LinuxSecurity.com

05.12.2024 12:51 Update to 128.5.0 https://www.thunderbird.net/en-US/thunderbird/128.5.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-68/

05.12.2024 12:51 Several security issues were fixed in Django.

05.12.2024 07:40 New python3 packages are available for Slackware 15.0 and -current to fix security issues.

05.12.2024 07:40 recutils could be made to crash or run programs as a login user if a specially crafted file was opened.

05.12.2024 02:40 Several security issues were fixed in Django.

05.12.2024 02:40 When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is

05.12.2024 02:40 A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.

05.12.2024 02:40 * bsc#1219340 * bsc#1230423 * bsc#1233323 * bsc#1233325 * bsc#1233326

05.12.2024 02:40 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327

05.12.2024 02:40 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327

04.12.2024 21:12 * bsc#1227378 * bsc#1231795 * bsc#1233307 Cross-References:

04.12.2024 21:12 * bsc#1231795 * bsc#1233307 Cross-References: * CVE-2024-11168

04.12.2024 21:12 * bsc#1232747 * bsc#1233631 * bsc#1233632 Cross-References:

04.12.2024 21:12 * bsc#1231795 * bsc#1233307 Cross-References: * CVE-2024-11168

04.12.2024 15:10 * bsc#1027519 * bsc#1230366 * bsc#1232542 * bsc#1232622 * bsc#1232624