FEDORA-EPEL-2024-ce4b5bda0d
Packages in this update:
efifs-1.9-6.el9
Update description:
Update bundled edk2 to 20240524 (#2284243)
efifs-1.9-6.el9
Update bundled edk2 to 20240524 (#2284243)
efifs-1.9-6.fc40
Update bundled edk2 to 20240524 (#2284243)
efifs-1.9-6.fc39
Update bundled edk2 to 20240524 (#2284243)
strongswan-5.9.14-1.fc40
Fixes CVE-2023-41913 buffer overflow and possible RCE, various IKEv2 improvements
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
chromium-125.0.6422.141-1.el8
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
chromium-125.0.6422.141-1.el9
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
chromium-125.0.6422.141-1.el7
update to 125.0.6422.141
High CVE-2024-5493: Heap buffer overflow in WebRTC
High CVE-2024-5494: Use after free in Dawn
High CVE-2024-5495: Use after free in Dawn
High CVE-2024-5496: Use after free in Media Session
High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
High CVE-2024-5498: Use after free in Presentation API
High CVE-2024-5499: Out of bounds write in Streams API
strongswan-5.9.14-1.fc41
Automatic update for strongswan-5.9.14-1.fc41.
* Fri May 31 2024 Paul Wouters <paul.wouters@aiven.io> – 5.9.14-1
– Resolves: rhbz#2254560 CVE-2023-41913 buffer overflow and possible RCE
– Resolved: rhbz#2250666 Update to 5.9.14 (IKEv2 OCSP extensions, seqno/regno overflow handling
– Update to 5.9.13 (OCSP nonce set regression configuration option charon.ocsp_nonce_len)
– Update to 5.9.12 (CVE-2023-41913 fix, various IKEv2 fixes)
An integer overflow in the EXIF metadata parsing was discovered in the
GStreamer media framework, which may result in denial of service or
potentially the execution of arbitrary code if a malformed file is
processed.