Read Time:7 Second
FEDORA-2024-ebb3c95344
Packages in this update:
python3.6-3.6.15-27.fc38
Update description:
Security fix for CVE-2007-4559.
Category Archives: Advisories
python3.6-3.6.15-27.fc40
Read Time:7 Second
FEDORA-2024-46374d2703
Packages in this update:
python3.6-3.6.15-27.fc40
Update description:
Security fix for CVE-2007-4559.
python3.6-3.6.15-27.fc41
Read Time:15 Second
FEDORA-2024-19882248ad
Packages in this update:
python3.6-3.6.15-27.fc41
Update description:
Automatic update for python3.6-3.6.15-27.fc41.
Changelog
* Thu Feb 29 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.6.15-27
– Security fix for CVE-2007-4559
– Fixes: rhbz#2141080
USN-6683-1: HtmlCleaner vulnerability
Read Time:8 Second
It was discovered that HtmlCleaner incorrectly handled certain html
documents. An attacker could possibly use this issue to cause a denial
of service via application crash.
openvswitch-3.2.2-1.fc39
Read Time:9 Second
FEDORA-2024-a4530e9bfe
Packages in this update:
openvswitch-3.2.2-1.fc39
Update description:
Update to 3.2.2
It indirectly fix CVE-2023-3966 and CVE-2023-5366
USN-6682-1: Puma vulnerabilities
Read Time:55 Second
ZeddYu Lu discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-11076)
It was discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-11077)
Jean Boussier discovered that Puma might not always release resources
properly after handling HTTP requests. A remote attacker could possibly
use this issue to read sensitive information. (CVE-2022-23634)
It was discovered that Puma incorrectly handled certain malformed headers.
A remote attacker could use this issue to perform an HTTP Request Smuggling
attack. (CVE-2022-24790)
Ben Kallus discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could use this issue to perform an HTTP Request Smuggling
attack. (CVE-2023-40175)
Bartek Nowotarski discovered that Puma incorrectly handled parsing certain
encoded content. A remote attacker could possibly use this to cause a
denial of service. (CVE-2024-21647)
openvswitch-3.3.0-1.fc40
Read Time:15 Second
FEDORA-2024-1f26ce7731
Packages in this update:
openvswitch-3.3.0-1.fc40
Update description:
Update to 3.3.0
Remove network-scripts subpackage starting from Fedora 40
Backport a simple fix to avoid “SSL db: implementation” test to fail
It also indirectly fix CVE-2023-3966 and CVE-2023-5366
iwd-2.16-1.fc40
Read Time:24 Second
FEDORA-2024-3fa713f2e0
Packages in this update:
iwd-2.16-1.fc40
Update description:
iwd 2.16:
Fix issue with uninitialized variable and DPP encrypt.
Fix issue with Access Point mode and ATTR_MAC validation.
Fix issue with Access Point mode and frequency attributes.
Fix issue with P2P and handling client info description.
Fix issue with P2P and handling parsing of service info.
Fix issue with netconfig and handling domain list.
Add support for forcing a default ECC group.
iwd-2.16-1.fc39
Read Time:24 Second
FEDORA-2024-4ef5edfb2a
Packages in this update:
iwd-2.16-1.fc39
Update description:
iwd 2.16:
Fix issue with uninitialized variable and DPP encrypt.
Fix issue with Access Point mode and ATTR_MAC validation.
Fix issue with Access Point mode and frequency attributes.
Fix issue with P2P and handling client info description.
Fix issue with P2P and handling parsing of service info.
Fix issue with netconfig and handling domain list.
Add support for forcing a default ECC group.
opensc-0.25.0-1.fc40
Read Time:9 Second
FEDORA-2024-3dbc3e8105
Packages in this update:
opensc-0.25.0-1.fc40
Update description:
New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454