Multiple security issues were discovered in the Rails web framework which could result cross-site scripting, information disclosure, denial of service or bypass of content security policies.
Comment
Archive for March 17th, 2025
6 results.
An out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files was discovered in FreeType, which may result in the execution of arbitrary code when processing specially crafted fonts.
FreeType could be made to crash or run programs if it opened a specially crafted font file.
Several security issues were fixed in X.Org X Server.
Update to upstream 20250311: amdgpu: many firmware updates qcom: Update gpu firmwares for qcs8300 chipset add firmware for qat_420xx devices amdgpu: DMCUB updates for various ASICs
patchlevel 1202 Security fix for CVE-2025-29768