USN-7041-1 fixed a vulnerability in CUPS. This update provides
the corresponding update for Ubuntu 16.04 LTS.
Original advisory details:
Simone Margaritelli discovered that CUPS incorrectly sanitized IPP
data when creating PPD files. A remote attacker could possibly use this
issue to manipulate PPD files and execute arbitrary code when a printer is
used.
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-9392,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, CVE-2024-9403)
Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://pdf.js” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin PDF content. (CVE-2024-9393)
Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://devtools” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin JSON content. (CVE-2024-9394)
webkit2gtk4.0-2.46.1-2.fc40
Update to 2.46.1
webkit2gtk4.0-2.46.1-2.fc41
Update to 2.46.1
Dom Walden discovered that the AbuseFilter extension in MediaWiki, a
website engine for collaborative work, performed incomplete authorisation
checks.
Integer overflows flaws were discovered in the Compound Document Binary
File format parser of libgsf, the GNOME Project G Structured File
Library, which could result in the execution of arbitrary code if a
specially crafted file is processed.
firefox-131.0-2.fc39
New upstream version (131.0)
chromium-129.0.6668.89-1.fc39
update to 129.0.6668.89
High CVE-2024-7025: Integer overflow in Layout
High CVE-2024-9369: Insufficient data validation in Mojo
High CVE-2024-9370: Inappropriate implementation in V8
chromium-129.0.6668.89-1.fc40
update to 129.0.6668.89
High CVE-2024-7025: Integer overflow in Layout
High CVE-2024-9369: Insufficient data validation in Mojo
High CVE-2024-9370: Inappropriate implementation in V8
Posted by Security Explorations on Oct 04
Hello All,
Those interested in SIM / USIM card security might find some
information at our spin-off project page dedicated to the topic
potentially useful:
https://security-explorations.com/sim-usim-cards.html
We share there some information based on the experiences gained in the
SIM / USIM card security space, all in a hope this leads to the
increase of public awareness on the topic, change perspective on the
SIM / USIM card industry and…
