshark
Product : Fedora 40
Version : 4.2.9
Release : 1.fc40
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Wireshark allows you to examine protocol data stored in files or as it is
captured from wired or wireless (WiFi or Bluetooth) networks, USB devices,
and many other sources. It supports dozens of protocol capture file formats
and understands more than a thousand protocols.

It has many powerful features including a rich display filter language
and the ability to reassemble multiple protocol packets in order to, for
example, view a complete TCP stream, save the contents of a file which was
transferred over HTTP or CIFS, or play back an RTP audio stream.

--------------------------------------------------------------------------------
Update Information:

New version 4.2.9
--------------------------------------------------------------------------------
ChangeLog:

* Thu Nov 21 2024 Michal Ruprich [mruprich@redhat.com] - 1:4.2.9-1
- New version 4.2.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2327682 - wireshark-4.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2327682
[ 2 ] Bug #2327789 - CVE-2024-11596 wireshark: Buffer Over-read in Wireshark [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2327789
[ 3 ] Bug #2327791 - CVE-2024-11595 wireshark: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2327791
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-0b563ad294' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--