Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python library to create PDF documents, could be bypassed which may result in the execution of arbitrary code when converting malformed HTML to a PDF document.
Archive for October 13th, 2024
It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was susceptible to nesting-based mXSS. For the stable distribution (bookworm), this problem has been fixed in
Update to 129.0.6668.100 * CVE-2024-9602: Type Confusion in V8 * CVE-2024-9603: Type Confusion in V
Automatic update for buildah-1.37.4-1.fc41, podman-5.2.4-1.fc41. Changelog for buildah * Mon Oct 07 2024 Packit
Automatic update for buildah-1.37.4-1.fc41, podman-5.2.4-1.fc41. Changelog for buildah * Mon Oct 07 2024 Packit