It was discovered that Expat did not properly handle its internal state
when attempting to resume an unstarted parser. An attacker could use this
issue to cause a denial of service (application crash).
golang-github-chainguard-dev-git-urls-1.0.2-1.fc41
golang-github-task-3.40.1-1.fc41
Bugfix to mitigate CVE-2023-46402
Brian Ristuccia discovered that in ProFTPD, a powerful modular
FTP/SFTP/FTPS server, supplemental group inheritance grants unintended
access to GID 0 because of the lack of supplemental groups from mod_sql.
Two security vulnerabilities were discovered in Smarty, a template
engine for PHP, which could result in PHP code injection or cross-site
scripting.
