11.09.2024 10:00 Update to 2.53.19
11.09.2024 10:00 New version 4.0.17, fix for CVE-2024-8250
11.09.2024 10:00 libell 0.69: Add support for getting remaining microseconds left on a timer. Add support for setting link MTU on a network interface. iwd 2.21: Fix issue with pending scan requests after regdom update.
11.09.2024 10:00 libell 0.69: Add support for getting remaining microseconds left on a timer. Add support for setting link MTU on a network interface. iwd 2.21: Fix issue with pending scan requests after regdom update.
11.09.2024 10:00 Security fix for CVE-2024-45306
11.09.2024 10:00 New version 4.2.7, fix for CVE-2024-8250
10.09.2024 23:30 Along with various minor bug fixing, this update addresses the security vulnerability CVE-2024-43167. References: - https://bugs.mageia.org/show_bug.cgi?id=33512
10.09.2024 23:30 Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data.
10.09.2024 23:30 Possible denial of service in X.509 name checks. References: - https://bugs.mageia.org/show_bug.cgi?id=33520 - https://openssl-library.org/news/secadv/20240903.txt
10.09.2024 23:30 A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer function at /zzip/zip.c. References:
10.09.2024 23:30 Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments.
10.09.2024 23:30 A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.
10.09.2024 13:15 Rebase to version 2.6.3
10.09.2024 13:15 Security fix for CVE-2024-8418
10.09.2024 13:15 Several security issues were fixed in Netty.
