USN-7091-2: Ruby vulnerabilities
USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for ruby2.7 in Ubuntu 20.04 LTS. Original advisory details: It was discovered that...
DSA-5812-2 postgresql-15 – regression update
The postgresql minor release shipped in DSA 5812 introduced an ABI break, which has been reverted so that extensions do not need to be rebuilt....
Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe...
Drupal core – Moderately critical – Gadget chain – SA-CORE-2024-008
Project: Drupal core Date: 2024-November-20 Security risk: Moderately critical 14 ∕ 25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon Vulnerability: Gadget chain Affected versions: >= 8.0.0 < 10.2.11 || >= 10.3.0 < 10.3.9...
Drupal core – Moderately critical – Gadget chain – SA-CORE-2024-007
Project: Drupal core Date: 2024-November-20 Security risk: Moderately critical 14 ∕ 25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon Vulnerability: Gadget chain Affected versions: >= 8.0.0 < 10.2.11 || >= 10.3.0 < 10.3.9...
Drupal core – Less critical – Gadget chain – SA-CORE-2024-006
Project: Drupal core Date: 2024-November-20 Security risk: Less critical 8 ∕ 25 AC:Complex/A:User/CI:None/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Gadget chain Affected versions: >= 8.0.0 < 10.2.11 || >= 10.3.0 < 10.3.9...
Drupal core – Critical – Cross Site Scripting – SA-CORE-2024-005
Project: Drupal core Date: 2024-November-20 Security risk: Critical 17 ∕ 25 AC:None/A:None/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Scripting Description: Drupal 7 core's Overlay module doesn't safely handle user input,...
Drupal core – Moderately critical – Access bypass – SA-CORE-2024-004
Project: Drupal core Date: 2024-November-20 Security risk: Moderately critical 10 ∕ 25 AC:Basic/A:User/CI:None/II:Some/E:Theoretical/TD:Default Vulnerability: Access bypass Affected versions: >= 8.0.0 < 10.2.11 || >= 10.3.0 < 10.3.9...
Drupal core – Moderately critical – Cross Site Scripting – SA-CORE-2024-003
Project: Drupal core Date: 2024-November-20 Security risk: Moderately critical 13 ∕ 25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Cross Site Scripting Affected versions: >= 8.8.0 < 10.2.11 || >= 10.3.0 <...
rust-rustls-0.23.17-1.el9 rust-zlib-rs-0.4.0-1.el9
FEDORA-EPEL-2024-3672733748 Packages in this update: rust-rustls-0.23.17-1.el9 rust-zlib-rs-0.4.0-1.el9 Update description: Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update...