David Benjamin reported a flaw in the X.509 name checks in OpenSSL, a
Secure Sockets Layer toolkit, which may cause an application performing
certificate name checks to crash, resulting in denial of service.
Additional details can be found in the upstream advisory:
https://openssl-library.org/news/secadv/20240903.txt
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– SuperH RISC architecture;
– MMC subsystem;
– Network drivers;
– SCSI drivers;
– GFS2 file system;
– IPv4 networking;
– IPv6 networking;
– HD-audio driver;
(CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929,
CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)
seamonkey-2.53.19-1.el8
Update to 2.53.19
seamonkey-2.53.19-1.fc39
Update to 2.53.19
seamonkey-2.53.19-1.fc40
Update to 2.53.19
seamonkey-2.53.19-1.fc41
Update to 2.53.19
Zeng Yunxiang discovered that FFmpeg incorrectly handled memory during
video encoding. An attacker could possibly use this issue to perform a
denial of service, or execute arbitrary code.
It was discovered that WebOb incorrectly handled certain URLs.
An attacker could possibly use this issue to control a redirect or
forward to another URL.
wireshark-4.2.7-1.fc40
New version 4.2.7, fix for CVE-2024-8250
wireshark-4.0.17-1.fc39
New version 4.0.17, fix for CVE-2024-8250
