FEDORA-2024-a3c1b2629e
Packages in this update:
rapidjson-1.1.0-41.fc39
Update description:
Fix for CVE-2024-38517.
rapidjson-1.1.0-41.fc39
Fix for CVE-2024-38517.
python-django-4.2.14-2.fc39
Security fixes for
https://nvd.nist.gov/vuln/detail/CVE-2024-38875
https://nvd.nist.gov/vuln/detail/CVE-2024-39329
https://nvd.nist.gov/vuln/detail/CVE-2024-3930
https://nvd.nist.gov/vuln/detail/CVE-2024-39614
python-django-4.2.14-2.fc40
Security fixes for
https://nvd.nist.gov/vuln/detail/CVE-2024-38875
https://nvd.nist.gov/vuln/detail/CVE-2024-39329
https://nvd.nist.gov/vuln/detail/CVE-2024-3930
https://nvd.nist.gov/vuln/detail/CVE-2024-39614
rapidjson-1.1.0-41.fc41
Automatic update for rapidjson-1.1.0-41.fc41.
* Wed Jul 10 2024 Tom Hughes <tom@compton.nu> – 1.1.0-41
– Add patch for CVE-2024-38517 aka RHBZ#2296979
ruby-3.3.4-11.fc40
Upgrade to Ruby 3.3.4.
qt6-qtbase-6.6.2-2.fc39
Fix for CVE-2024-39936.
It was discovered that .NET did not properly handle object
deserialization. An attacker could possibly use this issue to cause
a denial of service. (CVE-2024-30105)
Radek Zikmund discovered that .NET did not properly manage memory. An
attacker could use this issue to cause a denial of service or possibly
execute arbitrary code. (CVE-2024-35264)
It was discovered that .NET did not properly parse X.509 Content and
ObjectIdentifiers. An attacker could possibly use this issue to cause
a denial of service. (CVE-2024-38095)
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-6601,
CVE-2024-6604, CVE-2024-6607, CVE-2024-6608, CVE-2024-6610, CVE-2024-6611,
CVE-2024-6612, CVE-2024-6613, CVE-2024-6614, CVE-2024-6615)
It was discovered that Firefox did not properly manage certain memory
operations in the NSS. An attacker could potentially exploit this issue to
cause a denial of service, or execute arbitrary code. (CVE-2024-6602,
CVE-2024-6609)
Irvan Kurniawan discovered that Firefox did not properly manage memory
during thread creation. An attacker could potentially exploit this
issue to cause a denial of service, or execute arbitrary code.
(CVE-2024-6603)
It was discovered that Firefox incorrectly handled array accesses in the
clipboard component, leading to an out-of-bounds read vulnerability. An
attacker could possibly use this issue to cause a denial of service or
expose sensitive information. (CVE-2024-6606)