curl-8.2.1-4.fc39

Read Time:10 Second

FEDORA-2023-9de8973300

Packages in this update:

curl-8.2.1-4.fc39

Update description:

fix HSTS long file name clears contents (CVE-2023-46219)
fix cookie mixed case PSL bypass (CVE-2023-46218)

Read More

chromium-120.0.6099.62-2.fc38

Read Time:23 Second

FEDORA-2023-a32ad3e643

Packages in this update:

chromium-120.0.6099.62-2.fc38

Update description:

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

Read More

chromium-120.0.6099.62-1.el7

Read Time:42 Second

FEDORA-EPEL-2023-259055935d

Packages in this update:

chromium-120.0.6099.62-1.el7

Update description:

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

update to 119.0.6045.199, upstream security release

High CVE-2023-6348: Type Confusion in Spellcheck
High CVE-2023-6347: Use after free in Mojo
High CVE-2023-6346: Use after free in WebAudio
High CVE-2023-6350: Out of bounds memory access in libavif
High CVE-2023-6351: Use after free in libavif
High CVE-2023-6345: Integer overflow in Skia

Read More

chromium-120.0.6099.62-2.el9

Read Time:42 Second

FEDORA-EPEL-2023-8d617060ef

Packages in this update:

chromium-120.0.6099.62-2.el9

Update description:

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

update to 119.0.6045.199, upstream security release

High CVE-2023-6348: Type Confusion in Spellcheck
High CVE-2023-6347: Use after free in Mojo
High CVE-2023-6346: Use after free in WebAudio
High CVE-2023-6350: Out of bounds memory access in libavif
High CVE-2023-6351: Use after free in libavif
High CVE-2023-6345: Integer overflow in Skia

Read More

chromium-120.0.6099.62-2.el8

Read Time:42 Second

FEDORA-EPEL-2023-d0b9bcb64f

Packages in this update:

chromium-120.0.6099.62-2.el8

Update description:

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

update to 119.0.6045.199, upstream security release

High CVE-2023-6348: Type Confusion in Spellcheck
High CVE-2023-6347: Use after free in Mojo
High CVE-2023-6346: Use after free in WebAudio
High CVE-2023-6350: Out of bounds memory access in libavif
High CVE-2023-6351: Use after free in libavif
High CVE-2023-6345: Integer overflow in Skia

Read More

USN-6540-1: BlueZ vulnerability

Read Time:12 Second

It was discovered that BlueZ did not properly restrict non-bonded devices
from injecting HID events into the input subsystem. This could allow a
physically proximate attacker to inject keystrokes and execute arbitrary
commands whilst the device is discoverable.

Read More