Phoronix is a leading source for Linux hardware reviews, benchmarking, and open-source news. With  performance analysis, hardware testing, and coverage of the latest developments in the Linux ecosystem, Phoronix provides  insights for Linux enthusiasts, developers, and system administrators, helping them make informed decisions about hardware compatibility, performance optimization, and software selection.

Phoronix

Fedora users are experiencing frustration with an outdated OpenH264 codec package that contains a high severity security vulnerability (CVE score 8.6/10) discovered in February. The vulnerability allows remote attackers to trigger heap overflows through decoding functions. Despite being fixed in OpenH264 v2.6, Fedora distributions still ship the vulnerable version three months later due to ABI compatibility concerns and delays in getting updated packages into Cisco's repository. Some community members are calling for removal of OpenH264 packages if proper maintenance cannot be ensured.

Out-Of-Date OpenH264 On Fedora Is Frustrating Users With A High Severity CVE