Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Ext4 file system;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-49967, CVE-2024-53057, CVE-2024-50264)
age-1.2.1-1.fc41
Update to 1.2.1 to fix https://github.com/FiloSottile/age/security/advisories/GHSA-32gq-x56h-299c security issue.
It was discovered that libvpx did not properly handle certain malformed
media files. If an application using libvpx opened a specially crafted
file, a remote attacker could cause a denial of service, or possibly
execute arbitrary code. Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04
LTS, and Ubuntu 16.04 LTS were previously addressed in USN-6403-1,
USN-6403-2, and USN-6403-3. This update addresses the issue in Ubuntu 14.04
LTS.
Antonio Morales discovered that GStreamer Good Plugins incorrectly handled
certain malformed media files. An attacker could use these issues to cause
GStreamer Good Plugins to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Antonio Morales discovered that GStreamer Base Plugins incorrectly handled
certain malformed media files. An attacker could use these issues to cause
GStreamer Base Plugins to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Antonio Morales discovered that GStreamer incorrectly handled allocating
memory for certain buffers. An attacker could use this issue to cause
GStreamer to crash, resulting in a denial of service, or possibly execute
arbitrary code.
It was discovered that PHPUnit incorrectly handled web requests if exposed
to the internet. An attacker could possibly use this issue to achive remote
code execution or obtain sensitive information.
It was discovered that EditorConfig improperly managed memory when handling
certain inputs, leading to overflows. An attacker could possibly use these
issues to cause a denial of service, or execute arbitrary code.
dante-1.4.4-1.fc42
Automatic update for dante-1.4.4-1.fc42.
* Wed Dec 18 2024 Tim Semeijn <tim@semeijn.net> – 1.4.4-1
– Update to 1.4.4 (fixes rhbz#2332886, rhbz#2332915, rhbz#2332916,
rhbz#2332917 & rhbz#2332918)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– ARM64 architecture;
– S390 architecture;
– x86 architecture;
– Power management core;
– GPU drivers;
– InfiniBand drivers;
– Network drivers;
– S/390 drivers;
– TTY drivers;
– BTRFS file system;
– EROFS file system;
– F2FS file system;
– File systems infrastructure;
– BPF subsystem;
– Socket messages infrastructure;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– SELinux security module;
(CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538,
CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724,
CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488,
CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943,
CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639,
CVE-2024-42240, CVE-2024-44942, CVE-2021-47076)
