Category: Advisories

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-40866 Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to...

Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python library to create PDF documents, could be bypassed which may result in the execution...

It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was susceptible to nesting-based mXSS. https://security-tracker.debian.org/tracker/DSA-5790-1 Read More

On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced...

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. https://security-tracker.debian.org/tracker/DSA-5789-1 Read More

FEDORA-2024-45df72afc6 Packages in this update: edk2-20240813-2.fc40 Update description: Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys) Read More

FEDORA-2024-9cc95d56ce Packages in this update: edk2-20240813-2.fc41 Update description: Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys) Read More

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in plaintext....

FEDORA-2024-df41d584d0 Packages in this update: glibc-2.38-19.fc39 Update description: Auto-sync with upstream branch release/2.38/master Add BuildRequires:gzip for compressed character maps and info files. Upstream commit: 4dd8641461463b667b5503ab0ea4abcf261378a9...

FEDORA-2024-7d06f67cf5 Packages in this update: libgsf-1.14.53-1.fc39 Update description: Fixes for memory vulnerabilities. Read More