-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8af0e7ea3e 2026-03-15 01:12:21.661922+00:00 --------------------------------------------------------------------------------
Name : insight Product : Fedora 42 Version : 18.0.50.20260306 Release : 1.fc42 URL : https://www.sourceware.org/insight/ Summary : Graphical debugger based on GDB Description : Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version. -------------------------------------------------------------------------------- Update Information: New upstream snapshot. Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442. Fixes CVEs 2025-69644, 2025-69645, 2025-69646. Fixes FTBFS. Relax BR of itcl/itk/iwidgets. Patch "libtool_tag" to force C++ language tagging in libtool. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2026 Patrick Monnerat <[email protected]> 18.0.50.20260306-1 - New upstream snapshot. - Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442. https://bugzilla.redhat.com/show_bug.cgi?id=2402843 https://bugzilla.redhat.com/show_bug.cgi?id=2402846 https://bugzilla.redhat.com/show_bug.cgi?id=2438918 https://bugzilla.redhat.com/show_bug.cgi?id=2443834 - Fixes CVEs 2025-69644, 2025-69645, 2025-69646. https://bugzilla.redhat.com/show_bug.cgi?id=2445281 https://bugzilla.redhat.com/show_bug.cgi?id=2445284 https://bugzilla.redhat.com/show_bug.cgi?id=2446276 - Fixes FTBFS. https://bugzilla.redhat.com/show_bug.cgi?id=2434680 - Relax BR of itcl/itk/iwidgets. - Patch "libtool_tag" to force C++ language tagging in libtool. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2402843 - CVE-2025-11495 insight: GNU Binutils Linker heap-based overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402843 [ 2 ] Bug #2402846 - CVE-2025-11494 insight: GNU Binutils Linker out-of-bounds read [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402846 [ 3 ] Bug #2434680 - insight: FTBFS in Fedora rawhide/f44 https://bugzilla.redhat.com/show_bug.cgi?id=2434680 [ 4 ] Bug #2438918 - CVE-2026-2341 insight: libiberty: Application crash via crafted C++ symbol demangling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2438918 [ 5 ] Bug #2443834 - CVE-2026-3441 CVE-2026-3442 insight: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2443834 [ 6 ] Bug #2445276 - CVE-2025-69646 insight: Binutils: Denial of Service via malformed DWARF debug_rnglists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445276 [ 7 ] Bug #2445281 - CVE-2025-69644 insight: Binutils: Denial of Service via crafted binary with malformed DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445281 [ 8 ] Bug #2445284 - CVE-2025-69645 insight: Binutils objdump: Denial of Service via crafted DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445284 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8af0e7ea3e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
