Read Time:1 Second
Post Content
Category Archives: Advisories
libopenmpt-0.7.8-1.fc40
Read Time:22 Second
FEDORA-2024-ac4860090c
Packages in this update:
libopenmpt-0.7.8-1.fc40
Update description:
Update from 0.7.6 to 0.7.8 for more bug-fixes.
https://lib.openmpt.org/libopenmpt/2024/06/09/security-update-0.7.8-releases-0.6.17-0.5.31-0.4.43/
https://lib.openmpt.org/libopenmpt/2024/05/12/releases-0.7.7-0.6.16-0.5.30-0.4.42/
libopenmpt-0.7.8-1.fc39
Read Time:22 Second
FEDORA-2024-018a95fb38
Packages in this update:
libopenmpt-0.7.8-1.fc39
Update description:
Update from 0.7.6 to 0.7.8 for more bug-fixes.
https://lib.openmpt.org/libopenmpt/2024/06/09/security-update-0.7.8-releases-0.6.17-0.5.31-0.4.43/
https://lib.openmpt.org/libopenmpt/2024/05/12/releases-0.7.7-0.6.16-0.5.30-0.4.42/
openvpn-2.6.11-1.fc40
Read Time:15 Second
FEDORA-2024-b611e122fb
Packages in this update:
openvpn-2.6.11-1.fc40
Update description:
Update to upstream OpenVPN 2.6.11
CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them
CVE-2024-28882: only call schedule_exit() once (on a given peer)
mingw-poppler-24.02.0-2.fc40
Read Time:7 Second
FEDORA-2024-94068499c9
Packages in this update:
mingw-poppler-24.02.0-2.fc40
Update description:
Backport fix for CVE-2024-6239.
mingw-python-urllib3-1.26.19-1.fc39
Read Time:8 Second
FEDORA-2024-73f181db2a
Packages in this update:
mingw-python-urllib3-1.26.19-1.fc39
Update description:
Update to 1.26.19, fixes CVE-2024-0444.
mingw-python-urllib3-1.26.19-1.fc40
Read Time:8 Second
FEDORA-2024-da86a4f061
Packages in this update:
mingw-python-urllib3-1.26.19-1.fc40
Update description:
Update to 1.26.19, fixes CVE-2024-0444.
Microsoft leak of PlayReady developer / Warbird libs
Read Time:22 Second
Posted by Security Explorations on Jun 21
Hello All,
On Jun 11, 2024 Microsoft engineer posted on a public forum
information about a crash experienced with Apple TV service on a
Surface Pro 9 device [1].
The post had an attachment – a 771MB file (4GB unpacked), which leaked
internal code (260+ files [2]) pertaining to Microsoft PlayReady such
as the following:
– Warbird configuration for building PlayReady library
– Warbird library implementing code obfuscation functionality
– static…
ZDI-24-840: (Pwn2Own) Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Read Time:14 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-6249.
ZDI-24-839: (Pwn2Own) Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability
Read Time:14 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-6248.