gdcm-3.0.23-5.fc39
TALOS-2024-1924, CVE-2024-22391: heap overflow
TALOS-2024-1935, CVE-2024-22373: out-of-bounds write
TALOS-2024-1944, CVE-2024-25569: out-of-bounds read
Replace deprecated PyEval_CallObject for compatibility with Python 3.13
gdcm-3.0.12-7.el9
TALOS-2024-1924, CVE-2024-22391: heap overflow
TALOS-2024-1935, CVE-2024-22373: out-of-bounds write
TALOS-2024-1944, CVE-2024-25569: out-of-bounds read
Replace deprecated PyEval_CallObject for compatibility with Python 3.13
gdcm-3.0.21-4.fc38
TALOS-2024-1924, CVE-2024-22391: heap overflow
TALOS-2024-1935, CVE-2024-22373: out-of-bounds write
TALOS-2024-1944, CVE-2024-25569: out-of-bounds read
Replace deprecated PyEval_CallObject for compatibility with Python 3.13
gdcm-3.0.23-5.fc40
TALOS-2024-1924, CVE-2024-22391: heap overflow
TALOS-2024-1935, CVE-2024-22373: out-of-bounds write
TALOS-2024-1944, CVE-2024-25569: out-of-bounds read
Replace deprecated PyEval_CallObject for compatibility with Python 3.13
gdcm-3.0.23-5.fc41
Automatic update for gdcm-3.0.23-5.fc41.
* Fri Apr 26 2024 Sandro <devel@penguinpee.nl> – 3.0.23-5
– Apply security patches
– Fix TALOS-2024-1924, CVE-2024-22391 (RHBZ#2277288)
– Fix TALOS-2024-1935, CVE-2024-22373 (RHBZ#2277292)
– Fix TALOS-2024-1944, CVE-2024-25569 (RHBZ#2277296)
* Fri Apr 19 2024 Sandro <devel@penguinpee.nl> – 3.0.23-4
– Replace deprecated PyEval_CallObject() (RHBZ#2245816)
* Fri Mar 22 2024 Sérgio M. Basto <sergio@serjux.com> – 3.0.23-3
– Update URL
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2024-21113.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2024-21112.
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-21115.
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-21114.
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2024-21121.
