It was discovered that mqtt-client incorrectly handled memory while parsing
malformed MQTT frames. An attacker could possibly use this issue to cause a
crash, resulting in a denial of service, or possibly execute arbitrary code.
golang-github-cloudflare-circl-1.3.7-1.fc41
Automatic update for golang-github-cloudflare-circl-1.3.7-1.fc41.
* Thu Mar 7 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> – 1.3.7-1
– Update to 1.3.7 – Closes rhbz#2165786 rhbz#2203758
* Sun Feb 11 2024 Maxwell G <maxwell@gtmx.me> – 1.3.1-6
– Rebuild for golang 1.22.0
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> – 1.3.1-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
It was discovered that ncurses incorrectly handled certain function return
values, possibly leading to segmentation fault. A local attacker could possibly
use this to cause a denial of service (system crash).
python3.6-3.6.15-27.fc39
Security fix for CVE-2007-4559.
python3.6-3.6.15-27.fc38
Security fix for CVE-2007-4559.
python3.6-3.6.15-27.fc40
Security fix for CVE-2007-4559.
python3.6-3.6.15-27.fc41
Automatic update for python3.6-3.6.15-27.fc41.
* Thu Feb 29 2024 Charalampos Stratakis <cstratak@redhat.com> – 3.6.15-27
– Security fix for CVE-2007-4559
– Fixes: rhbz#2141080
It was discovered that HtmlCleaner incorrectly handled certain html
documents. An attacker could possibly use this issue to cause a denial
of service via application crash.
openvswitch-3.2.2-1.fc39
Update to 3.2.2
It indirectly fix CVE-2023-3966 and CVE-2023-5366
ZeddYu Lu discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-11076)
It was discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-11077)
Jean Boussier discovered that Puma might not always release resources
properly after handling HTTP requests. A remote attacker could possibly
use this issue to read sensitive information. (CVE-2022-23634)
It was discovered that Puma incorrectly handled certain malformed headers.
A remote attacker could use this issue to perform an HTTP Request Smuggling
attack. (CVE-2022-24790)
Ben Kallus discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could use this issue to perform an HTTP Request Smuggling
attack. (CVE-2023-40175)
Bartek Nowotarski discovered that Puma incorrectly handled parsing certain
encoded content. A remote attacker could possibly use this to cause a
denial of service. (CVE-2024-21647)
