Read Time:7 Second
FEDORA-2024-c8cc025262
Packages in this update:
python3.6-3.6.15-38.fc40
Update description:
Security fix for CVE-2024-9287 (rhbz#2321659)
Category Archives: Advisories
USN-7093-1: Werkzeug vulnerability
Read Time:9 Second
It was discovered that Werkzeug incorrectly handled multiple form
submission requests. A remote attacker could possibly use this issue to
cause Werkzeug to consume resources, leading to a denial of service.
python3.6-3.6.15-38.fc41
Read Time:7 Second
FEDORA-2024-126c4f06a8
Packages in this update:
python3.6-3.6.15-38.fc41
Update description:
Security fix for CVE-2024-9287 (rhbz#2321659)
USN-7092-1: mpg123 vulnerability
Read Time:15 Second
It was discovered that mpg123 incorrectly handled certain mp3 files. If a
user or automated system were tricked into opening a specially crafted mp3
file, a remote attacker could use this issue to cause mpg123 to crash,
resulting in a denial of service, or possibly execute arbitrary code.
python3.6-3.6.15-38.fc42
Read Time:15 Second
FEDORA-2024-0bebaff45f
Packages in this update:
python3.6-3.6.15-38.fc42
Update description:
Automatic update for python3.6-3.6.15-38.fc42.
Changelog
* Mon Nov 4 2024 Lumír Balhar <lbalhar@redhat.com> – 3.6.15-38
– Security fix for CVE-2024-9287 (rhbz#2321659)
mingw-expat-2.6.3-2.fc40
Read Time:7 Second
FEDORA-2024-950b4465ed
Packages in this update:
mingw-expat-2.6.3-2.fc40
Update description:
Backport fix for CVE-2024-50602.
mingw-expat-2.6.3-2.fc39
Read Time:7 Second
FEDORA-2024-7427eaacd8
Packages in this update:
mingw-expat-2.6.3-2.fc39
Update description:
Backport fix for CVE-2024-50602.
mingw-expat-2.6.3-2.fc41
Read Time:7 Second
FEDORA-2024-25166655a5
Packages in this update:
mingw-expat-2.6.3-2.fc41
Update description:
Backport fix for CVE-2024-50602.
ZDI-CAN-25570: Symantec
Read Time:23 Second
A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by ‘ Vladislav Berghici of Trend Micro Research’ was reported to the affected vendor on: 2024-11-05, 0 days ago. The vendor is given until 2025-03-05 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
ZDI-24-1453: X.Org Server XkbSetCompatMap Heap-based Buffer Overflow Privilege Escalation Vulnerability
Read Time:17 Second
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-9632.