x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817]
Posts Tagged Fedora Linux Distribution – Security Advisories
Update to 1.35.1. Includes fix for CVE-2024-9427
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
Patch the code to use https instead of http (CVE-2024-45321)
Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent file descriptor leaks. Fix several crashes and rendering issues. Use Skia instead of cairo for 2D rendering and enable GPU rendering by default.
Fix login QR code not shown in WhatsApp web. Disable PSON by default again in GTK 3 API versions. Disable DMABuf video sink by default to prevent file descriptor leaks. Fix several crashes and rendering issues. Use Skia instead of cairo for 2D rendering and enable GPU rendering by default.
New upstream version (131.0)
Fix CVE-2024-9014.
update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in V8
update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in V8
Fix CVE-2024-39844 https://wiki.znc.in/ChangeLog/1.9.0
Update to new upstream version (closes rhbz#2237124)
PHP version 8.2.24 (26 Sep 2024) CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) (nielsdos) Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable
Fix CVE-2024-9014.
New upstream builds (131.0)
PHP version 8.3.12 (26 Sep 2024) CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) (nielsdos) Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable
Update to new upstream version (closes rhbz#2237124)
PHP version 8.3.12 (26 Sep 2024) CGI: Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) (nielsdos) Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable
Update to new upstream version (closes rhbz#2237124)
Fix for remote vulnerabilities against OpenPrinting cups-filters
Fix for remote vulnerabilities against OpenPrinting cups-filters
Fix for remote vulnerabilities against OpenPrinting cups-filters
Fix for remote vulnerabilities against OpenPrinting cups-filters
Fix for remote vulnerabilities against OpenPrinting cups-filters
urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
Update to upstream 2.1-44. 20240813 Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003605 up to 0x5003707; Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002802 up to 0x7002904;
Security fix for CVE-2024-8088
Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash (CVE-2024-7347). Thanks to Nils Bars.
Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash (CVE-2024-7347). Thanks to Nils Bars.