USN-7065-1: Firefox vulnerability
Damien Schaeffer discovered that Firefox did not properly manage memory in the content process when handling Animation timelines, leading to a use after free vulnerability....
DSA-5792-1 webkit2gtk – security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-40866 Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to...
DSA-5791-1 python-reportlab – security update
Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python library to create PDF documents, could be bypassed which may result in the execution...
DSA-5790-1 node-dompurify – security update
It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was susceptible to nesting-based mXSS. https://security-tracker.debian.org/tracker/DSA-5790-1 Read More
Secure Custom Fields
On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced...
DSA-5789-1 thunderbird – security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. https://security-tracker.debian.org/tracker/DSA-5789-1 Read More
edk2-20240813-2.fc40
FEDORA-2024-45df72afc6 Packages in this update: edk2-20240813-2.fc40 Update description: Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys) Read More
edk2-20240813-2.fc41
FEDORA-2024-9cc95d56ce Packages in this update: edk2-20240813-2.fc41 Update description: Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys) Read More
USN-7063-1: Ubuntu Advantage Desktop Daemon vulnerability
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token as an argument in plaintext....
glibc-2.38-19.fc39
FEDORA-2024-df41d584d0 Packages in this update: glibc-2.38-19.fc39 Update description: Auto-sync with upstream branch release/2.38/master Add BuildRequires:gzip for compressed character maps and info files. Upstream commit: 4dd8641461463b667b5503ab0ea4abcf261378a9...