Posted by Apple Product Security via Fulldisclosure on Oct 07

APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1

iOS 18.0.1 and iPadOS 18.0.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121373.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Media Session
Available for: iPhone 16 (all models)
Impact: Audio messages in Messages may be able to…

Read More

FEDORA-2024-8a9a692906

Packages in this update:

valkey-8.0.1-1.fc40

Update description:

update to 8.0.1
fixes
(CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE.
(CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors.
(CVE-2024-31228) Potential Denial-of-service due to unbounded pattern matching.

Read More

FEDORA-2024-e717420659

Packages in this update:

valkey-8.0.1-1.fc41

Update description:

update to 8.0.1
fixes
(CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE.
(CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors.
(CVE-2024-31228) Potential Denial-of-service due to unbounded pattern matching.

Read More

FEDORA-EPEL-2024-845b92ee3f

Packages in this update:

valkey-8.0.1-1.el9

Update description:

update to 8.0.1
fixes
(CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE.
(CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors.
(CVE-2024-31228) Potential Denial-of-service due to unbounded pattern matching.

Read More

FEDORA-2024-83e96146cf

Packages in this update:

valkey-8.0.1-1.fc39

Update description:

update to 8.0.1
fixes
(CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE.
(CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors.
(CVE-2024-31228) Potential Denial-of-service due to unbounded pattern matching.

Read More

FEDORA-2024-aebaa73b1f

Packages in this update:

pdns-recursor-5.1.2-1.fc41

Update description:

Update to latest upstream

Read More

FEDORA-2024-af0bf62ac6

Packages in this update:

pdns-recursor-5.0.9-1.fc40

Update description:

Update to latest upstream

Read More

FEDORA-2024-08a6626c11

Packages in this update:

pdns-recursor-4.9.9-1.fc39

Update description:

Update to latest upstream

Read More

It was discovered that WEBrick incorrectly handled having both a Content-
Length header and a Transfer-Encoding header. A remote attacker could
possibly use this issue to perform a HTTP request smuggling attack.

Read More

USN-7043-1 fixed a vulnerability in cups-filters. This update provides
the corresponding update for Ubuntu 16.04 LTS

Original advisory details:

Simone Margaritelli discovered that the cups-filters cups-browsed
component could be used to create arbitrary printers from outside
the local network. In combination with issues in other printing
components, a remote attacker could possibly use this issue to
connect to a system, created manipulated PPD files, and execute
arbitrary code when a printer is used. This update
disables support for the legacy CUPS printer discovery protocol.
(CVE-2024-47176)

Read More