Category Archives: Advisories

iwd-2.15-1.fc39 libell-0.63-1.fc39

Read Time:17 Second

FEDORA-2024-fdce971b84

Packages in this update:

iwd-2.15-1.fc39
libell-0.63-1.fc39

Update description:

iwd 2.15:

Fix issue with notice events for connection timeouts.
Fix issue with reason code and deauthenticate event.
Fix issue with handling basename() functionality.

libell 0.63:

Fix issue with handling ending boundary of the PEM.

Read More

USN-6665-1: Unbound vulnerabilities

Read Time:23 Second

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Unbound incorrectly handled validating DNSSEC messages. A remote
attacker could possibly use this issue to cause Unbound to consume
resources, leading to a denial of service. (CVE-2023-50387)

It was discovered that Unbound incorrectly handled preparing an NSEC3
closest encloser proof. A remote attacker could possibly use this issue to
cause Unbound to consume resources, leading to a denial of service.
(CVE-2023-50868)

Read More

ghc-base64-0.4.2.4-28.fc41 ghc-hakyll-4.16.2.0-4.fc41 ghc-isocline-1.0.9-28.fc41 gitit-0.15.1.1-6.fc41 pandoc-3.1.3-28.fc41 pandoc-cli-0.1.1.1-28.fc41 patat-0.11.0.0-1.fc41

Read Time:25 Second

FEDORA-2024-d62088b505

Packages in this update:

ghc-base64-0.4.2.4-28.fc41
ghc-hakyll-4.16.2.0-4.fc41
ghc-isocline-1.0.9-28.fc41
gitit-0.15.1.1-6.fc41
pandoc-3.1.3-28.fc41
pandoc-cli-0.1.1.1-28.fc41
patat-0.11.0.0-1.fc41

Update description:

pandoc-cli replaces pandoc binary package

Security fix for CVE-2023-35936 and CVE-2023-35936

newly packaged ghc-base64 and ghc-isocline

Read More

ZDI-24-214: NI FlexLogger RabbitMQ Incorrect Permission Assignment Local Privilege Escalation Vulnerability

Read Time:16 Second

This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1156.

Read More