US officials say the suspected owner of the prolific Incognito dark web drugs marketplace has been arrested
Daily Archives: May 21, 2024
Critical Fluent Bit Bug Impacts All Major Cloud Platforms
A newly discovered flaw in open source utility Fluent Bit could enable widespread DoS, RCE and information leakage
firefox-126.0-7.fc38
FEDORA-2024-b4b4426a4f
Packages in this update:
firefox-126.0-7.fc38
Update description:
Fixed DBus service to not run without Gnome search requests
new upstream update (126.0)
New upstream version (125.0.3)
Latest upstream release.
USN-6779-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-4767,
CVE-2024-4768, CVE-2024-4769, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773,
CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778)
Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory
when audio input connected with multiple consumers. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2024-4764)
Thomas Rinsma discovered that Firefox did not properly handle type check
when handling fonts in PDF.js. An attacker could potentially exploit this
issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367)
Irvan Kurniawan discovered that Firefox did not properly handle certain
font styles when saving a page to PDF. An attacker could potentially
exploit this issue to cause a denial of service. (CVE-2024-4770)
asterisk release 20.8.1
Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security release
Asterisk 20.8.1.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.8.1
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 20.8.1
## Change Log for Release asterisk-20.8.1
### Links:
– [Full ChangeLog](…
asterisk release 21.3.1
Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security release
Asterisk 21.3.1.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.3.1
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 21.3.1
## Change Log for Release asterisk-21.3.1
### Links:
– [Full ChangeLog](…
asterisk release 18.23.1
Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security release
Asterisk 18.23.1.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.23.1
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 18.23.1
## Change Log for Release asterisk-18.23.1
### Links:
– [Full ChangeLog](…
CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package
Posted by Andrea Intilangelo on May 20
CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package
Use CVE-2024-34058.
Additional info:
NethServer is an Open Source operating system for the Linux enthusiast, designed for small offices and medium
enterprises. From their website: “It’s simple, secure and flexible” and “ready to deliver your messages, to protect
your network with the built-in firewall, share your files and much more,…