Read Time:11 Second
FEDORA-2024-fdc7dfb959
Packages in this update:
wireshark-4.0.12-1.fc38
Update description:
New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208.
Monthly Archives: February 2024
Pump-and-Dump Schemes Make Crypto Fraudsters $240m
Read Time:5 Second
Chainalysis reveals that pump-and-dump schemes made Ethereum market manipulators over $240m in 2023 alone
Google’s Bazel Exposed to Command Injection Threat
Read Time:4 Second
Cycode stressed securing software supply chains amid complex dependencies and third-party actions
freerdp-2.11.5-1.fc38
Read Time:6 Second
FEDORA-2024-f294ddb7fb
Packages in this update:
freerdp-2.11.5-1.fc38
Update description:
Update to 2.11.5
freerdp-2.11.5-1.fc39
Read Time:6 Second
FEDORA-2024-01689e51e5
Packages in this update:
freerdp-2.11.5-1.fc39
Update description:
Update to 2.11.5
runc-1.1.12-1.fc38
Read Time:6 Second
FEDORA-2024-9044c9eefa
Packages in this update:
runc-1.1.12-1.fc38
Update description:
Security fix for CVE-2024-21626
kernel-6.7.3-100.fc38 kernel-headers-6.7.3-100.fc38
Read Time:13 Second
FEDORA-2024-cf47b35a6c
Packages in this update:
kernel-6.7.3-100.fc38
kernel-headers-6.7.3-100.fc38
Update description:
The 6.7.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree.
kernel-6.7.3-200.fc39 kernel-headers-6.7.3-200.fc39
Read Time:13 Second
FEDORA-2024-2116a8468b
Packages in this update:
kernel-6.7.3-200.fc39
kernel-headers-6.7.3-200.fc39
Update description:
The 6.7.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree.
runc-1.1.12-1.fc39
Read Time:6 Second
FEDORA-2024-900dc7f6ff
Packages in this update:
runc-1.1.12-1.fc39
Update description:
security fix for CVE-2024-21626
USN-6587-4: X.Org X Server regression
Read Time:1 Minute, 22 Second
USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete
resulting in a possible regression. This update fixes the problem.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An
attacker could possibly use this issue to cause the X Server to crash,
obtain sensitive information, or execute arbitrary code. (CVE-2023-6816)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
reattaching to a different master device. An attacker could use this issue
to cause the X Server to crash, leading to a denial of service, or possibly
execute arbitrary code. (CVE-2024-0229)
Olivier Fourdan and Donn Seeley discovered that the X.Org X Server
incorrectly labeled GLX PBuffers when used with SELinux. An attacker could
use this issue to cause the X Server to crash, leading to a denial of
service. (CVE-2024-0408)
Olivier Fourdan discovered that the X.Org X Server incorrectly handled
the curser code when used with SELinux. An attacker could use this issue to
cause the X Server to crash, leading to a denial of service.
(CVE-2024-0409)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the XISendDeviceHierarchyEvent API. An attacker
could possibly use this issue to cause the X Server to crash, or execute
arbitrary code. (CVE-2024-21885)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
devices being disabled. An attacker could possibly use this issue to cause
the X Server to crash, or execute arbitrary code. (CVE-2024-21886)