USN-6994-1: Netty vulnerabilities

Read Time:18 Second

It was discovered that Netty did not properly sanitize its input
parameters. A remote attacker could possibly use this issue to cause a
crash. (CVE-2023-34462)

It was discovered that Netty incorrectly handled request cancellation. A
remote attacker could possibly use this issue to cause Netty to consume
resources, leading to a denial of service. (CVE-2023-44487)

Read More

clamav-1.0.7-1.fc40

Read Time:25 Second

FEDORA-2024-e8f7a74693

Packages in this update:

clamav-1.0.7-1.fc40

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More

clamav-1.0.7-1.el9

Read Time:26 Second

FEDORA-EPEL-2024-702a565078

Packages in this update:

clamav-1.0.7-1.el9

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More