DSA-5663-1 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or clickjacking. https://security-tracker.debian.org/tracker/DSA-5663-1...
DSA-5665-1 tomcat10 – security update
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-46589 Tomcat 10 did not correctly parse HTTP trailer headers. A trailer...
DSA-5664-1 jetty9 – security update
Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state...
kubernetes-1.29.4-1.fc40
FEDORA-2024-ce2eefc399 Packages in this update: kubernetes-1.29.4-1.fc40 Update description: Update Kubernetes to v1.29.4 for Fedora 40. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount...
USN-6726-2: Linux kernel (IoT) vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null...
kubernetes-1.27.13-1.fc39
FEDORA-2024-662a8b6005 Packages in this update: kubernetes-1.27.13-1.fc39 Update description: Updates Fedora 30 to Kubernetes 1.27.13. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission...
USN-6725-2: Linux kernel (AWS) vulnerabilities
Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to...
USN-6724-2: Linux kernel vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null...
Oracle Critical Patch Update Advisory – April 2024
Post Content Read More
python-pydantic-1.10.14-1.el9
FEDORA-EPEL-2024-3a714d30a3 Packages in this update: python-pydantic-1.10.14-1.el9 Update description: Security fix for CVE-2024-3772 (regular expression denial of service via crafted email string). Update to latest 1.10.x...