Read Time:9 Second
FEDORA-EPEL-2024-684f77a897
Packages in this update:
podman-tui-1.0.0-1.el9
Update description:
podman-tui release v1.0.0
Security fix for [CVE-2024-28180]
Category Archives: Advisories
podman-tui-1.0.0-1.fc38
Read Time:9 Second
FEDORA-2024-529fe8a802
Packages in this update:
podman-tui-1.0.0-1.fc38
Update description:
podman-tui release v1.0.0
Security fix for [CVE-2024-28180]
podman-tui-1.0.0-1.fc40
Read Time:7 Second
FEDORA-2024-831bad8f8f
Packages in this update:
podman-tui-1.0.0-1.fc40
Update description:
podman-tui release v1.0.0
chromium-123.0.6312.58-1.fc39
Read Time:25 Second
FEDORA-2024-ec79868e3b
Packages in this update:
chromium-123.0.6312.58-1.fc39
Update description:
Update to 123.0.6312.58
* High CVE-2024-2625: Object lifecycle issue in V8
* Medium CVE-2024-2626: Out of bounds read in Swiftshader
* Medium CVE-2024-2627: Use after free in Canvas
* Medium CVE-2024-2628: Inappropriate implementation in Downloads
* Medium CVE-2024-2629: Incorrect security UI in iOS
* Medium CVE-2024-2630: Inappropriate implementation in iOS
* Low CVE-2024-2631: Inappropriate implementation in iOS
chromium-123.0.6312.58-1.fc38
Read Time:25 Second
FEDORA-2024-01f4c93547
Packages in this update:
chromium-123.0.6312.58-1.fc38
Update description:
Update to 123.0.6312.58
* High CVE-2024-2625: Object lifecycle issue in V8
* Medium CVE-2024-2626: Out of bounds read in Swiftshader
* Medium CVE-2024-2627: Use after free in Canvas
* Medium CVE-2024-2628: Inappropriate implementation in Downloads
* Medium CVE-2024-2629: Incorrect security UI in iOS
* Medium CVE-2024-2630: Inappropriate implementation in iOS
* Low CVE-2024-2631: Inappropriate implementation in iOS
chromium-123.0.6312.58-1.fc40
Read Time:25 Second
FEDORA-2024-f9eb1130c8
Packages in this update:
chromium-123.0.6312.58-1.fc40
Update description:
Update to 123.0.6312.58
* High CVE-2024-2625: Object lifecycle issue in V8
* Medium CVE-2024-2626: Out of bounds read in Swiftshader
* Medium CVE-2024-2627: Use after free in Canvas
* Medium CVE-2024-2628: Inappropriate implementation in Downloads
* Medium CVE-2024-2629: Incorrect security UI in iOS
* Medium CVE-2024-2630: Inappropriate implementation in iOS
* Low CVE-2024-2631: Inappropriate implementation in iOS
php-tcpdf-6.7.3-1.fc40
Read Time:23 Second
FEDORA-2024-edc1a9c961
Packages in this update:
php-tcpdf-6.7.3-1.fc40
Update description:
Version 6.7.3 (2024-03-20)
Fix regression issue #699.
Version 6.7.2 (2024-03-18)
Fix security issue.
[BREAKING CHANGE] The tcpdf HTML tag syntax has changed, see example_049.php.
New K_ALLOWED_TCPDF_TAGS configuration constant to set the allowed methods for the tcdpf HTML tag.
Raised minimum PHP version to PHP 5.5.0.
DSA-5643-1 firefox-esr – security update
Read Time:12 Second
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or information disclosure, bypass of content security policies or
spoofing.
DSA-5644-1 thunderbird – security update
Read Time:10 Second
Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or leaks
of encrypted email subjects.
USN-6702-2: Linux kernel vulnerabilities
Read Time:55 Second
It was discovered that the NVIDIA Tegra XUSB pad controller driver in the
Linux kernel did not properly handle return values in certain error
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-23000)
It was discovered that the ARM Mali Display Processor driver implementation
in the Linux kernel did not properly handle certain error conditions. A
local attacker could possibly use this to cause a denial of service (system
crash). (CVE-2023-23004)
Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)
It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)