Read Time:8 Second
FEDORA-2024-efc4802051
Packages in this update:
mingw-python-requests-2.32.0-1.fc40
Update description:
Update to requests-2.32.0, fixes CVE-2024-35195.
Category Archives: Advisories
oci-cli-3.41.0-1.fc41 python-oci-2.126.4-1.fc41
Read Time:9 Second
FEDORA-2024-ee636be6ff
Packages in this update:
oci-cli-3.41.0-1.fc41
python-oci-2.126.4-1.fc41
Update description:
oci-cli 3.41.0
USN-6780-1: idna vulnerability
Read Time:9 Second
Guido Vranken discovered that idna did not properly manage certain inputs,
which could lead to significant resource consumption. An attacker could
possibly use this issue to cause a denial of service.
libreoffice-7.6.7.2-1.fc39
Read Time:6 Second
FEDORA-2024-7989718224
Packages in this update:
libreoffice-7.6.7.2-1.fc39
Update description:
7.6.7.2
USN-6781-1: Spreadsheet::ParseExcel vulnerability
Read Time:9 Second
Le Dinh Hai discovered that Spreadsheet::ParseExcel was passing unvalidated
input from a file into a string-type “eval”. An attacker could craft a
malicious file to achieve arbitrary code execution.
firefox-126.0-7.fc38
Read Time:12 Second
FEDORA-2024-b4b4426a4f
Packages in this update:
firefox-126.0-7.fc38
Update description:
Fixed DBus service to not run without Gnome search requests
new upstream update (126.0)
New upstream version (125.0.3)
Latest upstream release.
USN-6779-1: Firefox vulnerabilities
Read Time:54 Second
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-4767,
CVE-2024-4768, CVE-2024-4769, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773,
CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778)
Jan-Ivar Bruaroey discovered that Firefox did not properly manage memory
when audio input connected with multiple consumers. An attacker could
potentially exploit this issue to cause a denial of service, or execute
arbitrary code. (CVE-2024-4764)
Thomas Rinsma discovered that Firefox did not properly handle type check
when handling fonts in PDF.js. An attacker could potentially exploit this
issue to execute arbitrary javascript code in PDF.js. (CVE-2024-4367)
Irvan Kurniawan discovered that Firefox did not properly handle certain
font styles when saving a page to PDF. An attacker could potentially
exploit this issue to cause a denial of service. (CVE-2024-4770)
asterisk release 20.8.1
Read Time:22 Second
Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security release
Asterisk 20.8.1.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.8.1
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 20.8.1
## Change Log for Release asterisk-20.8.1
### Links:
– [Full ChangeLog](…
asterisk release 21.3.1
Read Time:22 Second
Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security release
Asterisk 21.3.1.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.3.1
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 21.3.1
## Change Log for Release asterisk-21.3.1
### Links:
– [Full ChangeLog](…
asterisk release 18.23.1
Read Time:22 Second
Posted by Asterisk Development Team via Fulldisclosure on May 20
The Asterisk Development Team would like to announce security release
Asterisk 18.23.1.
The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.23.1
and
https://downloads.asterisk.org/pub/telephony/asterisk
Repository: https://github.com/asterisk/asterisk
Tag: 18.23.1
## Change Log for Release asterisk-18.23.1
### Links:
– [Full ChangeLog](…