Category Archives: Advisories

python3.11-3.11.9-5.fc41

Read Time:18 Second

FEDORA-2024-d3d904cb56

Packages in this update:

python3.11-3.11.9-5.fc41

Update description:

Automatic update for python3.11-3.11.9-5.fc41.

Changelog

* Thu Aug 15 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.11.9-5
– Security fix for CVE-2024-4032 (rhbz#2293391)
– Security fix for CVE-2024-6923 (rhbz#2303158)

Read More

python3.11-3.11.9-5.fc42

Read Time:18 Second

FEDORA-2024-f247f05e2e

Packages in this update:

python3.11-3.11.9-5.fc42

Update description:

Automatic update for python3.11-3.11.9-5.fc42.

Changelog

* Thu Aug 15 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.11.9-5
– Security fix for CVE-2024-4032 (rhbz#2293391)
– Security fix for CVE-2024-6923 (rhbz#2303158)

Read More

webkitgtk-2.44.3-2.fc40

Read Time:21 Second

FEDORA-2024-6b8845e3f0

Packages in this update:

webkitgtk-2.44.3-2.fc40

Update description:

Fix web process cache suspend/resume when sandbox is enabled.
Fix accelerated images disappearing after scrolling.
Fix video flickering with DMA-BUF sink.
Fix pointer lock on X11.
Fix movement delta on mouse events in GTK3.
Undeprecate console message API and make it available in 2022 API.
Fix several crashes and rendering issues.

Read More

xen-4.17.4-3.fc39

Read Time:12 Second

FEDORA-2024-ed546e3543

Packages in this update:

xen-4.17.4-3.fc39

Update description:

error handling in x86 IOMMU identity mapping [XSA-460, CVE-2024-31145]
PCI device pass-through with shared resources [XSA-461, CVE-2024-31146]

Read More

xen-4.18.2-5.fc40

Read Time:12 Second

FEDORA-2024-91ddad6c8b

Packages in this update:

xen-4.18.2-5.fc40

Update description:

error handling in x86 IOMMU identity mapping [XSA-460, CVE-2024-31145]
PCI device pass-through with shared resources [XSA-461, CVE-2024-31146]

Read More

USN-6909-3: Bind vulnerabilities

Read Time:30 Second

USN-6909-1 fixed vulnerabilities in Bind. This update provides
the corresponding updates for Ubuntu 16.04 LTS.

Original advisory details:

Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very
large number of RRs existing at the same time. A remote attacker could
possibly use this issue to cause Bind to consume resources, leading to a
denial of service. (CVE-2024-1737)

It was discovered that Bind incorrectly handled a large number of SIG(0)
signed requests. A remote attacker could possibly use this issue to cause
Bind to consume resources, leading to a denial of service. (CVE-2024-1975)

Read More