Category Archives: Advisories

glib2-2.78.6-1.fc39 gnome-shell-45.6-2.fc39

Read Time:16 Second

FEDORA-2024-fd2569c4e9

Packages in this update:

glib2-2.78.6-1.fc39
gnome-shell-45.6-2.fc39

Update description:

Resolve CVE-2024-34397 (GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing), and also update gnome-shell to ensure this fix does not break the screencast feature.

Read More

glib2-2.80.2-1.fc40 gnome-shell-46.1-2.fc40

Read Time:16 Second

FEDORA-2024-635a54eb7e

Packages in this update:

glib2-2.80.2-1.fc40
gnome-shell-46.1-2.fc40

Update description:

Resolve CVE-2024-34397 (GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing), and also update gnome-shell to ensure this fix does not break the screencast feature.

Read More

DSA-5684-1 webkit2gtk – security update

Read Time:51 Second

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2023-42843

Kacper Kwapisz discovered that visiting a malicious website may
lead to address bar spoofing.

CVE-2023-42950

Nan Wang and Rushikesh Nandedkar discovered that processing
maliciously crafted web content may lead to arbitrary code
execution.

CVE-2023-42956

SungKwon Lee discovered that processing web content may lead to a
denial-of-service.

CVE-2024-23252

anbu1024 discovered that processing web content may lead to a
denial-of-service.

CVE-2024-23254

James Lee discovered that a malicious website may exfiltrate audio
data cross-origin.

CVE-2024-23263

Johan Carlsson discovered that processing maliciously crafted web
content may prevent Content Security Policy from being enforced.

CVE-2024-23280

An anonymous researcher discovered that a maliciously crafted
webpage may be able to fingerprint the user.

CVE-2024-23284

Georg Felber and Marco Squarcina discovered that processing
maliciously crafted web content may prevent Content Security
Policy from being enforced.

https://security-tracker.debian.org/tracker/DSA-5684-1

Read More