Category Archives: Advisories

thunderbird-128.3.3-1.fc41

Read Time:27 Second

FEDORA-2024-a078d86829

Packages in this update:

thunderbird-128.3.3-1.fc41

Update description:

Update to 128.3.3

https://www.thunderbird.net/en-US/thunderbird/128.3.3esr/releasenotes/

Update to 128.3.2

https://www.thunderbird.net/en-US/thunderbird/128.3.2esr/releasenotes/

Update to 128.3.1

https://www.thunderbird.net/en-US/thunderbird/128.3.1esr/releasenotes/

Update to 128.3.0

https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/
https://www.thunderbird.net/en-US/thunderbird/128.3.0esr/releasenotes/

Read More

USN-7082-1: libheif vulnerability

Read Time:16 Second

Gerrard Tai discovered that libheif did not properly validate certain
images, leading to out-of-bounds read and write vulnerability. If a user
or automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to cause a denial of service or to
obtain sensitive information.

Read More

USN-7081-1: Go vulnerabilities

Read Time:47 Second

It was discovered that the Go net/http module did not properly handle
responses to requests with an “Expect: 100-continue” header under certain
circumstances. An attacker could possibly use this issue to cause a denial
of service. (CVE-2024-24791)

It was discovered that the Go parser module did not properly handle deeply
nested literal values. An attacker could possibly use this issue to cause
a panic resulting in a denial of service. (CVE-2024-34155)

It was discovered that the Go encoding/gob module did not properly handle
message decoding under certain circumstances. An attacker could possibly
use this issue to cause a panic resulting in a denial of service.
(CVE-2024-34156)

It was discovered that the Go build module did not properly handle certain
build tag lines with deeply nested expressions. An attacker could possibly
use this issue to cause a panic resulting in a denial of service.
(CVE-2024-34158)

Read More