Two security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or denial of service.
Comment
Archive for March, 2024
164 results.
Skyler Ferrante discovered that the wall tool from util-linux does not properly handle escape sequences from command line arguments. A local attacker can take advantage of this flaw for information disclosure.
release v1.11.0 release v1.10.1 release v1.10.0
These are bug fix and security releases including MODERATE, HIGH, and CRITICAL issues.
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora
Security fix for CVE-2023-35936 and CVE-2023-38745 pandoc: backport fixes for CVE-2023-35936 and CVE-2023-38745 base64 now packaged in Fedora
podman-tui release v1.0.0 Security fix for [CVE-2024-28180]
x86: Register File Data Sampling [XSA-452, CVE-2023-28746] GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]
Andres Freund discovered that the upstream source tarballs for xz-utils, the XZ-format compression utilities, are compromised and inject malicious code, at build time, into the resulting liblzma5 library.
podman-tui release v1.0.0
Version 6.7.4 (2024-03-21) Upgrade tcpdf tag encryption algorithm. Version 6.7.3 (2024-03-20) Fix regression issue #699. Version 6.7.2 (2024-03-18)
Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
WordPress 6.5 RC4 is ready for download and testing. Reaching this phase of the release cycle is an important milestone. Check out what’s coming in this release and how to get involved with the open source project.
Update to 115.9.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/ https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
Security fix for CVE-2022-40896
unixODBC could be made to crash or execute arbitrary code.
util-linux could be made to expose sensitive information.
curl could be made to denial of service.
Several security issues were fixed in curl.
Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)
Added upstream patch to fix out-of-bounds access due to multiple backspaces to address incomplete fix for CVE-2022-38223 (#2222775, #2222780, #2255207)
Security fix for CVE-2024-1753 Automatic update for podman-5.0.0-1.fc40. Changelog for podman * Tue Mar 19 2024 Packit
Security fix for CVE-2024-1753 Automatic update for podman-5.0.0-1.fc40. Changelog for podman * Tue Mar 19 2024 Packit
Several security issues were fixed in Thunderbird.
PAM could be made to stop responding if it opened a specially crafted file.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.