OCS Inventory was vulnerable to an authentication bypass if the selected authentication method was via CAS.
Archive for July 24th, 2024
phpCAS was vulnerable to an authentication bypass.
poppler could be made to denial of service if it opened a specially crafted PDF.
update xmedcon to 0.24.0 fixes: Bug 2283157 – xmedcon-0.24.0 is available Bug 2283100 – CVE-2024-29421 xmedcon: Heap overview when parsing DICOM medical files [fedora-all]
update xmedcon to 0.24.0 fixes: Bug 2283157 – xmedcon-0.24.0 is available Bug 2283100 – CVE-2024-29421 xmedcon: Heap overview when parsing DICOM medical files [fedora-all]
Security fix for CVE-2024-33869 Security fixes for CVE-2024-29509, CVE-2024-29508, CVE-2024-29507, CVE-2024-29506
provd could be made to run programs as an administrator.
python-zipp could be made to crash if certain zip files are used.