This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability.

Read More

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Zabbix Web Service. Authentication is not required to exploit this vulnerability.

Read More

FEDORA-2023-29a012c0db

Packages in this update:

subscription-manager-1.29.37-1.fc38

Update description:

Automatic update for subscription-manager-1.29.37-1.fc38.

Changelog for subscription-manager

* Wed Aug 23 2023 Packit <hello@packit.dev> – 1.29.37-1
– Automatic commit of package [subscription-manager] release [1.29.37-1]. (Pino Toscano)
– Translated using Weblate (Korean) (김인수)
– Update translation files (Weblate)
– 2225446: Hotfix of D-Bus policy (Jiri Hnidek)
– TESTING: Update testing requirements (Matyas Horky)
– Use Fedora registry to pull container images (Matyas Horky)
– 2232316: dbus: check “force” again from the registration option (Pino Toscano)
– dbus: run EntCertActionInvoker on PoolAttach (Pino Toscano)
– ENT-5624: Properly translate error strings (Matyas Horky)
– Mock IOError for Insights fact collection tests (Matyas Horky)
– New extraction for translatable strings (Pino Toscano)

Read More

FEDORA-2023-0f2f9bc779

Packages in this update:

subscription-manager-1.29.37-1.fc37

Update description:

Automatic update for subscription-manager-1.29.37-1.fc37.

Changelog for subscription-manager

* Wed Aug 23 2023 Packit <hello@packit.dev> – 1.29.37-1
– Automatic commit of package [subscription-manager] release [1.29.37-1]. (Pino Toscano)
– Translated using Weblate (Korean) (김인수)
– Update translation files (Weblate)
– 2225446: Hotfix of D-Bus policy (Jiri Hnidek)
– TESTING: Update testing requirements (Matyas Horky)
– Use Fedora registry to pull container images (Matyas Horky)
– 2232316: dbus: check “force” again from the registration option (Pino Toscano)
– dbus: run EntCertActionInvoker on PoolAttach (Pino Toscano)
– ENT-5624: Properly translate error strings (Matyas Horky)
– Mock IOError for Insights fact collection tests (Matyas Horky)
– New extraction for translatable strings (Pino Toscano)

Read More

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert.

Read More

A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.

Read More

An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.

Read More

There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.

Read More

Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file.

Read More

Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame.

Read More