Ubuntu 6754-1: nghttp2 Security Advisory Updates
Several security issues were fixed in nghttp2.
Several security issues were fixed in nghttp2.
CryptoJS could be made to expose sensitive information.
It was discovered that PDNS Recursor, a resolving name server, was susceptible to denial of service if recursive forwarding is configured. For the stable distribution (bookworm), this problem has been fixed in
Zabbix could allow reflected cross-site scripting (XSS) attacks.
Several security issues were fixed in FreeRDP.
Several security issues were fixed in Thunderbird.
Fix for CVE-2024-31497
fix Usage of disabled protocol (CVE-2024-2004) fix HTTP/2 push headers memory-leak (CVE-2024-2398)
x86: Native Branch History Injection [XSA-456, CVE-2024-2201] update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch x86 HVM hypercalls may trigger Xen bug check [XSA-454, CVE-2023-46842] x86: Incorrect logic for BTC/SRSO mitigations [XSA-455, CVE-2024-31142]
Update to 1.15.8 Fix CVE-2024-32462
Fix for CVE-2024-31497
Updates Fedora 30 to Kubernetes 1.27.13. Resolves CVE-2024-3177: Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin. In addition, a few bug and regression fixes.
Update to 115.10.1 https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/ Fix https://bugzilla.redhat.com/show_bug.cgi?id=2276078 Including security update to 115.10.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/
59 queries. 8.5 mb Memory usage. 1.140 seconds.