It was discovered that Glib incorrectly handled certain trailing
characters. An attacker could possibly use this issue to cause
a crash or other undefined behavior.

Read More

It was discovered that curl could overwrite the HSTS expiry of the parent
domain with the subdomain’s HSTS entry. This could lead to curl switching
back to insecure HTTP earlier than otherwise intended, resulting in
information exposure.

Read More

Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.

Read More

FEDORA-2024-d7e2d109e2

Packages in this update:

mingw-python3-3.11.10-2.fc40

Update description:

Backport fix for CVE-2024-9287

Update to python-3.11.0.

Read More

FEDORA-2024-e6b1e638d1

Packages in this update:

mingw-python3-3.11.10-2.fc41

Update description:

Backport fix for CVE-2024-9287

Update to python-3.11.0.

Read More

FEDORA-2024-8c3476dd24

Packages in this update:

mingw-libsoup-2.74.3-8.fc40

Update description:

Backport fixes for CVE-2024-52530 and CVE-2024-52532.

Read More

FEDORA-2024-af077c1f85

Packages in this update:

mingw-libsoup-2.74.3-8.fc41

Update description:

Backport fixes for CVE-2024-52530 and CVE-2024-52532.

Read More

FEDORA-2024-67869f1cb3

Packages in this update:

mingw-glib2-2.82.2-1.fc41

Update description:

Update to 2.82.2, fixes CVE-2024-52533.

Read More

FEDORA-2024-1e29ad7d25

Packages in this update:

mingw-glib2-2.82.2-1.fc40

Update description:

Update to 2.82.2, fixes CVE-2024-52533.

Read More

This vulnerability allows remote attackers to bypass authentication on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-7763.

Read More