Category Archives: Advisories

Advisories

krb5-1.21.2-6.fc41

July 8, 2024

Read Time:22 Second

FEDORA-2024-36514cd080

Packages in this update:

krb5-1.21.2-6.fc41

Update description:

Automatic update for krb5-1.21.2-6.fc41.

Changelog

* Mon Jul 8 2024 Julien Rische <jrische@redhat.com> – 1.21.2-6
– CVE-2024-37370 CVE-2024-37371: GSS message token handling
Resolves: rhbz#2294678 rhbz#2294680
– Fix double free in klist’s show_ccache()
Resolves: rhbz#2257301
– Do not include files with “~” termination in krb5-tests

Advisories

USN-6884-1: Nova vulnerability

July 8, 2024

Read Time:9 Second

Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.

Advisories

USN-6883-1: OpenStack Glance vulnerability

July 8, 2024

Read Time:9 Second

Martin Kaesberger discovered that Glance incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.

Advisories

USN-6882-1: Cinder vulnerability

July 8, 2024

Read Time:9 Second

Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.

Advisories

USN-6881-1: Exim vulnerability

July 8, 2024

Read Time:9 Second

It was discovered that Exim did not enforce STARTTLS sync point on client
side. An attacker could possibly use this issue to perform response
injection during MTA SMTP sending.

Advisories