FEDORA-2024-9c84a7c963
Packages in this update:
libtiff-4.6.0-5.fc40.1
Update description:
fix CVE-2024-7006 (rhbz#2302997)
fix CVE-2023-52356 (rhbz#2260112)
fix CVE-2023-6228 (rhbz#2251863)
libtiff-4.6.0-5.fc40.1
fix CVE-2024-7006 (rhbz#2302997)
fix CVE-2023-52356 (rhbz#2260112)
fix CVE-2023-6228 (rhbz#2251863)
thunderbird-128.3.3-1.fc41
Update to 128.3.3
https://www.thunderbird.net/en-US/thunderbird/128.3.3esr/releasenotes/
Update to 128.3.2
https://www.thunderbird.net/en-US/thunderbird/128.3.2esr/releasenotes/
Update to 128.3.1
https://www.thunderbird.net/en-US/thunderbird/128.3.1esr/releasenotes/
Update to 128.3.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/
https://www.thunderbird.net/en-US/thunderbird/128.3.0esr/releasenotes/
Gerrard Tai discovered that libheif did not properly validate certain
images, leading to out-of-bounds read and write vulnerability. If a user
or automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to cause a denial of service or to
obtain sensitive information.
It was discovered that the Go net/http module did not properly handle
responses to requests with an “Expect: 100-continue” header under certain
circumstances. An attacker could possibly use this issue to cause a denial
of service. (CVE-2024-24791)
It was discovered that the Go parser module did not properly handle deeply
nested literal values. An attacker could possibly use this issue to cause
a panic resulting in a denial of service. (CVE-2024-34155)
It was discovered that the Go encoding/gob module did not properly handle
message decoding under certain circumstances. An attacker could possibly
use this issue to cause a panic resulting in a denial of service.
(CVE-2024-34156)
It was discovered that the Go build module did not properly handle certain
build tag lines with deeply nested expressions. An attacker could possibly
use this issue to cause a panic resulting in a denial of service.
(CVE-2024-34158)
suricata-7.0.7-1.el9
Various security, performance, accuracy, and stability issues have been fixed. Note, this update is a major upgrade. Please look at the following before upgrading: https://docs.suricata.io/en/suricata-7.0.6/upgrade.html#upgrading-6-0-to-7-0
suricata-7.0.7-1.el8
Various security, performance, accuracy, and stability issues have been fixed. Note, this update is a major upgrade. Please look at the following before upgrading: https://docs.suricata.io/en/suricata-7.0.6/upgrade.html#upgrading-6-0-to-7-0
micropython-1.23.0-1.fc39
Update to 1.23.0
micropython-1.23.0-1.fc40
Update to 1.23.0
micropython-1.23.0-1.fc41
Update to 1.23.0
micropython-1.23.0-1.fc42
Automatic update for micropython-1.23.0-1.fc42.
* Thu Oct 17 2024 Charalampos Stratakis <cstratak@redhat.com> – 1.23.0-1
– Update to 1.23.0
– Security fixes for CVE-2024-8946, CVE-2024-8947, CVE-2024-8948
Resolves: rhbz#2312926, rhbz#2312923, rhbz#2312921