It was discovered that Cockpit, a web console for Linux servers, was
susceptible to arbitrary command execution if an administrative user
was tricked into opening an sosreport file with a malformed filename.
xorg-x11-server-Xwayland-23.2.5-1.fc39
CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083
trafficserver-9.2.4-1.fc38
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.fc39
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.fc40
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.el8
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.el9
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.el7
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
xorg-x11-server-Xwayland-23.2.5-1.fc40
CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083
Google says it is deleting the your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data?
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown’s Thom Langford.
