xen-4.17.2-8.fc39
x86: Register File Data Sampling [XSA-452, CVE-2023-28746]
GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]
shim-15.8-2
shim-unsigned-aarch64-15.8-2
shim-unsigned-x64-15.8-2
Update to shim-15.8
amavis-2.12.3-1.el7
Update to version 2.12.3
Fix CVE-2024-28054
amavis-2.13.1-1.el8
Update to version 2.13.1
Fix CVE-2024-28054
amavis-2.13.1-1.el9
Update to version 2.13.1
Fix CVE-2024-28054
amavis-2.13.1-1.fc38
Update to version 2.13.1
Fix CVE-2024-28054
amavis-2.13.1-1.fc39
Update to version 2.13.1
Fix CVE-2024-28054
amavis-2.13.1-1.fc40
Update to version 2.13.1
Fix CVE-2024-28054
It was discovered that TeX Live incorrectly handled certain memory
operations in the embedded axodraw2 tool. An attacker could possibly use
this issue to cause TeX Live to crash, resulting in a denial of service.
This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604)
It was discovered that TeX Live allowed documents to make arbitrary
network requests. If a user or automated system were tricked into opening a
specially crafted document, a remote attacker could possibly use this issue
to exfiltrate sensitive information, or perform other network-related
attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2023-32668)
It was discovered that TeX Live incorrectly handled certain TrueType fonts.
If a user or automated system were tricked into opening a specially crafted
TrueType font, a remote attacker could use this issue to cause TeX Live to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2024-25262)
It was discovered that Expat could be made to consume large amounts of
resources. If a user or automated system were tricked into processing
specially crafted input, an attacker could possibly use this issue to cause
a denial of service. (CVE-2023-52425, CVE-2024-28757)
