Daily Archives: September 3, 2024

Advisories

wolfssl-5.7.2-2.fc42

Read Time:18 Second

FEDORA-2024-94b6630e1f

Packages in this update:

wolfssl-5.7.2-2.fc42

Update description:

Automatic update for wolfssl-5.7.2-2.fc42.

Changelog

* Tue Sep 3 2024 Andrew Bauer <zonexpertconsulting@outlook.com> – 5.7.2-2
– RHBZ#2308628 RHBZ#2308629 RHBZ#2308630 RHBZ#2308631 fixed in 5.7.2 release
– fips macro patch no longer needed

Read More

Advisories

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution

Read Time:37 Second

Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Advisories

USN-6987-1: Django vulnerabilities

Read Time:18 Second

It was discovered that Django incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2024-45230)

It was discovered that Django incorrectly handled certain email sending
failures. A remote attacker could possibly use this issue to enumerate
user emails by issuing password reset requests and observing the outcomes.
(CVE-2024-45231)

Read More