Fedora 40 Update: fluent-bit-3.2.8-1.fc40
Fedora 40 Update: php-8.3.19-1.fc40
Fedora 41 Update: fluent-bit-3.2.8-1.fc41
Fedora 41 Update: php-8.3.19-1.fc41
Fedora 42 Update: webkitgtk-2.48.0-1.fc42
Fedora 42 Update: fluent-bit-3.2.8-1.fc42
Fedora 42 Update: openssh-9.9p1-9.fc42
[SECURITY] Fedora 40 Update: fluent-bit-3.2.8-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b2bdcfedac
2025-03-21 01:22:02.983878+00:00
--------------------------------------------------------------------------------
Name : fluent-bit
Product : Fedora 40
Version : 3.2.8
Release : 1.fc40
URL : https://github.com/fluent/fluent-bit
Summary : Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
Description :
Fluent Bit is a high performance and multi-platform log forwarder.
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.8 - Closes rhbz#2137000 rhbz#2340164 rhbz#2300673
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 4 2025 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 3.2.8-1
- Update to 3.2.8 - Closes rhbz#2137000 rhbz#2340164 rhbz#2300673
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2137000 - fluent-bit-3.2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2137000
[ 2 ] Bug #2300673 - fluent-bit: FTBFS in Fedora rawhide/f41
https://bugzilla.redhat.com/show_bug.cgi?id=2300673
[ 3 ] Bug #2340164 - fluent-bit: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340164
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b2bdcfedac' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 40 Update: php-8.3.19-1.fc40
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-4e7e2c40e0
2025-03-21 01:22:02.983818+00:00
--------------------------------------------------------------------------------
Name : php
Product : Fedora 40
Version : 8.3.19
Release : 1.fc40
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
--------------------------------------------------------------------------------
Update Information:
PHP version 8.3.19 (13 Mar 2025)
BCMath:
Fixed bug GH-17398 (bcmul memory leak). (SakiTakamachi)
Core:
Fixed bug GH-17623 (Broken stack overflow detection for variable compilation).
(ilutov)
Fixed bug GH-17618 (UnhandledMatchError does not take
zend.exception_ignore_args=1 into account). (timwolla)
Fix fallback paths in fast_long_{add,sub}_function. (nielsdos)
Fixed bug GH-17718 (Calling static methods on an interface that has __callStatic
is allowed). (timwolla)
Fixed bug GH-17797 (zend_test_compile_string crash on invalid script path).
(David Carlier)
Fixed GHSA-rwp7-7vc6-8477 (Reference counting in php_request_shutdown causes
Use-After-Free). (CVE-2024-11235) (ilutov)
DOM:
Fixed bug GH-17847 (xinclude destroys live node). (nielsdos)
FFI:
Fix FFI Parsing of Pointer Declaration Lists. (davnotdev)
FPM:
Fixed bug GH-17643 (FPM with httpd ProxyPass encoded PATH_INFO env). (Jakub
Zelenka)
GD:
Fixed bug GH-17772 (imagepalettetotruecolor crash with memory_limit=2M). (David
Carlier)
LDAP:
Fixed bug GH-17704 (ldap_search fails when $attributes contains a non-packed
array with numerical keys). (nielsdos, 7u83)
LibXML:
Fixed GHSA-wg4p-4hqh-c3g9 (Reocurrence of php#72714). (nielsdos)
Fixed GHSA-p3x9-6h7p-cgfc (libxml streams use wrong content-type header when
requesting a redirected resource). (CVE-2025-1219) (timwolla)
MBString:
Fixed bug GH-17503 (Undefined float conversion in mb_convert_variables). (cmb)
Opcache:
Fixed bug GH-17654 (Multiple classes using same trait causes function JIT
crash). (nielsdos)
Fixed bug GH-17577 (JIT packed type guard crash). (nielsdos, Dmitry)
Fixed bug GH-17899 (zend_test_compile_string with invalid path when opcache is
enabled). (David Carlier)
Fixed bug GH-17868 (Cannot allocate memory with tracing JIT). (nielsdos)
PDO_SQLite:
Fixed GH-17837 ()::getColumnMeta() on unexecuted statement segfaults). (cmb)
Fix cycle leak in sqlite3 setAuthorizer(). (nielsdos)
Phar:
Fixed bug GH-17808: PharFileInfo refcount bug. (nielsdos)
PHPDBG:
Partially fixed bug GH-17387 (Trivial crash in phpdbg lexer). (nielsdos)
Fix memory leak in phpdbg calling registered function. (nielsdos)
Reflection:
Fixed bug GH-15902 (Core dumped in ext/reflection/php_reflection.c).
(DanielEScherzer)
Standard:
Fixed bug php#72666 (stat cache clearing inconsistent between file:// paths and
plain paths). (Jakub Zelenka)
Streams:
Fixed bug GH-17650 (realloc with size 0 in user_filters.c). (nielsdos)
Fix memory leak on overflow in _php_stream_scandir(). (nielsdos)
Fixed GHSA-hgf54-96fm-v528 (Stream HTTP wrapper header check might omit basic
auth header). (CVE-2025-1736) (Jakub Zelenka)
Fixed GHSA-52jp-hrpf-2jff (Stream HTTP wrapper truncate redirect location to
1024 bytes). (CVE-2025-1861) (Jakub Zelenka)
Fixed GHSA-pcmh-g36c-qc44 (Streams HTTP wrapper does not fail for headers
without colon). (CVE-2025-1734) (Jakub Zelenka)
Fixed GHSA-v8xr-gpvj-cx9g (Header parser of http stream wrapper does not handle
folded headers). (CVE-2025-1217) (Jakub Zelenka)
Zlib:
Fixed bug GH-17745 (zlib extension incorrectly handles object arguments).
(nielsdos)
Fix memory leak when encoding check fails. (nielsdos)
Fix zlib support for large files. (nielsdos)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 12 2025 Remi Collet [remi@remirepo.net] - 8.3.19-1
- Update to 8.3.19 - http://www.php.net/releases/8_3_19.php
* Wed Mar 12 2025 Remi Collet [remi@remirepo.net] - 8.3.18-1
- Update to 8.3.18 - http://www.php.net/releases/8_3_18.php
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-4e7e2c40e0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: fluent-bit-3.2.8-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-b355fdb8e5
2025-03-21 01:13:34.113214+00:00
--------------------------------------------------------------------------------
Name : fluent-bit
Product : Fedora 41
Version : 3.2.8
Release : 1.fc41
URL : https://github.com/fluent/fluent-bit
Summary : Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
Description :
Fluent Bit is a high performance and multi-platform log forwarder.
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.8 - Closes rhbz#2137000 rhbz#2340164 rhbz#2300673
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 4 2025 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 3.2.8-1
- Update to 3.2.8 - Closes rhbz#2137000 rhbz#2340164 rhbz#2300673
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2137000 - fluent-bit-3.2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2137000
[ 2 ] Bug #2300673 - fluent-bit: FTBFS in Fedora rawhide/f41
https://bugzilla.redhat.com/show_bug.cgi?id=2300673
[ 3 ] Bug #2340164 - fluent-bit: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340164
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-b355fdb8e5' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 41 Update: php-8.3.19-1.fc41
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-8d0acf5a57
2025-03-21 01:13:34.113079+00:00
--------------------------------------------------------------------------------
Name : php
Product : Fedora 41
Version : 8.3.19
Release : 1.fc41
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
--------------------------------------------------------------------------------
Update Information:
PHP version 8.3.19 (13 Mar 2025)
BCMath:
Fixed bug GH-17398 (bcmul memory leak). (SakiTakamachi)
Core:
Fixed bug GH-17623 (Broken stack overflow detection for variable compilation).
(ilutov)
Fixed bug GH-17618 (UnhandledMatchError does not take
zend.exception_ignore_args=1 into account). (timwolla)
Fix fallback paths in fast_long_{add,sub}_function. (nielsdos)
Fixed bug GH-17718 (Calling static methods on an interface that has __callStatic
is allowed). (timwolla)
Fixed bug GH-17797 (zend_test_compile_string crash on invalid script path).
(David Carlier)
Fixed GHSA-rwp7-7vc6-8477 (Reference counting in php_request_shutdown causes
Use-After-Free). (CVE-2024-11235) (ilutov)
DOM:
Fixed bug GH-17847 (xinclude destroys live node). (nielsdos)
FFI:
Fix FFI Parsing of Pointer Declaration Lists. (davnotdev)
FPM:
Fixed bug GH-17643 (FPM with httpd ProxyPass encoded PATH_INFO env). (Jakub
Zelenka)
GD:
Fixed bug GH-17772 (imagepalettetotruecolor crash with memory_limit=2M). (David
Carlier)
LDAP:
Fixed bug GH-17704 (ldap_search fails when $attributes contains a non-packed
array with numerical keys). (nielsdos, 7u83)
LibXML:
Fixed GHSA-wg4p-4hqh-c3g9 (Reocurrence of php#72714). (nielsdos)
Fixed GHSA-p3x9-6h7p-cgfc (libxml streams use wrong content-type header when
requesting a redirected resource). (CVE-2025-1219) (timwolla)
MBString:
Fixed bug GH-17503 (Undefined float conversion in mb_convert_variables). (cmb)
Opcache:
Fixed bug GH-17654 (Multiple classes using same trait causes function JIT
crash). (nielsdos)
Fixed bug GH-17577 (JIT packed type guard crash). (nielsdos, Dmitry)
Fixed bug GH-17899 (zend_test_compile_string with invalid path when opcache is
enabled). (David Carlier)
Fixed bug GH-17868 (Cannot allocate memory with tracing JIT). (nielsdos)
PDO_SQLite:
Fixed GH-17837 ()::getColumnMeta() on unexecuted statement segfaults). (cmb)
Fix cycle leak in sqlite3 setAuthorizer(). (nielsdos)
Phar:
Fixed bug GH-17808: PharFileInfo refcount bug. (nielsdos)
PHPDBG:
Partially fixed bug GH-17387 (Trivial crash in phpdbg lexer). (nielsdos)
Fix memory leak in phpdbg calling registered function. (nielsdos)
Reflection:
Fixed bug GH-15902 (Core dumped in ext/reflection/php_reflection.c).
(DanielEScherzer)
Standard:
Fixed bug php#72666 (stat cache clearing inconsistent between file:// paths and
plain paths). (Jakub Zelenka)
Streams:
Fixed bug GH-17650 (realloc with size 0 in user_filters.c). (nielsdos)
Fix memory leak on overflow in _php_stream_scandir(). (nielsdos)
Fixed GHSA-hgf54-96fm-v528 (Stream HTTP wrapper header check might omit basic
auth header). (CVE-2025-1736) (Jakub Zelenka)
Fixed GHSA-52jp-hrpf-2jff (Stream HTTP wrapper truncate redirect location to
1024 bytes). (CVE-2025-1861) (Jakub Zelenka)
Fixed GHSA-pcmh-g36c-qc44 (Streams HTTP wrapper does not fail for headers
without colon). (CVE-2025-1734) (Jakub Zelenka)
Fixed GHSA-v8xr-gpvj-cx9g (Header parser of http stream wrapper does not handle
folded headers). (CVE-2025-1217) (Jakub Zelenka)
Zlib:
Fixed bug GH-17745 (zlib extension incorrectly handles object arguments).
(nielsdos)
Fix memory leak when encoding check fails. (nielsdos)
Fix zlib support for large files. (nielsdos)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Mar 12 2025 Remi Collet [remi@remirepo.net] - 8.3.19-1
- Update to 8.3.19 - http://www.php.net/releases/8_3_19.php
* Wed Mar 12 2025 Remi Collet [remi@remirepo.net] - 8.3.18-1
- Update to 8.3.18 - http://www.php.net/releases/8_3_18.php
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-8d0acf5a57' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: webkitgtk-2.48.0-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-80e387cc51
2025-03-21 00:15:51.823234+00:00
--------------------------------------------------------------------------------
Name : webkitgtk
Product : Fedora 42
Version : 2.48.0
Release : 1.fc42
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
--------------------------------------------------------------------------------
Update Information:
Update to 2.48.0
Notably fixes CVE-2025-24201
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 18 2025 Michael Catanzaro [mcatanzaro@redhat.com] - 2.48.0-1
- Update to WebKitGTK 2.48.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2352356 - CVE-2025-24201 webkitgtk: out-of-bounds write vulnerability [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2352356
[ 2 ] Bug #2353875 - CVE-2024-44192 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2353875
[ 3 ] Bug #2353950 - CVE-2024-54467 webkitgtk: A malicious website may exfiltrate data cross-origin [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2353950
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-80e387cc51' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: fluent-bit-3.2.8-1.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-e31c4c683b
2025-03-21 00:15:51.823152+00:00
--------------------------------------------------------------------------------
Name : fluent-bit
Product : Fedora 42
Version : 3.2.8
Release : 1.fc42
URL : https://github.com/fluent/fluent-bit
Summary : Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
Description :
Fluent Bit is a high performance and multi-platform log forwarder.
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.8 - Closes rhbz#2137000 rhbz#2340164 rhbz#2300673
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 4 2025 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 3.2.8-1
- Update to 3.2.8 - Closes rhbz#2137000 rhbz#2340164 rhbz#2300673
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2137000 - fluent-bit-3.2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2137000
[ 2 ] Bug #2300673 - fluent-bit: FTBFS in Fedora rawhide/f41
https://bugzilla.redhat.com/show_bug.cgi?id=2300673
[ 3 ] Bug #2340164 - fluent-bit: FTBFS in Fedora rawhide/f42
https://bugzilla.redhat.com/show_bug.cgi?id=2340164
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-e31c4c683b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--
[SECURITY] Fedora 42 Update: openssh-9.9p1-9.fc42
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-1e92156b24
2025-03-21 00:15:51.822879+00:00
--------------------------------------------------------------------------------
Name : openssh
Product : Fedora 42
Version : 9.9p1
Release : 9.fc42
URL : http://www.openssh.com/portable.html
Summary : An open source implementation of SSH protocol version 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
--------------------------------------------------------------------------------
Update Information:
Automatic update for openssh-9.9p1-9.fc42.
Changelog
* Tue Feb 18 2025 Dmitry Belyavskiy [dbelyavs@redhat.com] - 9.9p1-9
- Fix regression of Match directive processing
- Fix missing error codes set and invalid error code checks in OpenSSH. It
prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
is on (CVE-2025-26465, CVE-2025-26466).
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 9.9p1-8.1
- Add explicit BR: libxcrypt-devel
* Wed Jan 29 2025 FeRD (Frank Dana) [ferdnyc@gmail.com] - 9.9p1-8
- Replace deprecated (since 8.7) ChallengeResponseAuthentication
with KbdInteractiveAuthentication, in redhat sshd config
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 18 2025 Dmitry Belyavskiy [dbelyavs@redhat.com] - 9.9p1-9
- Fix regression of Match directive processing
- Fix missing error codes set and invalid error code checks in OpenSSH. It
prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
is on (CVE-2025-26465, CVE-2025-26466).
* Sat Feb 1 2025 Bj??rn Esser [besser82@fedoraproject.org] - 9.9p1-8.1
- Add explicit BR: libxcrypt-devel
* Wed Jan 29 2025 FeRD (Frank Dana) [ferdnyc@gmail.com] - 9.9p1-8
- Replace deprecated (since 8.7) ChallengeResponseAuthentication
with KbdInteractiveAuthentication, in redhat sshd config
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-1e92156b24' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
