Category Archives: Advisories

rust-below-0.9.0-1.el8

Read Time:26 Second

FEDORA-EPEL-2025-ae12e02519

Packages in this update:

rust-below-0.9.0-1.el8

Update description:

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.

https://www.cve.org/CVERecord?id=CVE-2025-27591
https://github.com/facebookincubator/below/security/advisories/GHSA-9mc5-7qhg-fp3w

Read More

DSA-5894-1 jetty9 – security update

Read Time:22 Second

Jetty 9 is a Java based web server and servlet engine. Several security
vulnerabilities have been discovered which may allow remote attackers to cause
a denial of service by repeatedly sending crafted requests which can trigger
OutofMemory errors and exhaust the server’s memory.

CVE-2024-6762: In addition PushSessionCacheFilter and PushCacheFilter have been
deprecated. These classes should no longer be used in a production environment.

https://security-tracker.debian.org/tracker/DSA-5894-1

Read More

DSA-5893-1 tomcat10 – security update

Read Time:23 Second

A security vulnerability was found in Tomcat 10, a Java based web server and
servlet engine. A malicious user was able to view security sensitive files
and/or inject content into those files when writes were enabled for the default
servlet (disabled by default) and support for partial PUT was enabled
(default). Under certain circumstances, depending on the application in use,
remote code execution may have been possible.

https://security-tracker.debian.org/tracker/DSA-5893-1

Read More

USN-7402-3: Linux kernel (NVIDIA) vulnerabilities

Read Time:21 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Block layer subsystem;
– GPU drivers;
– HID subsystem;
– Media drivers;
– JFS file system;
– Network namespace;
– Networking core;
– Netlink;
(CVE-2024-57798, CVE-2024-53140, CVE-2024-56595, CVE-2024-56598,
CVE-2024-50302, CVE-2024-56658, CVE-2024-56672, CVE-2024-53063)

Read More

webkitgtk-2.48.1-2.fc40

Read Time:13 Second

FEDORA-2025-256a86d7c8

Packages in this update:

webkitgtk-2.48.1-2.fc40

Update description:

Limit the data stored in session state.
Remove the empty area below the title bar in Web Inspector when not docked.
Fix various crashes and rendering issues

Read More

webkitgtk-2.48.1-2.fc41

Read Time:13 Second

FEDORA-2025-059585d039

Packages in this update:

webkitgtk-2.48.1-2.fc41

Update description:

Limit the data stored in session state.
Remove the empty area below the title bar in Web Inspector when not docked.
Fix various crashes and rendering issues

Read More

webkitgtk-2.48.1-2.fc42

Read Time:13 Second

FEDORA-2025-5427adc3f4

Packages in this update:

webkitgtk-2.48.1-2.fc42

Update description:

Limit the data stored in session state.
Remove the empty area below the title bar in Web Inspector when not docked.
Fix various crashes and rendering issues

Read More