Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Unbound incorrectly handled validating DNSSEC messages. A remote
attacker could possibly use this issue to cause Unbound to consume
resources, leading to a denial of service. (CVE-2023-50387)

It was discovered that Unbound incorrectly handled preparing an NSEC3
closest encloser proof. A remote attacker could possibly use this issue to
cause Unbound to consume resources, leading to a denial of service.
(CVE-2023-50868)

Read More

FEDORA-2024-d62088b505

Packages in this update:

ghc-base64-0.4.2.4-28.fc41
ghc-hakyll-4.16.2.0-4.fc41
ghc-isocline-1.0.9-28.fc41
gitit-0.15.1.1-6.fc41
pandoc-3.1.3-28.fc41
pandoc-cli-0.1.1.1-28.fc41
patat-0.11.0.0-1.fc41

Update description:

pandoc-cli replaces pandoc binary package

Security fix for CVE-2023-35936 and CVE-2023-35936

newly packaged ghc-base64 and ghc-isocline

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1156.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

FEDORA-2024-e01ef71e64

Packages in this update:

fontforge-20230101-11.fc40

Update description:

Security fix for CVE-2024-25081 and CVE-2024-25082

Read More

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

https://security-tracker.debian.org/tracker/DSA-5634-1

Read More