20.04.2024 13:15 This update includes several bug fixes from the upstream glibc release branch, including a fix for CVE-2024-2961.
20.04.2024 13:15 Update llhttp to 9.2.1, fixing CVE-2024-27982. Additionally, llhttp 9.2.0 contained a number of bug fixes. Backport llhttp 9.2.1 support to python-aiohttp 3.9.3.
20.04.2024 02:30 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-46589
20.04.2024 02:30 New freerdp packages are available for Slackware 15.0 and -current to fix security issues.
20.04.2024 02:30 Gergo Koteles discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could by bypassed in combination with xdg-desktop-portal.
20.04.2024 02:30 * bsc#1220181 Cross-References: * CVE-2024-24476
20.04.2024 02:30 * bsc#1222244 * bsc#1222384 Cross-References: * CVE-2024-27982
20.04.2024 02:30 An update that fixes one vulnerability is now available.
19.04.2024 15:17 WordPress 6.4.4 Security Release Security updates included in this release A cross-site scripting vulnerability affecting the Avatar block type; reported by John Blackbourn of the WordPress security team. Many thanks to Mat Rollings for assisting with the research.
19.04.2024 15:17 PHP version 8.2.18 Core: Fixed bug GH-13612 . Fixed bug GH-13784 .
19.04.2024 15:17 Security fix for CVE-2024-24576
19.04.2024 15:17 Update to 0.12.7: fix pointer overflow in STRING_CAT; fix a few more stack buffer overflows.
19.04.2024 15:17 Update to 0.29 - Fixes 'clipbrowse command execution with multi-line clipboard text including "| sh"'
19.04.2024 15:17 PHP version 8.2.18 Core: Fixed bug GH-13612 . Fixed bug GH-13784 .
19.04.2024 04:15 * bsc#1221385 * bsc#1221386 Cross-References: * CVE-2024-23672
