Month: December 2024

Brian Ristuccia discovered that in ProFTPD, a powerful modular FTP/SFTP/FTPS server, supplemental group inheritance grants unintended access to GID 0 because of the lack of...

Two security vulnerabilities were discovered in Smarty, a template engine for PHP, which could result in PHP code injection or cross-site scripting. https://security-tracker.debian.org/tracker/DSA-5826-1 Read More

It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause...

FEDORA-2024-54aa5fc4b2 Packages in this update: python3.14-3.14.0~a2-2.fc41 Update description: Security fix for CVE-2024-12254 Read More

FEDORA-2024-b2cebcbb49 Packages in this update: python3.14-3.14.0~a2-2.fc40 Update description: Security fix for CVE-2024-12254 Read More

FEDORA-2024-fbd80e45ef Packages in this update: python3.14-3.14.0~a2-2.fc42 Update description: Automatic update for python3.14-3.14.0~a2-2.fc42. Changelog * Sun Dec 8 2024 Charalampos Stratakis <cstratak@redhat.com> - 3.14.0~a2-2 - Security...

FEDORA-2024-7f67755963 Packages in this update: icecat-115.18.0-2.rh2.fc40 Update description: Fix CVE-2024-11693 CVE-2024-11697 CVE-2024-11692 Read More

FEDORA-2024-ff0115e6ac Packages in this update: icecat-115.18.0-2.rh2.fc41 Update description: Fix CVE-2024-11693 CVE-2024-11697 CVE-2024-11692 Read More

FEDORA-2024-d32fd0e2d1 Packages in this update: python-nbdime-4.0.2-2.fc40 Update description: This update fixes CVE-2024-55565 by updating the vendored JavaScript to include a version of nanoid without the...

FEDORA-2024-01e170c1ac Packages in this update: python-nbdime-4.0.2-2.fc41 Update description: This update fixes CVE-2024-55565 by updating the vendored JavaScript to include a version of nanoid without the...