15.03.2024 12:31 The updated packages fix security vulnerabilities: Array out-of-bounds access due to missing range check in C1 compiler. RSA padding issue and timing side-channel attack against TLS.
15.03.2024 12:31 Baresip v3.10.1 Security Release : A wrong or manipulated incoming RTP Timestamp can cause the baresip process to hang forever, for details see: #2954 aureceiver: fix mtx_unlock on discard
15.03.2024 12:31 Baresip v3.10.1 Security Release : A wrong or manipulated incoming RTP Timestamp can cause the baresip process to hang forever, for details see: #2954 aureceiver: fix mtx_unlock on discard
15.03.2024 12:31 * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584
15.03.2024 12:31 * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584
15.03.2024 02:02 When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary code execution.
15.03.2024 02:02 The updated packages fix security vulnerabilities: Authentication bypass vulnerability in the vgauth module. SAML token signature bypass. File descriptor hijack vulnerability in the vmware-user-suid-wrapper.
15.03.2024 02:02 Expat could be made to crash if it received specially crafted input.
15.03.2024 02:02 Several security issues were fixed in TeX Live.
15.03.2024 02:02 Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service.
14.03.2024 15:45 python-cryptography could be made to expose sensitive information over the network.
14.03.2024 15:45 Update to 115.8.1 https://www.mozilla.org/en-US/security/advisories/mfsa2024-11/ read that if you have mails with encrypted email subjects https://www.thunderbird.net/en-US/thunderbird/115.8.1/releasenotes/
14.03.2024 15:45 python-multipart 0.0.7 Refactor header option parser to use the standard library instead of a custom RegEx #75. Fixes a denial of service vulnerability, GHSA-qf9m-vfgh-m389, initially reported in FastAPI but applicable to other libraries and applications.
14.03.2024 15:45 x86: shadow stack vs exceptions from emulation stubs -
14.03.2024 15:45 upstream security release 122.0.6261.128 High CVE-2024-2400: Use after free in Performance Manager
