FEDORA-2024-4e6e660fae
Packages in this update:
mingw-expat-2.6.1-1.fc39
Update description:
Update to 2.6.1, backport fix for CVE-2024-28757.
mingw-expat-2.6.1-1.fc39
Update to 2.6.1, backport fix for CVE-2024-28757.
pgadmin4-8.4-1.fc40
python-jsonformatter-0.3.2-2.fc40
Update to pgadmin4-8.4.
It was discovered that the uv_getaddrinfo() function in libuv, an
asynchronous event notification library, incorrectly truncated certain
hostnames, which may result in bypass of security measures on internal
APIs or SSRF attacks.
weasyprint-61.2-1.fc40
update to 61.2 to fix CVE-2024-28184
chromium-122.0.6261.111-1.fc40
upstream security release 122.0.6261.111
High CVE-2024-2173: Out of bounds memory access in V8
High CVE-2024-2174: Inappropriate implementation in V8
High CVE-2024-2176: Use after free in FedCM
mingw-libgcrypt-1.10.3-1.fc41
Automatic update for mingw-libgcrypt-1.10.3-1.fc41.
* Fri Mar 8 2024 Richard W.M. Jones <rjones@redhat.com> – 1.10.3-1
– Rebase to libgcrypt 1.10.3 to match Fedora (RHBZ#2268272)
– Add *.pc (pkgconf) files
ceph-18.2.2-1.fc40
ceph-18.2.2 GA
Add support for riscv64
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.