It was discovered that libuv incorrectly truncated certain hostnames. A
remote attacker could possibly use this issue with specially crafted
hostnames to bypass certain checks.

Read More

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Unbound incorrectly handled validating DNSSEC messages. A remote
attacker could possibly use this issue to cause Unbound to consume
resources, leading to a denial of service. (CVE-2023-50387)

It was discovered that Unbound incorrectly handled preparing an NSEC3
closest encloser proof. A remote attacker could possibly use this issue to
cause Unbound to consume resources, leading to a denial of service.
(CVE-2023-50868)

Read More

FEDORA-2024-d62088b505

Packages in this update:

ghc-base64-0.4.2.4-28.fc41
ghc-hakyll-4.16.2.0-4.fc41
ghc-isocline-1.0.9-28.fc41
gitit-0.15.1.1-6.fc41
pandoc-3.1.3-28.fc41
pandoc-cli-0.1.1.1-28.fc41
patat-0.11.0.0-1.fc41

Update description:

pandoc-cli replaces pandoc binary package

Security fix for CVE-2023-35936 and CVE-2023-35936

newly packaged ghc-base64 and ghc-isocline

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1156.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

FEDORA-2024-e01ef71e64

Packages in this update:

fontforge-20230101-11.fc40

Update description:

Security fix for CVE-2024-25081 and CVE-2024-25082

Read More