Security Update 5.0 499

Critical Photon OS Security Update

Summary

Advisory Id : PHSA-2025-5.0-0499

Type : Security

Severity : ['Critical', 'Important', 'Moderate']

Issue date : 2025-04-11

Affected Release: 5.0

Details

Updates of ['freetype2', 'dotnet-sdk'] packages of Photon OS have been released.

Affected Packages

Critical

dotnet-sdk - ['CVE-2024-0057', 'CVE-2023-36049']

Important

freetype2 - ['CVE-2025-27363']

dotnet-sdk - ['CVE-2023-29337', 'CVE-2023-35390', 'CVE-2022-24464', 'CVE-2023-24897', 'CVE-2023-21808', 'CVE-2023-28260', 'CVE-2023-24895', 'CVE-2023-24936', 'CVE-2022-29145', 'CVE-2023-35391', 'CVE-2023-36793', 'CVE-2023-29331', 'CVE-2023-36794', 'CVE-2023-36796', 'CVE-2024-43485', 'CVE-2024-43483', 'CVE-2024-21409', 'CVE-2023-21538', 'CVE-2022-41032', 'CVE-2023-33170', 'CVE-2023-38178', 'CVE-2023-36792', 'CVE-2023-33128', 'CVE-2022-29117', 'CVE-2024-38081', 'CVE-2022-23267', 'CVE-2023-33126', 'CVE-2022-21986', 'CVE-2023-38180', 'CVE-2023-44487', 'CVE-2023-33127', 'CVE-2024-0056', 'CVE-2024-20672', 'CVE-2024-21404', 'CVE-2023-33135', 'CVE-2022-38013']

Moderate

dotnet-sdk - ['CVE-2024-21319', 'CVE-2022-30184', 'CVE-2022-34716', 'CVE-2023-36558', 'CVE-2022-24512', 'CVE-2023-36799']

Solution

Update the affected packages (tdnf update package)

Updated Packages Information

freetype2-2.13.3-1.ph5.x86_64.rpm | size : 356K , sha256 : 7ad768f2a72531b039bd2c7d88d696c4fb02166dc0d23f694a1c5ad7ad6529c0 , build time : Fri, 11 Apr 2025 02:39:14 UTC

freetype2-devel-2.13.3-1.ph5.x86_64.rpm | size : 164K , sha256 : c847ffe9360d97c3c18f4b230e16ee7169100a0fed5ceffd99873a3e05e3469e , build time : Fri, 11 Apr 2025 02:39:14 UTC

dotnet-sdk-8.0.407-1.ph5.x86_64.rpm | size : 102M , sha256 : 44561194e4687f08f944c5700728b7f8edbbaefea0b32046db426012e3270174 , build time : Fri, 11 Apr 2025 02:40:28 UTC