Fix CVE-2024-2698 and CVE-2024-3183
Comment
Archive for June, 2024
65 results.
rebuild for rhbz#2292712
Update to Emacs 29.4, fixing CVE-2024-39331.
The 6.9.6 stable kernel update contains a number of important fixes across the tree.
Fabian Vogt discovered that the KDE session management server insufficiently restricted ICE connections from localhost, which could allow a local attacker to execute arbitrary code as another user on next boot.
SQLite could be made to crash or execute arbitrary code.
Several security issues were fixed in Squid.
Several security issues were fixed in FontForge.
Wget could be made to connect to a different host than expected.
OpenSSL could be made to consume resources and cause long delays if it processed certain input.
Update to upstream OpenVPN 2.6.11 CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them CVE-2024-28882: only call schedule_exit() once (on a given peer)
Fix for multiple CVEs
update to 126.0.6478.126 High CVE-2024-6290: Use after free in Dawn High CVE-2024-6291: Use after free in Swiftshader High CVE-2024-6292: Use after free in Dawn High CVE-2024-6293: Use after free in Dawn
Fix CVE-2024-2698 and CVE-2024-3183
SQLite could be made to crash if it received specially crafted input.
It was discovered that multiple integer overflows in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service and potentially the execution of arbitrary code.
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
Several security issues were fixed in the Linux kernel.
libheif could be made to crash if it opened a specially crafted file.
Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Update from 0.7.6 to 0.7.8 for more bug-fixes. https://lib.openmpt.org/libopenmpt/2024/06/09/security- update-0.7.8-releases-0.6.17-0.5.31-0.4.43/ https://lib.openmpt.org/libopenmpt/2024/05/12/releases-0.7.7-0.6.16-0.5.30- 0.4.42/
Update to 115.12.1 https://www.thunderbird.net/en-US/thunderbird/115.12.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-28/
It was discovered that Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file. This update includes updates pending for the upcoming point releases
It was discovered that Org Mode for Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file. This update includes updates pending for the upcoming point releases
WordPress 6.6 RC1
Jun25
The first release candidate (RC1) for WordPress 6.6 is ready for download and testing! This version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, please evaluate RC1 on a test server or a local environment. Reaching this phase of […]
The update for composer released as DSA 5715 introduced a regression in the handling of git feature branches. Updated composer packages are now available to address this issue.
WordPress 6.5.5
Jun24
WordPress 6.5.5 is now available! This release features three security fixes. Because this is a security release, it is recommended that you update your sites immediately. This minor release also includes 3 bug fixes in Core. You can download WordPress 6.5.5 from WordPress.org, or visit your WordPress Dashboard, click “Updates”, and then click “Update Now”. […]
Big events create big moments, and WordCamp Europe 2024 was no exception. Join host Josepha Haden Chomphosy on this episode of the WordPress Briefing as she shares her top insights and favorite highlights from the event. Discover what the WordPress community focused on during this exciting three-day gathering.
Tricky errors like WordPress 500 Internal Server Error keep your site offline if they’re not fixed. Here’s how to solve this one.
The post Plesk Obsidian 18.0.61 Release appeared first on Plesk.
It was discovered that user validation was incorrectly implemented for filter_var(FILTER_VALIDATE_URL). For the stable distribution (bookworm), this problem has been fixed in