Defense in depth — the Microsoft way (part 87): shipping more rotten software to billions of unsuspecting customers
Posted by Stefan Kanthak on Apr 24 Hi @ll, this post is a continuation of <https://seclists.org/fulldisclosure/2023/Oct/17> and <https://seclists.org/fulldisclosure/2021/Oct/17> With the release of .NET Framework 4.8...
Response to CVE-2023-26756 – Revive Adserver
Posted by Matteo Beccati on Apr 24 CVE-2023-26756 has been recently filed against the Revive Adserver project. The action was taken without first contacting us,...
USN-6749-1: FreeRDP vulnerabilities
It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could...
libcoap-4.3.4a-2.fc40
FEDORA-2024-75863445ff Packages in this update: libcoap-4.3.4a-2.fc40 Update description: Patch to fix CVE-2024-31031 Read More
ruby-3.3.1-7.fc40
FEDORA-2024-14db7b21a2 Packages in this update: ruby-3.3.1-7.fc40 Update description: Upgrade to Ruby 3.3.1. Read More
python-dns-2.4.2-2.fc39
FEDORA-2024-391ed3a61d Packages in this update: python-dns-2.4.2-2.fc39 Update description: Fix for CVE-2023-29483 (rhbz#2274685) Read More
python-dns-2.3.0-3.fc38
FEDORA-2024-bbd76d7c63 Packages in this update: python-dns-2.3.0-3.fc38 Update description: Fix for CVE-2023-29483 (rhbz#2274685) Read More
thunderbird-flatpak-115.10.1-1
FEDORA-FLATPAK-2024-de95fc1445 Packages in this update: thunderbird-flatpak-115.10.1-1 Update description: Thunderbird 115.10.1 release. Read More
libcoap-4.3.4a-2.fc39
FEDORA-2024-450b75e4a0 Packages in this update: libcoap-4.3.4a-2.fc39 Update description: Patch to fix CVE-2024-31031 Read More
USN-6748-1: Sanitize vulnerabilities
It was discovered that Sanitize incorrectly handled noscript elements under certain circumstances. An attacker could possibly use this issue to execute a cross-site scripting (XSS)...