Category Archives: Advisories

rust-pyo3-0.22.4-1.el10_0 rust-pyo3-build-config-0.22.4-1.el10_0 rust-pyo3-ffi-0.22.4-1.el10_0 rust-pyo3-macros-0.22.4-1.el10_0 rust-pyo3-macros-backend-0.22.4-1.el10_0

Read Time:22 Second

FEDORA-EPEL-2024-4c4f6a6ab8

Packages in this update:

rust-pyo3-0.22.4-1.el10_0
rust-pyo3-build-config-0.22.4-1.el10_0
rust-pyo3-ffi-0.22.4-1.el10_0
rust-pyo3-macros-0.22.4-1.el10_0
rust-pyo3-macros-backend-0.22.4-1.el10_0

Update description:

Update pyo3 to version 0.22.4.

This version addresses a potential use-after-free RUSTSEC-2024-0378.

Read More

rust-pyo3-0.22.4-1.fc39 rust-pyo3-build-config-0.22.4-1.fc39 rust-pyo3-ffi-0.22.4-1.fc39 rust-pyo3-macros-0.22.4-1.fc39 rust-pyo3-macros-backend-0.22.4-1.fc39

Read Time:21 Second

FEDORA-2024-44f01d9c69

Packages in this update:

rust-pyo3-0.22.4-1.fc39
rust-pyo3-build-config-0.22.4-1.fc39
rust-pyo3-ffi-0.22.4-1.fc39
rust-pyo3-macros-0.22.4-1.fc39
rust-pyo3-macros-backend-0.22.4-1.fc39

Update description:

Update pyo3 to version 0.22.4.

This version addresses a potential use-after-free RUSTSEC-2024-0378.

Read More

rust-pyo3-0.22.4-1.fc40 rust-pyo3-build-config-0.22.4-1.fc40 rust-pyo3-ffi-0.22.4-1.fc40 rust-pyo3-macros-0.22.4-1.fc40 rust-pyo3-macros-backend-0.22.4-1.fc40

Read Time:21 Second

FEDORA-2024-23292e9f6d

Packages in this update:

rust-pyo3-0.22.4-1.fc40
rust-pyo3-build-config-0.22.4-1.fc40
rust-pyo3-ffi-0.22.4-1.fc40
rust-pyo3-macros-0.22.4-1.fc40
rust-pyo3-macros-backend-0.22.4-1.fc40

Update description:

Update pyo3 to version 0.22.4.

This version addresses a potential use-after-free RUSTSEC-2024-0378.

Read More

USN-7064-1: nano vulnerability

Read Time:13 Second

It was discovered that nano allowed a possible privilege escalation
through an insecure temporary file. If nano was killed while editing, the
permissions granted to the emergency save file could be used by an
attacker to escalate privileges using a malicious symlink.

Read More

USN-7068-1: ImageMagick vulnerabilities

Read Time:18 Second

It was discovered that ImageMagick incorrectly handled certain
malformed image files. If a user or automated system using ImageMagick
were tricked into processing a specially crafted file, an attacker could
exploit this to cause a denial of service or affect the reliability of the
system. The vulnerabilities included memory leaks, buffer overflows, and
improper handling of pixel data.

Read More

ZDI-24-1411: Delta Electronics CNCSoft-G2 DPAX File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-47966.

Read More

ZDI-24-1410: Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-47962.

Read More

ZDI-24-1409: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-47963.

Read More

ZDI-24-1408: Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-G2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-47963.

Read More