thunderbird-115.10.1-4.fc39
Update to 115.10.1
https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
Fix https://bugzilla.redhat.com/show_bug.cgi?id=2276078
Including security update to 115.10.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/
https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
thunderbird-115.10.1-4.fc38
Update to 115.10.1
https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
Fix https://bugzilla.redhat.com/show_bug.cgi?id=2276078
Including security update to 115.10.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/
https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
python-aiohttp-3.9.5-1.el9
Security update for CVE-2024-27306
https://github.com/aio-libs/aiohttp/releases/tag/v3.9.5
flatpak-runtime-f39-24
flatpak-sdk-f39-15
Updated flatpak runtime and SDK, including latest Fedora 39 security and bug-fix errata.
python-aiohttp-3.9.5-1.fc38
Security update for CVE-2024-27306
https://github.com/aio-libs/aiohttp/releases/tag/v3.9.5
python-aiohttp-3.9.5-1.fc39
Security update for CVE-2024-27306
https://github.com/aio-libs/aiohttp/releases/tag/v3.9.5
Daniele Antonioli discovered that the Secure Simple Pairing and Secure
Connections pairing in the Bluetooth protocol could allow an
unauthenticated user to complete authentication without pairing
credentials. A physically proximate attacker placed between two Bluetooth
devices could use this to subsequently impersonate one of the paired
devices. (CVE-2023-24023)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– JFS file system;
– Netfilter;
(CVE-2024-26581, CVE-2023-52600, CVE-2023-52603)
python-aiohttp-3.9.5-1.fc40
python-openapi-core-0.19.1-3.fc40
Security update for CVE-2024-27306
https://github.com/aio-libs/aiohttp/releases/tag/v3.9.5
It was discovered that Google Guest Agent and Google OS Config Agent incorrectly
handled certain JSON files. An attacker could possibly use this issue to
cause a denial of service.
USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused
Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled
in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected
and reinstated in this update.
We apologize for the inconvenience.
Original advisory details:
Joshua Rogers discovered that Squid incorrectly handled collapsed
forwarding. A remote attacker could possibly use this issue to cause Squid
to crash, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-49288)
Joshua Rogers discovered that Squid incorrectly handled certain structural
elements. A remote attacker could possibly use this issue to cause Squid to
crash, resulting in a denial of service. (CVE-2023-5824)
Joshua Rogers discovered that Squid incorrectly handled Cache Manager error
responses. A remote trusted client can possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2024-23638)
Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked
decoder. A remote attacker could possibly use this issue to cause Squid to
stop responding, resulting in a denial of service. (CVE-2024-25111)
Joshua Rogers discovered that Squid incorrectly handled HTTP header
parsing. A remote trusted client can possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2024-25617)
