Read Time:8 Second
FEDORA-2023-94df30cbec
Packages in this update:
curl-7.82.0-13.fc36
Update description:
fix HTTP multi-header compression denial of service (CVE-2023-23916)
Category Archives: Advisories
curl-7.85.0-6.fc37
Read Time:11 Second
FEDORA-2023-ddf6575695
Packages in this update:
curl-7.85.0-6.fc37
Update description:
fix HTTP multi-header compression denial of service (CVE-2023-23916)
share HSTS between handles (CVE-2023-23915 CVE-2023-23914)
podman-4.4.1-3.fc36
Read Time:9 Second
FEDORA-2023-998dbd3b79
Packages in this update:
podman-4.4.1-3.fc36
Update description:
Security fix for CVE-2023-0778
remove quadlet package specification completely
bump to v4.4.0
podman-4.4.1-3.fc37
Read Time:6 Second
FEDORA-2023-698b47d488
Packages in this update:
podman-4.4.1-3.fc37
Update description:
Security fix for CVE-2023-0778
Multiple Vulnerabilities in FortiNAC Could Allow for Arbitrary Code Execution
Read Time:34 Second
Multiple vulnerabilities have been discovered in FortiNAC, the most severe of which could allow for arbitrary code execution. FortiNAC is a network access control solution that oversees and protects all digital assets connected to an enterprise network. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
clamav-0.103.8-1.fc36
Read Time:42 Second
FEDORA-2023-c0657c3ed0
Packages in this update:
clamav-0.103.8-1.fc36
Update description:
ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
clamav-0.103.8-1.el7
Read Time:42 Second
FEDORA-EPEL-2023-ef27d9fd2b
Packages in this update:
clamav-0.103.8-1.el7
Update description:
ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
clamav-0.103.8-1.el9
Read Time:42 Second
FEDORA-EPEL-2023-47d3bcd891
Packages in this update:
clamav-0.103.8-1.el9
Update description:
ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
clamav-0.103.8-1.fc37
Read Time:42 Second
FEDORA-2023-d686b8d48f
Packages in this update:
clamav-0.103.8-1.fc37
Update description:
ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
clamav-0.103.8-1.el8
Read Time:42 Second
FEDORA-EPEL-2023-0526248f26
Packages in this update:
clamav-0.103.8-1.el8
Update description:
ClamAV 0.103.8 is a critical patch release with the following fixes:
CVE-2023-20032https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.
CVE-2023-20052https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser. The issue affects versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier. Thank you to Simon Scannell for reporting this issue.