Posted by Moritz Abrell via Fulldisclosure on Aug 17
Advisory ID: SYSS-2024-016
Product: Ewon Cosy+
Manufacturer: HMS Industrial Networks AB
Affected Version(s): Firmware Versions: < 21.2s10 and < 22.1s3
Tested Version(s): Firmware Version: 21.2s7
Vulnerability Type: Improper Neutralization of Input During Web Page Generation (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification:…
Posted by Aki Tuomi via Fulldisclosure on Aug 17
Affected product: Dovecot IMAP Server
Internal reference: DOV-6601
Vulnerability type: CWE-770 (Allocation of Resources Without Limits or Throttling)
Vulnerable version: 2.2, 2.3
Vulnerable component: lib-mail
Report confidence: Confirmed
Solution status: Fixed in 2.3.21.1
Researcher credits: Vendor internal discovery
Vendor notification: 2024-01-31
CVE reference: CVE-2024-23185
CVSS: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)…
Posted by Aki Tuomi via Fulldisclosure on Aug 17
Affected product: Dovecot IMAP Server
Internal reference: DOV-6464
Vulnerability type: CWE-770 (Allocation of Resources Without Limits or Throttling)
Vulnerable version: 2.2, 2.3
Vulnerable component: lib-mail
Report confidence: Confirmed
Solution status: Fixed in 2.3.21.1
Researcher credits: Vendor internal discovery
Vendor notification: 2024-01-30
CVE reference: CVE-2024-23184
CVSS: 5.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N)…
Support for the “strict kex” SSH extension has been backported to
AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening
against the Terrapin attack.
https://security-tracker.debian.org/tracker/DSA-5750-1
FEDORA-EPEL-2024-fc8e1f0a44
Packages in this update:
python-webob-1.8.8-2.el8
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
FEDORA-EPEL-2024-4a0acd6ee7
Packages in this update:
python-webob-1.8.8-2.el9
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
FEDORA-2024-40ff0d8644
Packages in this update:
python-webob-1.8.8-2.fc39
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
FEDORA-2024-a6817a2e80
Packages in this update:
python-webob-1.8.8-2.fc40
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
FEDORA-2024-f10a0a02d6
Packages in this update:
age-1.2.0-1.fc41
Update description:
Automatic update for age-1.2.0-1.fc41.
Changelog
* Sat Aug 17 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info > – 1.2.0-1
– Update to 1.2.0 – Closes rhbz#2292862 rhbz#2255071
FEDORA-2024-8d2cf6bfc3
Packages in this update:
age-1.2.0-1.fc42
Update description:
Automatic update for age-1.2.0-1.fc42.
Changelog
* Sat Aug 17 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info > – 1.2.0-1
– Update to 1.2.0 – Closes rhbz#2292862 rhbz#2255071
Posts navigation
News, Advisories and much more