python-jinja2-3.1.4-1.fc41
Automatic update for python-jinja2-3.1.4-1.fc41.
* Tue May 7 2024 Lumír Balhar <lbalhar@redhat.com> – 3.1.4-1
– Update to 3.1.4 (rhbz#2279211,rhbz#2279491)
mingw-libxml2-2.12.7-1.fc39
Update to 2.12.7 (RHBZ#2280535, CVE-2024-34459)
mingw-libxml2-2.12.7-1.fc41
Automatic update for mingw-libxml2-2.12.7-1.fc41.
* Thu May 16 2024 Richard W.M. Jones <rjones@redhat.com> – 2.12.7-1
– Update to 2.12.7 (RHBZ#2280535, CVE-2024-34459)
mingw-libxml2-2.12.7-1.fc40
Update to 2.12.7 (RHBZ#2280535, CVE-2024-34459)
libxml2-2.12.7-1.fc40
Update to 2.12.7
Fix CVE-2024-34459.
perl-Email-MIME-1.954-1.fc40
This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.
perl-Email-MIME-1.954-1.el9
This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.
perl-Email-MIME-1.954-1.fc39
This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.
perl-Email-MIME-1.954-1.el8
This update, to the latest upstream release, addresses an excessive memory use issue (CVE-2024-4140), which can cause denial of service when parsing multi-part MIME messages; the fix is the new $MAX_PARTS configuration, which limits how many parts will be considered for parsing, defaulting to 100.
A vulnerability has been discovered in SolarWinds Access Rights Manager that could allow for privilege escalation. Successful exploitation of this vulnerability could allow for privilege escalation in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
