FEDORA-EPEL-2024-92f7377188
Packages in this update:
python-django4.2-4.2.16-1.el9
Update description:
urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
python-django4.2-4.2.16-1.el9
urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
The US White House Office of the National Cyber Director proposes improving internet security by protecting the Border Gateway Protocol
Dan Smith, Julia Kreger and Jay Faulkner discovered that in
image processing for Ironic, a specially crafted image
could be used by an authenticated user to exploit undesired behaviors
in qemu-img, including possible unauthorized access to potentially
sensitive data.
US law enforcement is tracking aggressive social engineering attacks against cryptocurrency operations
aardvark-dns-1.12.2-1.fc39
Security fix for CVE-2024-8418
aardvark-dns-1.12.2-1.fc40
Security fix for CVE-2024-8418
aardvark-dns-1.12.2-1.fc41
Security fix for CVE-2024-8418
Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware
It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or execute code with the privileges of the user
invoking the program.
ruby-3.3.5-14.fc42
Update to Ruby 3.3.5