Fabian Vogt discovered that the KDE session management server
insufficiently restricted ICE connections from localhost, which could
allow a local attacker to execute arbitrary code as another user on
next boot.
Category Archives: Advisories
python-waitress-1.4.3-2.el7
FEDORA-EPEL-2024-1682369c61
Packages in this update:
python-waitress-1.4.3-2.el7
Update description:
Backport upstream fix for CVE-2022-24761.
USN-6566-2: SQLite vulnerability
USN-6566-1 fixed several vulnerabilities in SQLite. This update provides
the corresponding fix for CVE-2023-7104 for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that SQLite incorrectly handled certain memory operations
in the sessions extension. A remote attacker could possibly use this issue
to cause SQLite to crash, resulting in a denial of service.
rust-blowfish-0.9.1-2.el9 rust-dsa-0.6.3-1.el9 rust-num-bigint-dig-0.8.4-1.el9 rust-rand_isaac-0.3.0-6.el9 rust-rsa-0.9.6-2.el9 rust-sequoia-gpg-agent-0.4.2-1.el9 rust-sequoia-keystore-0.5.1-1.el9 rust-sequoia-openpgp-1.21.1-1.el9 rust-sequoia-sq-0.37.0-3.el9
FEDORA-EPEL-2024-5292ca934e
Packages in this update:
rust-blowfish-0.9.1-2.el9
rust-dsa-0.6.3-1.el9
rust-num-bigint-dig-0.8.4-1.el9
rust-rand_isaac-0.3.0-6.el9
rust-rsa-0.9.6-2.el9
rust-sequoia-gpg-agent-0.4.2-1.el9
rust-sequoia-keystore-0.5.1-1.el9
rust-sequoia-openpgp-1.21.1-1.el9
rust-sequoia-sq-0.37.0-3.el9
Update description:
Update the sequoia-openpgp crate to version 1.21.1. Addresses RUSTSEC-2024-0345.
Update the sequoia-keystore crate to version 0.5.1.
Update the sequoia-gpg-agent crate to version 0.4.2.
This update also includes rebuilds of all affected applications that are affected by RUSTSEC-2024-0345 and a regression in sequoia-openpgp 1.21.0.
rust-sequoia-chameleon-gnupg-0.10.0-3.fc39 rust-sequoia-gpg-agent-0.4.2-1.fc39 rust-sequoia-keystore-0.5.1-1.fc39 rust-sequoia-openpgp-1.21.1-1.fc39 rust-sequoia-sq-0.37.0-3.fc39
FEDORA-2024-029752e60b
Packages in this update:
rust-sequoia-chameleon-gnupg-0.10.0-3.fc39
rust-sequoia-gpg-agent-0.4.2-1.fc39
rust-sequoia-keystore-0.5.1-1.fc39
rust-sequoia-openpgp-1.21.1-1.fc39
rust-sequoia-sq-0.37.0-3.fc39
Update description:
Update the sequoia-openpgp crate to version 1.21.1. Addresses RUSTSEC-2024-0345.
Update the sequoia-keystore crate to version 0.5.1.
Update the sequoia-gpg-agent crate to version 0.4.2.
This update also includes rebuilds of all affected applications that are affected by RUSTSEC-2024-0345 and a regression in sequoia-openpgp 1.21.0.
rust-sequoia-chameleon-gnupg-0.10.0-3.fc40 rust-sequoia-gpg-agent-0.4.2-1.fc40 rust-sequoia-keystore-0.5.1-1.fc40 rust-sequoia-openpgp-1.21.1-1.fc40 rust-sequoia-sq-0.37.0-3.fc40
FEDORA-2024-12f0caa904
Packages in this update:
rust-sequoia-chameleon-gnupg-0.10.0-3.fc40
rust-sequoia-gpg-agent-0.4.2-1.fc40
rust-sequoia-keystore-0.5.1-1.fc40
rust-sequoia-openpgp-1.21.1-1.fc40
rust-sequoia-sq-0.37.0-3.fc40
Update description:
Update the sequoia-openpgp crate to version 1.21.1. Addresses RUSTSEC-2024-0345.
Update the sequoia-keystore crate to version 0.5.1.
Update the sequoia-gpg-agent crate to version 0.4.2.
This update also includes rebuilds of all affected applications that are affected by RUSTSEC-2024-0345 and a regression in sequoia-openpgp 1.21.0.
python-astropy-5.3.3-1.fc40
FEDORA-2024-d329148f1e
Packages in this update:
python-astropy-5.3.3-1.fc40
Update description:
Security fix for CVE-2023-41334
python-astropy-5.3.3-1.fc39
FEDORA-2024-d8ac19de55
Packages in this update:
python-astropy-5.3.3-1.fc39
Update description:
Security fix for CVE-2023-41334
python-urllib3-1.26.19-1.fc39
FEDORA-2024-e0b0ad79b2
Packages in this update:
python-urllib3-1.26.19-1.fc39
Update description:
Update to 1.26.19 to fix CVE-2024-37891 (rhbz#2292790)
python-urllib3-1.26.19-1.fc40
FEDORA-2024-af07c0bb8c
Packages in this update:
python-urllib3-1.26.19-1.fc40
Update description:
Update to 1.26.19 to fix CVE-2024-37891 (rhbz#2292790)