FEDORA-2024-25f8e34407
Packages in this update:
darkhttpd-1.16-1.fc40
Update description:
Update to 1.16 fixes rhbz#2259096
darkhttpd-1.16-1.fc40
Update to 1.16 fixes rhbz#2259096
openvpn-2.5.11-1.el9
Update to upstream OpenVPN 2.5.11
Fixes CVE-2024-5594
Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.
It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code.
chromium-126.0.6478.182-1.el9
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.el8
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.fc40
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.fc39
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
It was discovered that stunnel did not properly validate client
certificates when configured to use both the redirect and verifyChain
options. A remote attacker could potentially use this issue to obtain
sensitive information by accessing the tunneled service.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-6812.