Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

Fedora 40 FEDORA-2024-4d4ceb61f7 Critical: Pgadmin4 Authentication Bypass

fedora
Calendar Grey May 23, 2024
Dist Fedora Esm H88
Fedora 40 has rolled out a critical update tackling security issues in python-libgravatar and pgadmin4. Users should promptly update to protect systems from threats.
Update to pgadmin4-8.6

Summary

Python interface for the Gravatar API.

Update Information:

Update to pgadmin4-8.6

Topics%20covered

Topics Covered

security advisory fedora update critical authentication bypass pgadmin4 python-libgravatar

Change Log

* Sat May 11 2024 Sandro Mani - 1.0.4-1 - Update to 1.0.4 * Tue May 7 2024 Sandro Mani - 1.0.3-1 - Initial package

References


[ 1 ] Bug #2278856 - CVE-2024-4215 pgadmin4: multi-factor authentication bypass [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2278856 [ 2 ] Bug #2278857 - CVE-2024-4216 pgadmin4: XSS in /settings/store API response json payload [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2278857

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4d4ceb61f7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python-libgravatar
Product: Fedora 40
Version: 1.0.4
Release: 1.fc40
URL: https://github.com/pabluk/libgravatar
Summary: Python interface for the Gravatar APIs

Topics%20covered

Topics Covered

security advisory fedora update critical authentication bypass pgadmin4 python-libgravatar

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here