FEDORA-2024-fdc7dfb959
Packages in this update:
wireshark-4.0.12-1.fc38
Update description:
New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208.
wireshark-4.0.12-1.fc38
New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208.
Chainalysis reveals that pump-and-dump schemes made Ethereum market manipulators over $240m in 2023 alone
Cycode stressed securing software supply chains amid complex dependencies and third-party actions
freerdp-2.11.5-1.fc38
Update to 2.11.5
freerdp-2.11.5-1.fc39
Update to 2.11.5
runc-1.1.12-1.fc38
Security fix for CVE-2024-21626
kernel-6.7.3-100.fc38
kernel-headers-6.7.3-100.fc38
The 6.7.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree.
kernel-6.7.3-200.fc39
kernel-headers-6.7.3-200.fc39
The 6.7.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree.
runc-1.1.12-1.fc39
security fix for CVE-2024-21626
USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete
resulting in a possible regression. This update fixes the problem.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An
attacker could possibly use this issue to cause the X Server to crash,
obtain sensitive information, or execute arbitrary code. (CVE-2023-6816)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
reattaching to a different master device. An attacker could use this issue
to cause the X Server to crash, leading to a denial of service, or possibly
execute arbitrary code. (CVE-2024-0229)
Olivier Fourdan and Donn Seeley discovered that the X.Org X Server
incorrectly labeled GLX PBuffers when used with SELinux. An attacker could
use this issue to cause the X Server to crash, leading to a denial of
service. (CVE-2024-0408)
Olivier Fourdan discovered that the X.Org X Server incorrectly handled
the curser code when used with SELinux. An attacker could use this issue to
cause the X Server to crash, leading to a denial of service.
(CVE-2024-0409)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the XISendDeviceHierarchyEvent API. An attacker
could possibly use this issue to cause the X Server to crash, or execute
arbitrary code. (CVE-2024-21885)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
devices being disabled. An attacker could possibly use this issue to cause
the X Server to crash, or execute arbitrary code. (CVE-2024-21886)