FEDORA-FLATPAK-2023-39d93f840d
Packages in this update:
thunderbird-stable-3720230217131322.1
Update description:
Thunderbird 102.8.0 release. For details, see https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
thunderbird-stable-3720230217131322.1
Thunderbird 102.8.0 release. For details, see https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter.
thunderbird-102.8.0-1.fc37
Update to 102.8.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/ ;
https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
thunderbird-102.8.0-1.fc36
Update to 102.8.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/ ;
https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
Update to 102.7.2 ;
https://www.thunderbird.net/en-US/thunderbird/102.7.2/releasenotes/
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint.
A vulnerability has been discovered in Clam AntiVirus, which could allow for remote code execution. Clam AntiVirus is an open-source, cross-platform antimalware toolkit able to detect many types of malware. Successful exploitation of this vulnerability could allow an attacker to execute remote code as the Clam AntiVirus platform. Depending on the privileges associated with the application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Applications that are configured to have fewer user rights on the system could be less impacted than those that operate with administrative user rights.
curl-7.82.0-13.fc36
fix HTTP multi-header compression denial of service (CVE-2023-23916)
curl-7.85.0-6.fc37
fix HTTP multi-header compression denial of service (CVE-2023-23916)
share HSTS between handles (CVE-2023-23915 CVE-2023-23914)
podman-4.4.1-3.fc36
Security fix for CVE-2023-0778
remove quadlet package specification completely
bump to v4.4.0
podman-4.4.1-3.fc37
Security fix for CVE-2023-0778