rubygem-yard-0.9.36-1.fc38
FEDORA-2024-3744975c4b Packages in this update: rubygem-yard-0.9.36-1.fc38 Update description: A security flaw was found on rubygem-yard that documents generated by yard may be vulnerable to XSS...
libreswan-4.14-1.fc39
FEDORA-2024-312a5ed3d5 Packages in this update: libreswan-4.14-1.fc39 Update description: Update to 4.14 for CVE-2024-2357, v6 SAN name and TFC padding fix for AEAD Read More
libreswan-4.14-1.fc40
FEDORA-2024-92f0c71a01 Packages in this update: libreswan-4.14-1.fc40 Update description: Update to 4.14 for CVE-2024-2357, v6 SAN name and TFC padding fix for AEAD Read More
geany-flatpak-2.0-4
FEDORA-FLATPAK-2024-9f60f92793 Packages in this update: geany-flatpak-2.0-4 Update description: Updated git to 2.44.0 and libgit2 to 1.7.2 Read More
python-asyncssh-2.13.2-5.el9
FEDORA-EPEL-2024-6bc0ac05e1 Packages in this update: python-asyncssh-2.13.2-5.el9 Update description: Backport upstream fix for CVE-2023-48795 Read More
USN-6681-2: Linux kernel vulnerabilities
Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker...
USN-6688-1: Linux kernel (OEM) vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null...
USN-6658-2: libxml2 vulnerability
USN-6658-1 fixed a vulnerability in libxml2. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory...
USN-6687-1: AccountsService vulnerability
It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted...
ZDI-24-284: Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability...