Ubuntu 7064-1: nano Security Advisory Updates
nano could be made to give users administrator privileges.
nano could be made to give users administrator privileges.
update to 8.0.1 fixes (CVE-2024-31449) Lua library commands may lead to stack overflow and potential RCE. (CVE-2024-31227) Potential Denial-of-service due to malformed ACL selectors.
Update to latest upstream
Several security issues were fixed in ImageMagick.
WordPress 6.7 Beta 3 is now ready for testing! This beta version of the WordPress software is under development. Please do not install, run, or test this version of WordPress on production or mission-critical websites. Instead, it is recommended you evaluate Beta 3 on a test server and site. You can test WordPress 6.7 Beta […]
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-40866
nginx could be made to crash if it received specially crafted network traffic.
ConfigObj could be made to crash if it received specially crafted input.
Update to 2.46.1
Fixes for memory vulnerabilities.
Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python library to create PDF documents, could be bypassed which may result in the execution of arbitrary code when converting malformed HTML to a PDF document.
It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was susceptible to nesting-based mXSS. For the stable distribution (bookworm), this problem has been fixed in
Update to 129.0.6668.100 * CVE-2024-9602: Type Confusion in V8 * CVE-2024-9603: Type Confusion in V
Automatic update for buildah-1.37.4-1.fc41, podman-5.2.4-1.fc41. Changelog for buildah * Mon Oct 07 2024 Packit
Automatic update for buildah-1.37.4-1.fc41, podman-5.2.4-1.fc41. Changelog for buildah * Mon Oct 07 2024 Packit
On behalf of the WordPress security team, I am announcing that we are invoking point 18 of the plugin directory guidelines and are forking Advanced Custom Fields (ACF) into a new plugin, Secure Custom Fields. SCF has been updated to remove commercial upsells and fix a security problem. On October 3rd, the ACF team announced […]
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in
Update to 2.0.19
Ubuntu Advantage Desktop Daemon could be made to expose sensitive information.
Several security issues were fixed in the Linux kernel.
Updated to latest upstream (131.0.2)
New upstream version (131.0.2)
The right to fork the software is at the heart of open source. WordPress itself started as a fork of the b2/cafelog project. WordPress was one of several forks from b2, which included b2++ (which eventually became WordPress Multisite) and some like b2evolution which still continue today. The last decent fork attempt for WordPress was […]
Damien Schaeffer discovered a use-after-free in the Mozilla Firefox web browser, which could result in the execution of arbitrary code. For the stable distribution (bookworm), this problem has been fixed in
libgsf could be made to run programs as your login if it opened a specially crafted file.
Several security issues were fixed in Go.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in EDK II.
x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817]
Update to 1.35.1. Includes fix for CVE-2024-9427
58 queries. 8.75 mb Memory usage. 0.616 seconds.