Read Time:10 Second
Bartek Nowotarski discovered that Apache Traffic Server, a reverse and
forward proxy server, was susceptible to denial of service via HTTP2
continuation frames.
Category Archives: Advisories
kernel-6.8.6-200.fc39
Read Time:9 Second
FEDORA-2024-f93cdd8831
Packages in this update:
kernel-6.8.6-200.fc39
Update description:
The 6.8.6 stable kernel update contains a number of important fixes across the tree.
DSA-5658-1 linux – security update
Read Time:9 Second
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400)
Read Time:39 Second
What is the vulnerability/attack?
A critical unauthenticated remote code injection vulnerability in the PAN-OS GlobalProtect Gateway was discovered. This vulnerability tracked under CVE-2024-3400 has a CVSS rating of 10.0. The GlobalProtect Gateway provides security solution for roaming users by extending the same next-generation firewall-based policies. According to the vendor advisory, active exploitation is on-going.
What is the recommended Mitigation?
The vendor has released a threat prevention signature and is currently developing a hotfix releases of PAN-OS.
What FortiGuard Coverage is available?
As the situation is still developing; the FortiGuard team will update the threat signal and provide more information on related protections as they are released. FortiGuard Incident Response team can be engaged to help with any suspected compromise.
unbound-1.19.3-1.fc38
Read Time:12 Second
FEDORA-2024-5bfa220621
Packages in this update:
unbound-1.19.3-1.fc38
Update description:
Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
Bug fixes
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-19-3
unbound-1.19.3-1.fc39
Read Time:12 Second
FEDORA-2024-3b173364d4
Packages in this update:
unbound-1.19.3-1.fc39
Update description:
Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
Bug fixes
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-19-3
unbound-1.19.3-1.fc40
Read Time:16 Second
FEDORA-2024-8b20de41f0
Packages in this update:
unbound-1.19.3-1.fc40
Update description:
Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
Bug fixes
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-19-3
CVE-2024-1931 – Fix trim of EDE text from large udp responses from spinning cpu.
unbound-1.19.3-1.fc41
Read Time:29 Second
FEDORA-2024-5f32029828
Packages in this update:
unbound-1.19.3-1.fc41
Update description:
Automatic update for unbound-1.19.3-1.fc41.
Changelog
* Fri Apr 12 2024 Petr Menšík <pemensik@redhat.com> – 1.19.3-1
– Update to 1.19.3 (rhbz#2268404)
– Fix CVE-2024-1931, Denial of service when trimming EDE text on positive
replies. (rhbz#2268419)
– Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
– Bug fixes
* Sat Mar 9 2024 Paul Wouters <paul.wouters@aiven.io> – 1.19.1-4
– Add spec file comment
chromium-123.0.6312.122-1.fc40
Read Time:15 Second
FEDORA-2024-4d2d73ab31
Packages in this update:
chromium-123.0.6312.122-1.fc40
Update description:
update to 123.0.6312.122
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn
chromium-123.0.6312.122-1.fc38
Read Time:15 Second
FEDORA-2024-f94660c56d
Packages in this update:
chromium-123.0.6312.122-1.fc38
Update description:
update to 123.0.6312.122
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn