Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.
Category Archives: Advisories
USN-7069-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– x86 architecture;
– Cryptographic API;
– CPU frequency scaling framework;
– HW tracing;
– ISDN/mISDN subsystem;
– Media drivers;
– Network drivers;
– NVME drivers;
– S/390 drivers;
– SCSI drivers;
– USB subsystem;
– VFIO drivers;
– Watchdog drivers;
– JFS file system;
– IRQ subsystem;
– Core kernel;
– Memory management;
– Amateur Radio drivers;
– IPv4 networking;
– IPv6 networking;
– IUCV driver;
– Network traffic control;
– TIPC protocol;
– XFRM subsystem;
– Integrity Measurement Architecture(IMA) framework;
– SoC Audio for Freescale CPUs drivers;
– USB sound devices;
(CVE-2024-36971, CVE-2024-42271, CVE-2024-38630, CVE-2024-38602,
CVE-2024-42223, CVE-2024-44940, CVE-2023-52528, CVE-2024-41097,
CVE-2024-27051, CVE-2024-42157, CVE-2024-46673, CVE-2024-39494,
CVE-2024-42089, CVE-2024-41073, CVE-2024-26810, CVE-2024-26960,
CVE-2024-38611, CVE-2024-31076, CVE-2024-26754, CVE-2023-52510,
CVE-2024-40941, CVE-2024-45016, CVE-2024-38627, CVE-2024-38621,
CVE-2024-39487, CVE-2024-27436, CVE-2024-40901, CVE-2024-26812,
CVE-2024-42244, CVE-2024-42229, CVE-2024-43858, CVE-2024-42280,
CVE-2024-26641, CVE-2024-42284, CVE-2024-26602)
mbedtls3.6-3.6.2-1.fc41
FEDORA-2024-8f1374ecfb
Packages in this update:
mbedtls3.6-3.6.2-1.fc41
Update description:
Update to 3.6.2
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.2
python-fastapi-0.111.1-7.fc40 python-openapi-core-0.19.4-3.fc40 python-platformio-6.1.14-7.fc40 python-starlette-0.40.0-1.fc40
FEDORA-2024-f1615b58e6
Packages in this update:
python-fastapi-0.111.1-7.fc40
python-openapi-core-0.19.4-3.fc40
python-platformio-6.1.14-7.fc40
python-starlette-0.40.0-1.fc40
Update description:
Security fix for CVE-2024-47874.
Starlette 0.40.0 (October 15, 2024)
This release fixes a Denial of service (DoS) via multipart/form-data requests.
You can view the full security advisory:
GHSA-f96h-pmfr-66vw
Fixed
Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data
requests fd038f3.
python-fastapi-0.115.2-1.fc41 python-openapi-core-0.19.4-4.fc41 python-platformio-6.1.14-7.fc41 python-starlette-0.40.0-1.fc41
FEDORA-2024-05dedb1a53
Packages in this update:
python-fastapi-0.115.2-1.fc41
python-openapi-core-0.19.4-4.fc41
python-platformio-6.1.14-7.fc41
python-starlette-0.40.0-1.fc41
Update description:
Security fix for CVE-2024-47874.
Starlette 0.40.0 (October 15, 2024)
This release fixes a Denial of service (DoS) via multipart/form-data requests.
You can view the full security advisory:
GHSA-f96h-pmfr-66vw
Fixed
Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data
requests fd038f3.
FastAPI 0.115.2
https://github.com/fastapi/fastapi/releases/tag/0.115.2
https://github.com/fastapi/fastapi/releases/tag/0.115.1
python-openapi-core-0.19.4-4.fc42 python-platformio-6.1.16-2.fc42 python-starlette-0.40.0-1.fc42
FEDORA-2024-466c574575
Packages in this update:
python-openapi-core-0.19.4-4.fc42
python-platformio-6.1.16-2.fc42
python-starlette-0.40.0-1.fc42
Update description:
Security fix for CVE-2024-47874.
Starlette 0.40.0 (October 15, 2024)
This release fixes a Denial of service (DoS) via multipart/form-data requests.
You can view the full security advisory:
GHSA-f96h-pmfr-66vw
Fixed
Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data
requests fd038f3.
yarnpkg-1.22.22-5.el9
FEDORA-EPEL-2024-78df19aaf3
Packages in this update:
yarnpkg-1.22.22-5.el9
Update description:
Sync with fedora package.
libarchive-3.7.1-3.fc39
FEDORA-2024-ab6348928b
Packages in this update:
libarchive-3.7.1-3.fc39
Update description:
Fix for CVE-2024-48957
dotnet6.0-6.0.135-1.fc39
FEDORA-2024-00855b1d76
Packages in this update:
dotnet6.0-6.0.135-1.fc39
Update description:
This is the October 2024 monthly update for .NET 6.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.135.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.35.md
dotnet6.0-6.0.135-1.fc40
FEDORA-2024-87d8204201
Packages in this update:
dotnet6.0-6.0.135-1.fc40
Update description:
This is the October 2024 monthly update for .NET 6.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.135.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.35/6.0.35.md