FEDORA-2023-00b3e9d551
Packages in this update:
grafana-pcp-5.1.1-4.fc38
Update description:
Move location of plugin from /usr/share/… to /usr/libexec/… because there is a binary executable
grafana-pcp-5.1.1-4.fc38
Move location of plugin from /usr/share/… to /usr/libexec/… because there is a binary executable
grafana-pcp-5.1.1-4.fc39
Move location of plugin from /usr/share/… to /usr/libexec/… because there is a binary executable
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
reads, resulting in information leakage. (CVE-2023-42114)
It was discovered that Exim incorrectly handled validation of user-supplied
data. A remote attacker could possibly use this issue to perform
out-of-bounds writes, resulting in arbitrary code execution. This issue
only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04.
(CVE-2023-42115)
It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
writes, resulting in arbitrary code execution. (CVE-2023-42116)
flatpak-runtime-f38-3820230912204035.3
flatpak-sdk-f38-3820230912204035.3
Updated flatpak runtime and SDK, including latest Fedora 38 security and bug-fix errata.
Knowing the common signs of phishing can help you spot suspicious emails and prevent a possible compromise. Here are some examples to sharpen your focus.
To uphold your personal responsibility for cybersecurity, here are 11 steps that you can use to strengthen your cyber defense at home and at work.
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).
It was discovered that FreeRDP did not properly manage certain inputs. A
malicious server could use this issue to cause FreeRDP clients to crash,
resulting in a denial of service, or possibly obtain sensitive
information. (cve-2023-39350, cve-2023-39351, CVE-2023-39353,
CVE-2023-39354, CVE-2023-40181, CVE-2023-40188, CVE-2023-40589)
It was discovered that FreeRDP did not properly manage certain inputs. A
malicious server could use this issue to cause FreeRDP clients to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(cve-2023-40186 CVE-2023-40567, CVE-2023-40569)