A vulnerability has been discovered in Samba which could allow for arbitrary code execution. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Successful exploitation of this vulnerability could result in arbitrary code execution as root on affected Samba installations that use the VFS module vfs_fruit. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.
More Stories
USN-7157-2: PHP regression
USN-7157-1 fixed vulnerabilities in PHP. The patch for CVE-2024-8932 caused a regression in php7.4. This update fixes the problem. Original...
USN-7157-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use...
mingw-directxmath-3.20-1.fc41 mingw-gstreamer1-1.24.10-1.fc41 mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc41 mingw-gstreamer1-plugins-base-1.24.10-1.fc41 mingw-gstreamer1-plugins-good-1.24.10-1.fc41
FEDORA-2024-0a5722a980 Packages in this update: mingw-directxmath-3.20-1.fc41 mingw-gstreamer1-1.24.10-1.fc41 mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc41 mingw-gstreamer1-plugins-base-1.24.10-1.fc41 mingw-gstreamer1-plugins-good-1.24.10-1.fc41 Update description: Update to gstreamer-1.24.10, fixes multiple CVEs. Read More
mingw-directxmath-3.20-1.fc40 mingw-gstreamer1-1.24.10-1.fc40 mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc40 mingw-gstreamer1-plugins-base-1.24.10-1.fc40 mingw-gstreamer1-plugins-good-1.24.10-1.fc40 mingw-orc-0.4.40-1.fc40
FEDORA-2024-2284729772 Packages in this update: mingw-directxmath-3.20-1.fc40 mingw-gstreamer1-1.24.10-1.fc40 mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc40 mingw-gstreamer1-plugins-base-1.24.10-1.fc40 mingw-gstreamer1-plugins-good-1.24.10-1.fc40 mingw-orc-0.4.40-1.fc40 Update description: Update to 1.24.10, fixes multiple CVEs. Read...
curl-8.9.1-3.fc41
FEDORA-2024-a94430d221 Packages in this update: curl-8.9.1-3.fc41 Update description: fix HSTS subdomain overwrites parent cache entry (CVE-2024-9681) Read More
Ivanti Cloud Services Application (CSA) Vulnerabilities (CVE-2024-11639, CVE-2024-11772, CVE-2024-11773)
What are the Vulnerabilities?Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) that...