Category Archives: Advisories

flatpak-runtime-f40-2 flatpak-sdk-f40-1

Read Time:15 Second

FEDORA-FLATPAK-2024-a3977e7532

Packages in this update:

flatpak-runtime-f40-2
flatpak-sdk-f40-1

Update description:

Updated flatpak runtime and SDK, including latest Fedora 40 security and bug-fix errata.

In addition, this update also includes updated nss 3.99.0 that’s needed for upcoming firefox 125.0 update.

Read More

USN-6744-2: Pillow vulnerability

Read Time:25 Second

USN-6744-1 fixed a vulnerability in Pillow (Python 3). This update
provides the corresponding updates for Pillow (Python 2) in
Ubuntu 20.04 LTS.

Original advisory details:

Hugo van Kemenade discovered that Pillow was not properly performing
bounds checks when processing an ICC file, which could lead to a buffer
overflow. If a user or automated system were tricked into processing a
specially crafted ICC file, an attacker could possibly use this issue
to cause a denial of service or execute arbitrary code.

Read More

USN-6738-1: LXD vulnerability

Read Time:17 Second

Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that LXD
incorrectly handled the handshake phase and the use of sequence numbers in SSH
Binary Packet Protocol (BPP). If a user or an automated system were tricked
into opening a specially crafted input file, a remote attacker could possibly
use this issue to bypass integrity checks.

Read More