FEDORA-2024-d79685d847
Packages in this update:
yarnpkg-1.22.22-5.fc39
Update description:
Update bundled ws (CVE-2024-37890)
Update bundled dependencies to fix CVE-2024-48949.
yarnpkg-1.22.22-5.fc39
Update bundled ws (CVE-2024-37890)
Update bundled dependencies to fix CVE-2024-48949.
yarnpkg-1.22.22-5.fc41
Update bundled ws (CVE-2024-37890)
Update bundled elliptic to fix CVE-2024-48949.
yarnpkg-1.22.22-5.fc40
Update bundled ws (CVE-2024-37890)
Update bundled elliptic to fix CVE-2024-48949.
rust-pyo3-0.22.4-1.el9
rust-pyo3-build-config-0.22.4-1.el9
rust-pyo3-ffi-0.22.4-1.el9
rust-pyo3-macros-0.22.4-1.el9
rust-pyo3-macros-backend-0.22.4-1.el9
Update pyo3 to version 0.22.4.
This version addresses a potential use-after-free RUSTSEC-2024-0378.
rust-pyo3-0.22.4-1.el10_0
rust-pyo3-build-config-0.22.4-1.el10_0
rust-pyo3-ffi-0.22.4-1.el10_0
rust-pyo3-macros-0.22.4-1.el10_0
rust-pyo3-macros-backend-0.22.4-1.el10_0
Update pyo3 to version 0.22.4.
This version addresses a potential use-after-free RUSTSEC-2024-0378.
rust-pyo3-0.22.4-1.fc39
rust-pyo3-build-config-0.22.4-1.fc39
rust-pyo3-ffi-0.22.4-1.fc39
rust-pyo3-macros-0.22.4-1.fc39
rust-pyo3-macros-backend-0.22.4-1.fc39
Update pyo3 to version 0.22.4.
This version addresses a potential use-after-free RUSTSEC-2024-0378.
rust-pyo3-0.22.4-1.fc40
rust-pyo3-build-config-0.22.4-1.fc40
rust-pyo3-ffi-0.22.4-1.fc40
rust-pyo3-macros-0.22.4-1.fc40
rust-pyo3-macros-backend-0.22.4-1.fc40
Update pyo3 to version 0.22.4.
This version addresses a potential use-after-free RUSTSEC-2024-0378.
yarnpkg-1.22.22-4.fc39
Update bundled dependencies to fix CVE-2024-48949.
It was discovered that nano allowed a possible privilege escalation
through an insecure temporary file. If nano was killed while editing, the
permissions granted to the emergency save file could be used by an
attacker to escalate privileges using a malicious symlink.
It was discovered that ImageMagick incorrectly handled certain
malformed image files. If a user or automated system using ImageMagick
were tricked into processing a specially crafted file, an attacker could
exploit this to cause a denial of service or affect the reliability of the
system. The vulnerabilities included memory leaks, buffer overflows, and
improper handling of pixel data.