Category Archives: Advisories

chromium-132.0.6834.83-1.fc40

January 16, 2025

Read Time:40 Second

FEDORA-2025-4c65803ea6

Packages in this update:

chromium-132.0.6834.83-1.fc40

Update description:

Update to 132.0.6834.83

* High CVE-2025-0434: Out of bounds memory access in V8
* High CVE-2025-0435: Inappropriate implementation in Navigation
* High CVE-2025-0436: Integer overflow in Skia
* High CVE-2025-0437: Out of bounds read in Metrics
* High CVE-2025-0438: Stack buffer overflow in Tracing
* Medium CVE-2025-0439: Race in Frames
* Medium CVE-2025-0440: Inappropriate implementation in Fullscreen
* Medium CVE-2025-0441: Inappropriate implementation in Fenced
* Medium CVE-2025-0442: Inappropriate implementation in Payments
* Medium CVE-2025-0443: Insufficient data validation in Extensions
* Low CVE-2025-0446: Inappropriate implementation in Extensions
* Low CVE-2025-0447: Inappropriate implementation in Navigation
* Low CVE-2025-0448: Inappropriate implementation in Compositing

chromium-132.0.6834.83-1.fc41

January 16, 2025

Read Time:40 Second

FEDORA-2025-d9219c6a43

Packages in this update:

chromium-132.0.6834.83-1.fc41

Update description:

Update to 132.0.6834.83

* High CVE-2025-0434: Out of bounds memory access in V8
* High CVE-2025-0435: Inappropriate implementation in Navigation
* High CVE-2025-0436: Integer overflow in Skia
* High CVE-2025-0437: Out of bounds read in Metrics
* High CVE-2025-0438: Stack buffer overflow in Tracing
* Medium CVE-2025-0439: Race in Frames
* Medium CVE-2025-0440: Inappropriate implementation in Fullscreen
* Medium CVE-2025-0441: Inappropriate implementation in Fenced
* Medium CVE-2025-0442: Inappropriate implementation in Payments
* Medium CVE-2025-0443: Insufficient data validation in Extensions
* Low CVE-2025-0446: Inappropriate implementation in Extensions
* Low CVE-2025-0447: Inappropriate implementation in Navigation
* Low CVE-2025-0448: Inappropriate implementation in Compositing

chromium-132.0.6834.83-1.el9

January 16, 2025

Read Time:40 Second

FEDORA-EPEL-2025-a5fa82b9fd

Packages in this update:

chromium-132.0.6834.83-1.el9

Update description:

Update to 132.0.6834.83

* High CVE-2025-0434: Out of bounds memory access in V8
* High CVE-2025-0435: Inappropriate implementation in Navigation
* High CVE-2025-0436: Integer overflow in Skia
* High CVE-2025-0437: Out of bounds read in Metrics
* High CVE-2025-0438: Stack buffer overflow in Tracing
* Medium CVE-2025-0439: Race in Frames
* Medium CVE-2025-0440: Inappropriate implementation in Fullscreen
* Medium CVE-2025-0441: Inappropriate implementation in Fenced
* Medium CVE-2025-0442: Inappropriate implementation in Payments
* Medium CVE-2025-0443: Insufficient data validation in Extensions
* Low CVE-2025-0446: Inappropriate implementation in Extensions
* Low CVE-2025-0447: Inappropriate implementation in Navigation
* Low CVE-2025-0448: Inappropriate implementation in Compositing

chromium-132.0.6834.83-1.el10_0

January 16, 2025

Read Time:40 Second

FEDORA-EPEL-2025-1b6b7178a7

Packages in this update:

chromium-132.0.6834.83-1.el10_0

Update description:

Update to 132.0.6834.83

* High CVE-2025-0434: Out of bounds memory access in V8
* High CVE-2025-0435: Inappropriate implementation in Navigation
* High CVE-2025-0436: Integer overflow in Skia
* High CVE-2025-0437: Out of bounds read in Metrics
* High CVE-2025-0438: Stack buffer overflow in Tracing
* Medium CVE-2025-0439: Race in Frames
* Medium CVE-2025-0440: Inappropriate implementation in Fullscreen
* Medium CVE-2025-0441: Inappropriate implementation in Fenced
* Medium CVE-2025-0442: Inappropriate implementation in Payments
* Medium CVE-2025-0443: Insufficient data validation in Extensions
* Low CVE-2025-0446: Inappropriate implementation in Extensions
* Low CVE-2025-0447: Inappropriate implementation in Navigation
* Low CVE-2025-0448: Inappropriate implementation in Compositing

CVE-2024-48463

January 16, 2025

Read Time:14 Second

Posted by Rodolfo Tavares via Fulldisclosure on Jan 15

=====[ Tempest Security Intelligence – ADV-10/2024
]==========================

Bruno IDE Desktop prior to 1.29.0

Author: Rodolfo Tavares

Tempest Security Intelligence – Recife, Pernambuco – Brazil

=====[ Table of Contents ]==================================================

Overview
Detailed Description
Timeline of Disclosure
Thanks & Acknowledgements
References

=====[ Vulnerability Information…

CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3

January 16, 2025

Read Time:16 Second

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Jan 15

CyberDanube Security Research 20250107-0
——————————————————————————-
title| Multiple Vulnerabilities in ABB AC500v3
product| ABB AC500v3
vulnerable version| <=3.7.0.569
fixed version| 3.8.0
CVE number| CVE-2024-12429, CVE-2024-12430
impact| High
homepage| https://global.abb
found| 2024-09-03…

Certified Asterisk Security Release certified-20.7-cert4

January 16, 2025

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Jan 15

The Asterisk Development Team would like to announce security release
Certified Asterisk 20.7-cert4.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert4
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-20.7-cert4

## Change Log for Release asterisk-certified-20.7-cert4

###…

Certified Asterisk Security Release certified-18.9-cert13

January 16, 2025

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Jan 15

The Asterisk Development Team would like to announce security release
Certified Asterisk 18.9-cert13.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert13
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-18.9-cert13

## Change Log for Release asterisk-certified-18.9-cert13

###…

Asterisk Security Release 22.1.1

January 16, 2025

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Jan 15

The Asterisk Development Team would like to announce security release
Asterisk 22.1.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/22.1.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 22.1.1

## Change Log for Release asterisk-22.1.1

### Links:

– [Full ChangeLog](…

Asterisk Security Release 18.26.1

January 16, 2025

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Jan 15

The Asterisk Development Team would like to announce security release
Asterisk 18.26.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.26.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 18.26.1

## Change Log for Release asterisk-18.26.1

### Links:

– [Full ChangeLog](…

News, Advisories and much more

Exit mobile version