Category Archives: Advisories

perl-Email-MIME-1.954-1.fc40

Read Time:20 Second

FEDORA-2024-032e16360b

Packages in this update:

perl-Email-MIME-1.954-1.fc40

Update description:

This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.

Read More

perl-Email-MIME-1.954-1.el9

Read Time:20 Second

FEDORA-EPEL-2024-862672cc3e

Packages in this update:

perl-Email-MIME-1.954-1.el9

Update description:

This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.

Read More

perl-Email-MIME-1.954-1.fc39

Read Time:20 Second

FEDORA-2024-38fb541a75

Packages in this update:

perl-Email-MIME-1.954-1.fc39

Update description:

This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.

Read More

perl-Email-MIME-1.954-1.el8

Read Time:20 Second

FEDORA-EPEL-2024-d3360e8898

Packages in this update:

perl-Email-MIME-1.954-1.el8

Update description:

This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.

Read More

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation

Read Time:27 Second

A vulnerability has been discovered in SolarWinds Access Rights Manager that could allow for privilege escalation. Successful exploitation of this vulnerability could allow for privilege escalation in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Read Time:28 Second

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More