Read Time:8 Second
FEDORA-2024-15df3b6d95
Packages in this update:
pgadmin4-8.4-1.fc40
python-jsonformatter-0.3.2-2.fc40
Update description:
Update to pgadmin4-8.4.
Category Archives: Advisories
DSA-5638-1 libuv1 – security update
Read Time:13 Second
It was discovered that the uv_getaddrinfo() function in libuv, an
asynchronous event notification library, incorrectly truncated certain
hostnames, which may result in bypass of security measures on internal
APIs or SSRF attacks.
weasyprint-61.2-1.fc40
Read Time:7 Second
FEDORA-2024-baa87269ba
Packages in this update:
weasyprint-61.2-1.fc40
Update description:
update to 61.2 to fix CVE-2024-28184
chromium-122.0.6261.111-1.fc40
Read Time:15 Second
FEDORA-2024-5dacab5f00
Packages in this update:
chromium-122.0.6261.111-1.fc40
Update description:
upstream security release 122.0.6261.111
High CVE-2024-2173: Out of bounds memory access in V8
High CVE-2024-2174: Inappropriate implementation in V8
High CVE-2024-2176: Use after free in FedCM
mingw-libgcrypt-1.10.3-1.fc41
Read Time:18 Second
FEDORA-2024-9764fc1fc9
Packages in this update:
mingw-libgcrypt-1.10.3-1.fc41
Update description:
Automatic update for mingw-libgcrypt-1.10.3-1.fc41.
Changelog
* Fri Mar 8 2024 Richard W.M. Jones <rjones@redhat.com> – 1.10.3-1
– Rebase to libgcrypt 1.10.3 to match Fedora (RHBZ#2268272)
– Add *.pc (pkgconf) files
ceph-18.2.2-1.fc40
Read Time:7 Second
FEDORA-2024-1c5e37820f
Packages in this update:
ceph-18.2.2-1.fc40
Update description:
ceph-18.2.2 GA
Add support for riscv64
ZDI-24-256: Dassault Systèmes eDrawings CATPART File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
ZDI-24-255: Dassault Systèmes eDrawings X_T File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
ZDI-24-254: Dassault Systèmes eDrawings DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
ZDI-24-253: Dassault Systèmes eDrawings SLDDRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.