* Fri Apr 12 2024 Petr Menšík <pemensik@redhat.com> – 1.19.3-1
– Update to 1.19.3 (rhbz#2268404)
– Fix CVE-2024-1931, Denial of service when trimming EDE text on positive
replies. (rhbz#2268419)
– Use the origin (DNAME) TTL for synthesized CNAMEs as per RFC 6672.
– Bug fixes
* Sat Mar 9 2024 Paul Wouters <paul.wouters@aiven.io> – 1.19.1-4
– Add spec file comment
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn
A vulnerability has been discovered in PAN-OS that could allow for arbitrary code execution. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the root user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Several vulnerabilities were discovered in the Xorg X server, which may
result in privilege escalation if the X server is running privileged
or denial of service.
It was discovered that Apache Maven Shared Utils did not handle double-quoted
strings properly, allowing shell injection attacks. This could allow an
attacker to run arbitrary code.
