Category Archives: Advisories

Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution

Read Time:28 Second

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

389-ds-base-2.4.6-1.fc39

Read Time:19 Second

FEDORA-2024-c8290315df

Packages in this update:

389-ds-base-2.4.6-1.fc39

Update description:

Changelog

* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 2.4.6-1
– Update to 2.4.6
– Resolves: CVE-2024-1062 (rhbz#2261884)
– Resolves: CVE-2024-2199 (rhbz#2283632)
– Resolves: CVE-2024-3657 (rhbz#2283631)
– Resolves: CVE-2024-5953 (rhbz#2292109)

Read More

USN-6928-1: Python vulnerabilities

Read Time:24 Second

It was discovered that the Python ssl module contained a memory race
condition when handling the APIs to obtain the CA certificates and
certificate store statistics. This could possibly result in applications
obtaining wrong results, leading to various SSL issues. (CVE-2024-0397)

It was discovered that the Python ipaddress module contained incorrect
information about which IP address ranges were considered “private” or
“globally reachable”. This could possibly result in applications applying
incorrect security policies. (CVE-2024-4032)

Read More

golang-github-dvsekhvalnov-jose2go-1.7.0-1.fc41

Read Time:25 Second

FEDORA-2024-8c116e555a

Packages in this update:

golang-github-dvsekhvalnov-jose2go-1.7.0-1.fc41

Update description:

Automatic update for golang-github-dvsekhvalnov-jose2go-1.7.0-1.fc41.

Changelog

* Tue Jul 30 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> – 1.7.0-1
– Update to 1.7.0 – Closes rhbz#1922010 rhbz#2255966 rhbz#2300742
* Thu Jul 18 2024 Fedora Release Engineering <releng@fedoraproject.org> – 1.3-18
– Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild

Read More

USN-6924-2: Linux kernel vulnerabilities

Read Time:18 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM SCMI message protocol;
– InfiniBand drivers;
– TTY drivers;
– TLS protocol;
(CVE-2022-48655, CVE-2024-36016, CVE-2024-26584, CVE-2021-47131,
CVE-2024-26907, CVE-2024-26585, CVE-2024-26583)

Read More

389-ds-base-3.0.4-2.fc40

Read Time:25 Second

FEDORA-2024-ac07913be8

Packages in this update:

389-ds-base-3.0.4-2.fc40

Update description:

Changelog

* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.0.4-2
– Replace lmdb with lmdb-libs in Requires

* Tue Jul 30 2024 Viktor Ashirov <vashirov@redhat.com> – 3.0.4-1
– Update to 3.0.4
– Resolves: CVE-2024-1062 (rhbz#2261884)
– Resolves: CVE-2024-2199 (rhbz#2283632)
– Resolves: CVE-2024-3657 (rhbz#2283631)
– Resolves: CVE-2024-5953 (rhbz#2292109)

Read More