USN-7057-1 fixed a vulnerability in WEBrick. This update provides the
corresponding updates for Ubuntu 22.04 LTS.
Original advisory details:
It was discovered that WEBrick incorrectly handled having both a Content-
Length header and a Transfer-Encoding header. A remote attacker could
possibly use this issue to perform a HTTP request smuggling attack.
koji-1.35.1-1.el8
Update to 1.35.1. Includes fix for CVE-2024-9427
koji-1.35.1-1.el9
Update to 1.35.1. Includes fix for CVE-2024-9427
koji-1.35.1-1.fc40
Update to 1.35.1. Includes fix for CVE-2024-9427
koji-1.35.1-1.fc41
Update to 1.35.1. Includes fix for CVE-2024-9427
koji-1.35.1-1.fc39
Update to 1.35.1. Includes fix for CVE-2024-9427
koji-1.35.1-1.fc42
Automatic update for koji-1.35.1-1.fc42.
* Tue Oct 8 2024 Kevin Fenzi <kevin@scrye.com> – 1.35.1-1
– Update to 1.35.1. Fixes rhbz#2316304
– Fixes CVE-2024-9427
thunderbird-128.3.0-1.fc41
Update to 128.3.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/
https://www.thunderbird.net/en-US/thunderbird/128.3.0esr/releasenotes/
thunderbird-128.3.0-1.fc40
Update to 128.3.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-49/
https://www.thunderbird.net/en-US/thunderbird/128.3.0esr/releasenotes/
USN-7014-1 fixed a vulnerability in nginx. This update provides the
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that the nginx ngx_http_mp4 module incorrectly handled
certain malformed mp4 files. In environments where the mp4 directive is in
use, a remote attacker could possibly use this issue to cause nginx to
crash, resulting in a denial of service.
