Ubuntu 6770-1: Fossil Security Advisory Updates
Fossil regression
Fossil regression
Several security issues were fixed in libspreadsheet-parsexlsx-perl.
Nick Galloway discovered an integer overflow in dav1d, a fast and small AV1 video stream decoder which could result in memory corruption. For the oldstable distribution (bullseye), this problem has been fixed
GLib could be made to accept spoofed D-Bus signals.
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42843
The update for glib2.0 released as DSA 5682-1 caused a regression in ibus affecting text entry with non-trivial input methods. Updated glib2.0 packages are available to correct this issue.
Update to 2.11.7 (CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460, CVE-2024-32658, CVE-2024-32659, CVE-2024-32660, CVE-2024-32661, CVE-2024-32662)
Security fix for CVE-2023-5752 (in the bundled pip).
Update to 2.11.7 (CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460, CVE-2024-32658, CVE-2024-32659, CVE-2024-32660, CVE-2024-32661, CVE-2024-32662)
59 queries. 8.5 mb Memory usage. 1.391 seconds.