chromium-123.0.6312.122-1.fc39
update to 123.0.6312.122
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn
A vulnerability has been discovered in PAN-OS that could allow for arbitrary code execution. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the root user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
curl-8.2.1-5.fc39
fix Usage of disabled protocol (CVE-2024-2004)
fix HTTP/2 push headers memory-leak (CVE-2024-2398)
python-pycryptodomex-3.20.0-1.el9
CVE-2023-52323
llhttp-9.2.1-1.el9
python-aiohttp-3.9.3-2.el9
Update llhttp to 9.2.1, fixing CVE-2024-27982.
Additionally, llhttp 9.2.0 contained a number of bug fixes.
Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.
Several vulnerabilities were discovered in the Xorg X server, which may
result in privilege escalation if the X server is running privileged
or denial of service.
It was discovered that Apache Maven Shared Utils did not handle double-quoted
strings properly, allowing shell injection attacks. This could allow an
attacker to run arbitrary code.
llhttp-9.2.1-1.fc39
python-aiohttp-3.9.3-3.fc39
uxplay-1.68.2-3.fc39
Update llhttp to 9.2.1, fixing CVE-2024-27982.
Additionally, llhttp 9.2.0 contained a number of bug fixes.
Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.
llhttp-9.2.1-1.fc38
python-aiohttp-3.9.3-3.fc38
uxplay-1.68.2-3.fc38
Update llhttp to 9.2.1, fixing CVE-2024-27982.
Additionally, llhttp 9.2.0 contained a number of bug fixes.
Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.
USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression
when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04
LTS. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that NSS incorrectly handled padding when checking PKCS#1
certificates. A remote attacker could possibly use this issue to perform
Bleichenbacher-like attacks and recover private data. This issue only
affected Ubuntu 20.04 LTS. (CVE-2023-4421)
It was discovered that NSS had a timing side-channel when performing RSA
decryption. A remote attacker could possibly use this issue to recover
private data. (CVE-2023-5388)
It was discovered that NSS had a timing side-channel when using certain
NIST curves. A remote attacker could possibly use this issue to recover
private data. (CVE-2023-6135)
The NSS package contained outdated CA certificates. This update refreshes
the NSS package to version 3.98 which includes the latest CA certificate
bundle and other security improvements.
