Posted by Christian Brabandt on Feb 04

Meng Ruijie wrote:

Meng,

This particular problem was fixed in Vim v9.0.1740
https://github.com/vim/vim/commit/0a0764684591c7c6a5d722b628f11dc96208e853

I have no idea, why this issue is worth a CVE, because if an attacker
can modify your .viminfo file to make Vim crash, he already has the
possibilities to do much more harm directly. So I don’t think this is
particular useful CVE. I’d also like to dispute this.

Thanks,
Christian

Read More

It was discovered that runc, a command line client for running
applications packaged according to the Open Container Format (OCF), was
suspectible to multiple container breakouts due to an internal file
descriptor leak.

https://security-tracker.debian.org/tracker/DSA-5615-1

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

FEDORA-EPEL-2024-25f8bac8aa

Packages in this update:

chromium-121.0.6167.139-2.el7

Update description:

update to 121.0.6167.139

High CVE-2024-1060: Use after free in Canvas
High CVE-2024-1059: Use after free in WebRTC
High CVE-2024-1077: Use after free in Network

Read More

Two vulnerabilities were discovered in zbar, a library for scanning and
decoding QR and bar codes, which may result in denial of service,
information disclosure or potentially the execution of arbitrary code if
a specially crafted code is processed.

https://security-tracker.debian.org/tracker/DSA-5614-1

Read More

Post Content

Read More

Post Content

Read More