trafficserver-9.2.6-2.fc41
FEDORA-2024-f4dc07db08 Packages in this update: trafficserver-9.2.6-2.fc41 Update description: Update to upstream 9.2.6 Backport fix for broken oubound TLS with OpenSSL 3.2+ Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306...
trafficserver-9.2.6-2.el9
FEDORA-EPEL-2024-23b122f235 Packages in this update: trafficserver-9.2.6-2.el9 Update description: Update to upstream 9.2.6 Backport fix for broken oubound TLS with OpenSSL 3.2+ Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306...
trafficserver-9.2.6-2.el8
FEDORA-EPEL-2024-60dd7e7ad3 Packages in this update: trafficserver-9.2.6-2.el8 Update description: Update to upstream 9.2.6 Backport fix for broken oubound TLS with OpenSSL 3.2+ Resolves CVE-2024-38479, CVE-2024-50305, CVE-2024-50306...
xen-4.18.3-3.fc40
FEDORA-2024-7c2cfa2fe5 Packages in this update: xen-4.18.3-3.fc40 Update description: Deadlock in x86 HVM standard VGA handling [XSA-463, CVE-2024-45818] libxl leaks data to PVH guests via ACPI...
USN-7107-1: zlib vulnerability
It was discovered that Minizip in zlib incorrectly handled certain zip header fields. An attacker could possibly use this issue to cause a denial of...
microcode_ctl-2.1-67.fc41
FEDORA-2024-28ea86c8aa Packages in this update: microcode_ctl-2.1-67.fc41 Update description: Update to upstream 2.1-47. 20241112 Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0005c0 up...
microcode_ctl-2.1-61.5.fc40
FEDORA-2024-d20a106350 Packages in this update: microcode_ctl-2.1-61.5.fc40 Update description: Update to upstream 2.1-47. 20241112 Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0005c0 up...
microcode_ctl-2.1-58.5.fc39
FEDORA-2024-7dfc167df4 Packages in this update: microcode_ctl-2.1-58.5.fc39 Update description: Update to upstream 2.1-47. 20241112 Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0005c0 up...
USN-7089-4: Linux kernel vulnerabilities
Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A...
ZDI-24-1510: Ivanti Endpoint Manager GetComputerID SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The...