CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbis_deinit()
CVE-2023-45680: Null pointer dereference in vorbis_deinit()
CVE-2023-45681: Out of bounds heap buffer write
CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder()
CVE-2023-45677: Heap buffer out of bounds write in start_decoder()
CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()
* Thu Jan 2 2025 Jonathan Wright <jonathan@almalinux.org> – 1.60.4-2
– Use global macro to override make smp_flags
* Thu Jan 2 2025 Jonathan Wright <jonathan@almalinux.org> – 1.60.4-1
– update to 1.60.4 rhbz#2334236
– re-enable builds against libxml2, no more bundled libexpat
– fixes rhbz#2310136
– fixes rhbz#2310146
– fixes rhbz#2310152
* Wed Sep 4 2024 Miroslav Suchý <msuchy@redhat.com> – 1.59.03-3
– convert license to SPDX
[Product]
Navigator for i is a Web console interface where you can perform the
key tasks to administer your IBM i.
IBM Navigator for i supports the vast majority of tasks that were…
[Product]
Navigator for i is a Web console interface where you can perform the
key tasks to administer your IBM i.
IBM Navigator for i supports the vast majority of tasks that…
What is the Vulnerability?Attackers are exploiting, a Denial-of-Service vulnerability (CVE-2024-3393) in the DNS Security feature of Palo Alto Networks PAN-OS. This vulnerability allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall, causing it to crash and reboot, potentially leading to Denial of Service (DoS).CISA has also added CVE-2024-3393 to its Known Exploited Vulnerability (KEV) Catalog on December 12, 2024.What is the recommended Mitigation?Palo Alto Networks has released a patch for CVE-2024-3393 and noted in their advisory, that they are “aware of customers experiencing this denial of service (DoS) when their firewall blocks malicious DNS packets that trigger this issue”. For detailed guidance, visit https://security.paloaltonetworks.com/CVE-2024-3393 What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the fix provided by the vendor and follow instructions as mentioned on the vendor’s advisory. The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
