FEDORA-2024-a27e8b69a0
Packages in this update:
thunderbird-128.2.0-1.fc40
Update description:
Update to 128.2.0
https://www.thunderbird.net/en-US/thunderbird/128.2.0esr/releasenotes/
thunderbird-128.2.0-1.fc40
Update to 128.2.0
https://www.thunderbird.net/en-US/thunderbird/128.2.0esr/releasenotes/
thunderbird-128.2.0-1.fc41
Update to 128.2.0
https://www.thunderbird.net/en-US/thunderbird/128.2.0esr/releasenotes/
thunderbird-115.15.0-1.fc39
Update to 115.15.0
https://www.thunderbird.net/en-US/thunderbird/115.15.0esr/releasenotes/
Multiple vulnerabilities have been discovered in Veeam Products, the most severe of which could allow for remote code execution.
Veeam Backup & Replication is a proprietary backup app.
Veeam ONE is a solution for managing virtual and data protection environments.
Veeam Service Provider Console provides centralized monitoring and management capabilities for Veeam protected virtual, Microsoft 365, and public cloud workloads.
Veeam Agent for Linux is a backup agent that’s designed Linux Instances.
Veeam Backup for Nutanix.
Veeam Backup for Oracle Linux Virtualization Manager and Red Hat Virtualization.
Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.
mingw-expat-2.6.3-1.fc41
Update to expat-2.6.3.
mingw-expat-2.6.3-1.fc40
Update to expat-2.6.3.
mingw-expat-2.6.3-1.fc39
Update to expat-2.6.3.
clamav-1.0.7-1.fc40
Update to 1.0.7
CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.
clamav-1.0.7-1.el9
Update to 1.0.7
CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.
clamav-1.0.7-1.fc41
Update to 1.0.7
CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.