21.06.2024 16:30 The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
21.06.2024 06:00 * bsc#1221400 * bsc#1224323 Cross-References: * CVE-2023-45288
21.06.2024 06:00 It was discovered that user validation was incorrectly implemented for filter_var . For the stable distribution , this problem has been fixed in
21.06.2024 06:00 A biased ECDSA nonce generation allowed an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. In other words, an adversary may already have enough signature information to compromise a victim's
21.06.2024 06:00 The chromium-browser-stable package has been updated to the 126.0.6478.61 release. It includes 21 security fixes. Some of them are: * High CVE-2024-5830: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2024-05-24
21.06.2024 06:00 * bsc#1226181 * bsc#1226182 Cross-References: * CVE-2024-35241
21.06.2024 06:00 * bsc#1226181 * bsc#1226182 Cross-References: * CVE-2024-35241
20.06.2024 18:30 gdb could be made to crash if it opened a specially crafted file.
20.06.2024 18:30 Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name Security: Fixed multiple command injections via malicious git/hg branch names
20.06.2024 18:30 Fixing CVE-2023-51765 requires to reject email that include NUL bytes, in some configuration. Previous security version of sendmail, by default, does not
20.06.2024 18:30 A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. References: - https://bugs.mageia.org/show_bug.cgi?id=33119
20.06.2024 18:30 A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the `stop_words_` attribute, rather than only storing the subset
20.06.2024 18:30 Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name Security: Fixed multiple command injections via malicious git/hg branch names
20.06.2024 07:45 It was discovered that there were a number of command-line injection vulnerabilities in Composer, a popular dependency manager for PHP. The 'install', 'status', 'reinstall' and 'remove' functionality had
20.06.2024 07:45 It was discovered that there was a buffer overflow vulnerability in libndp, a library for implementing IPv6's "Neighbor Discovery Protocol" and is used by Network Manager and other networking tools.
