30.11.2024 15:45 GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. GNOME libsoup before 3.6.1 allows a buffer overflow in applications that
30.11.2024 05:45 * bsc#1232747 * bsc#1233631 * bsc#1233632 Cross-References:
30.11.2024 05:45 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327
30.11.2024 05:45 * bsc#1232542 * bsc#1232622 * bsc#1232624 Cross-References:
30.11.2024 05:45 ProFTPD a popular FTP server was affected by multiple vulnerabilities. CVE-2023-48795
29.11.2024 20:00 Update to 128.5.0 https://www.thunderbird.net/en-US/thunderbird/128.5.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-68/
29.11.2024 20:00 Deadlock in x86 HVM standard VGA handling libxl leaks data to PVH guests via ACPI tables
29.11.2024 20:00 Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 . This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and
29.11.2024 20:00 Update the rustls crate to version 0.23.17. Update the zlib-rs crate to version 0.4.0. The update to zlib-rs v0.4.0 also addresses CVE-2024-11249 . This issue had no actual impact in Fedora, because no applications yet use the the zlib-rs feature of rustls and
29.11.2024 20:00 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327
29.11.2024 20:00 * bsc#1233447 Cross-References: * CVE-2024-52304
29.11.2024 10:15 Multiple vulnerabilities have been fixed in the key¢''value database Redis. CVE-2022-35977
29.11.2024 10:15 An update that solves one vulnerability and has 10 fixes is now available.
29.11.2024 10:15 An update that contains security fixes can now be installed.
29.11.2024 10:15 * bsc#1219724 Cross-References: * CVE-2024-24806
