Read Time:6 Second
FEDORA-2024-aebaa73b1f
Packages in this update:
pdns-recursor-5.1.2-1.fc41
Update description:
Update to latest upstream
Category Archives: Advisories
pdns-recursor-5.0.9-1.fc40
Read Time:6 Second
FEDORA-2024-af0bf62ac6
Packages in this update:
pdns-recursor-5.0.9-1.fc40
Update description:
Update to latest upstream
pdns-recursor-4.9.9-1.fc39
Read Time:6 Second
FEDORA-2024-08a6626c11
Packages in this update:
pdns-recursor-4.9.9-1.fc39
Update description:
Update to latest upstream
USN-7043-3: cups-filters vulnerability
Read Time:28 Second
USN-7043-1 fixed a vulnerability in cups-filters. This update provides
the corresponding update for Ubuntu 16.04 LTS
Original advisory details:
Simone Margaritelli discovered that the cups-filters cups-browsed
component could be used to create arbitrary printers from outside
the local network. In combination with issues in other printing
components, a remote attacker could possibly use this issue to
connect to a system, created manipulated PPD files, and execute
arbitrary code when a printer is used. This update
disables support for the legacy CUPS printer discovery protocol.
(CVE-2024-47176)
USN-7041-3: CUPS vulnerability
Read Time:17 Second
USN-7041-1 fixed a vulnerability in CUPS. This update provides
the corresponding update for Ubuntu 16.04 LTS.
Original advisory details:
Simone Margaritelli discovered that CUPS incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used.
USN-7056-1: Firefox vulnerabilities
Read Time:42 Second
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-9392,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, CVE-2024-9403)
Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://pdf.js” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin PDF content. (CVE-2024-9393)
Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://devtools” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin JSON content. (CVE-2024-9394)
webkit2gtk4.0-2.46.1-2.fc40
Read Time:6 Second
FEDORA-2024-9694c3eec0
Packages in this update:
webkit2gtk4.0-2.46.1-2.fc40
Update description:
Update to 2.46.1
webkit2gtk4.0-2.46.1-2.fc41
Read Time:6 Second
FEDORA-2024-92d80d7f9a
Packages in this update:
webkit2gtk4.0-2.46.1-2.fc41
Update description:
Update to 2.46.1
DSA-5785-1 mediawiki – security update
Read Time:9 Second
Dom Walden discovered that the AbuseFilter extension in MediaWiki, a
website engine for collaborative work, performed incomplete authorisation
checks.
DSA-5786-1 libgsf – security update
Read Time:14 Second
Integer overflows flaws were discovered in the Compound Document Binary
File format parser of libgsf, the GNOME Project G Structured File
Library, which could result in the execution of arbitrary code if a
specially crafted file is processed.