– fix HTTP/2 Rapid Reset (CVE-2023-44487)
Comment
Posts Tagged Fedora Linux Distribution – Security Advisories
1628 results.
– fix cookie injection with none file (CVE-2023-38546) – fix SOCKS5 heap buffer overflow (CVE-2023-38545)
**Redis 7.0.14** Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes * (**CVE-2023-45145**) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup.
Update to 4.17.12 – Security fixes for CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670
– Update to latest upstream (119.0)
**Redis 7.0.14** Released Wed 18 Oct 2023 10:33:40 IDT Upgrade urgency SECURITY: See security fixes below. Security fixes * (**CVE-2023-45145**) The wrong order of listen(2) and chmod(2) calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup.
– Update to latest upstream (119.0)
## 2023-10-13, Version 20.8.1 (Current), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) *
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487
Update Folly stack to the latest 2023.10.16.00 tag proxygen: Security fix for CVE-2023-44487
Security fix for CVE-2023-5535, CVE-2023-5441
Security fix for CVE-2023-5535, CVE-2023-5441
Update to 2.14.11. Mitigates CVE-2023-5115.
Update to 118.0.5993.70. Include following security fixes: – CVE-2023-5218: Use after free in Site Isolation. – CVE-2023-5487: Inappropriate implementation in Fullscreen. – CVE-2023-5484: Inappropriate implementation in Navigation. – CVE-2023-5475: Inappropriate implementation in DevTools. – CVE-2023-5483: Inappropriate implementation in Intents. – CVE-2023-5481:
Update to 2.14.11. Mitigates CVE-2023-5115.
Update to upstream 9.2.3 Resolves CVE-2023-44487, CVE-2023-41752, CVE-2023-39456
Update to v1.94.0 (CVE-2023-45129)
Update to upstream 9.2.3 Resolves CVE-2023-44487, CVE-2023-41752, CVE-2023-39456
Latest updates
Latest updates
– Release 115.3.1
Fixes an issue in configobj: CVE-2023-26112
– fix cookie injection with none file (CVE-2023-38546) – fix SOCKS5 heap buffer overflow (CVE-2023-38545)
fix for CVE-2023-43115 (#2241112)
Security fix for CVE-2023-43665, CVE-2023-41164, and CVE-2023-36053
– fix HTTP/2 Rapid Reset (CVE-2023-44487)
Security fix for CVE-2023-43665, CVE-2023-41164, and CVE-2023-36053
– Update to 2.28.5 – CVE-2023-43615 Release notes: https://github.com/Mbed- TLS/mbedtls/releases/tag/mbedtls-2.28.5 Security Advisory: https://mbed- tls.readthedocs.io/en/latest/security-advisories/mbedtls-security- advisory-2023-10-1/