Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files.
An integer overflow was discovered in aom, the AV1 Video Codec Library, which could potentially result in the execution of arbitrary code if a malformed media file is processed.
Two vulnerabilities have been discovered in the IMAP implementation of the Dovecot mail server: Excessive numbers of address headers or very large headers can result in high CPU usage, leading to denial of service.
MySQL 8.0.39 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-38.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-39.html
exfatprogs could be made to crash or run programs if it handled a specially crafted partition.
Several security issues were fixed in Cacti.
Plesk version 18.0.63 is now available, with a new set of features and announcements! This blog will only scratch the surface of all the new features and improvements that come with this latest update. InnoDB Repair Tool Feel empowered when facing MariaDB database corruption with the InnoDB Repair Tool. Available even when the Plesk panel […]
The post Plesk Obsidian 18.0.63 Release appeared first on Plesk.
Joshua Rogers that incorrect parsing of ESI variables in the Squid proxy caching server could result in memory corruption. For the stable distribution (bookworm), this problem has been fixed in
Several security issues were fixed in Firefox.
Several security issues were fixed in Rack.
Support for the “strict kex” SSH extension has been backported to AsyncSSH (a Python implementation of the SSHv2 protocol) as hardening against the Terrapin attack.
Update to 115.14.0 https://www.thunderbird.net/en-US/thunderbird/115.14.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/
ORC could be made to crash or execute arbitrary code
Several security issues were fixed in Bind.
GNOME Shell could allow unintended access to network services.
LibreOffice could be made to run programs if it opened a specially crafted file.
Version 1.6.8 Managesieve: Protect special scripts in managesieve_kolab_master mode Fix newmail_notifier notification focus in Chrome (#9467) Fix fatal error when parsing some TNEF attachments (#9462) Fix double scrollbar when composing a mail with many plain text lines (#7760)
Changelog * Tue Jul 30 2024 Viktor Ashirov
This is the July 2024 security updates for .NET 8. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.7/8.0.107.md Runtime: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.7/8.0.7.md
Version 1.6.8 Managesieve: Protect special scripts in managesieve_kolab_master mode Fix newmail_notifier notification focus in Chrome (#9467) Fix fatal error when parsing some TNEF attachments (#9462) Fix double scrollbar when composing a mail with many plain text lines (#7760)
This is the July 2024 security updates for .NET 8. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.7/8.0.107.md Runtime: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.7/8.0.7.md
Changelog * Tue Jul 30 2024 Viktor Ashirov
Several security issues were fixed in BusyBox.
Chris Williams discovered a flaw in the handling of mounts for persistent directories in Flatpak, an application deployment framework for desktop apps. A malicious or compromised Flatpak app using persistent directories could take advantage of this flaw to access files
Several security issues were fixed in the Linux kernel.
RMagick could be made to crash if it received specially crafted input.
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
Update to 127.0.6533.99 * Critical CVE-2024-7532: Out of bounds memory access in ANGLE * High CVE-2024-7533: Use after free in Sharing * High CVE-2024-7550: Type Confusion in V8 * High CVE-2024-7534: Heap buffer overflow in Layout
dotnet8 could be made to disclose sensitive information.
Several security issues were fixed in the Linux kernel.
58 queries. 8.75 mb Memory usage. 1.833 seconds.