bpftool-7.5.0-1.fc40
kernel-6.12.4-100.fc40
kernel-headers-6.12.4-100.fc40
The 6.12.4 stable kernel rebase contains new features, additional hardware support and a number of important fixes across the tree.
It was discovered that Tornado incorrectly handled a certain redirect.
A remote attacker could possibly use this issue to redirect a user to an
arbitrary web site and conduct a phishing attack by having the user access
a specially crafted URL. This update provides the corresponding fix for
Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. (CVE-2023-28370)
It was discovered that Tornado inefficiently handled requests when parsing
cookies. An attacker could possibly use this issue to increase resource
utilization leading to a denial of service. (CVE-2024-52804)
linux-firmware-20241210-1.fc41
Update to upstream 20241210
Update firmware file for Intel BlazarU core
amdgpu: numerous firmware updates
upstream amdnpu firmware
QCA: Add Bluetooth nvm files for WCN785x
i915: Update Xe2LPD DMC to v2.24
cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
iwlwifi: add Bz-gf FW for core89-91 release
QCA: Update Bluetooth WCN785x firmware to 2.0.0-00515-2
ice: update ice DDP wireless_edge package to 1.3.20.0
ice: update ice DDP comms package to 1.3.52.0
ice: update ice DDP package to ice-1.3.41.0
amdgpu: update DMCUB to v9.0.10.0 for DCN314/DCN351
Update AMD cpu microcode
xe: Update GUC to v70.36.0 for BMG, LNL
i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL
iwlwifi: add Bz-gf FW for core91-69 release
qcom: venus-5.4: add venus firmware file for qcs615
qcom: update venus firmware file for SC7280
QCA: Add 22 bluetooth firmware nvm files for QCA2066
mediatek MT7921/MT7922: update bluetooth firmware
update for MT7921/MT7922 WiFi device
qcom: Add QDU100 firmware image files.
qcom: Update aic100 firmware files
linux-firmware-20241210-1.fc40
Update to upstream 20241210
Update firmware file for Intel BlazarU core
amdgpu: numerous firmware updates
upstream amdnpu firmware
QCA: Add Bluetooth nvm files for WCN785x
i915: Update Xe2LPD DMC to v2.24
cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
iwlwifi: add Bz-gf FW for core89-91 release
QCA: Update Bluetooth WCN785x firmware to 2.0.0-00515-2
ice: update ice DDP wireless_edge package to 1.3.20.0
ice: update ice DDP comms package to 1.3.52.0
ice: update ice DDP package to ice-1.3.41.0
amdgpu: update DMCUB to v9.0.10.0 for DCN314/DCN351
Update AMD cpu microcode
xe: Update GUC to v70.36.0 for BMG, LNL
i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL
iwlwifi: add Bz-gf FW for core91-69 release
qcom: venus-5.4: add venus firmware file for qcs615
qcom: update venus firmware file for SC7280
QCA: Add 22 bluetooth firmware nvm files for QCA2066
mediatek MT7921/MT7922: update bluetooth firmware
update for MT7921/MT7922 WiFi device
qcom: Add QDU100 firmware image files.
qcom: Update aic100 firmware files
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-11949.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-11948.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-11947.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Veritas Enterprise Vault. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2024-53909.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Veritas Enterprise Vault. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2024-53910.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Veritas Enterprise Vault. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2024-53911.
