chromium-123.0.6312.105-1.fc40
update to 123.0.6312.105
High CVE-2024-3156: Inappropriate implementation in V8
High CVE-2024-3158: Use after free in Bookmarks
High CVE-2024-3159: Out of bounds memory access in V8
xorg-x11-server-Xwayland-22.1.9-6.fc38
CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
kernel-6.8.3-200.fc39
kernel-headers-6.8.3-200.fc39
The 6.8.3 stable kernel rebase contains improved hardware support, new features, and a number of important fixes across the tree.
USN-6710-1 fixed vulnerabilities in Firefox. The update introduced
several minor regressions. This update fixes the problem.
Original advisory details:
Manfred Paul discovered that Firefox did not properly perform bounds
checking during range analysis, leading to an out-of-bounds write
vulnerability. A attacker could use this to cause a denial of service,
or execute arbitrary code. (CVE-2024-29943)
Manfred Paul discovered that Firefox incorrectly handled MessageManager
listeners under certain circumstances. An attacker who was able to inject
an event handler into a privileged object may have been able to execute
arbitrary code. (CVE-2024-29944)
It was discovered that Cockpit, a web console for Linux servers, was
susceptible to arbitrary command execution if an administrative user
was tricked into opening an sosreport file with a malformed filename.
xorg-x11-server-Xwayland-23.2.5-1.fc39
CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083
trafficserver-9.2.4-1.fc39
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.fc38
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.el8
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
trafficserver-9.2.4-1.fc40
Update to upstream 9.2.4, resolves CVE-2024-31309 (CONTINUATION frames DoS)
