emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 emacs-24.3-23.el7_9.1.x86_64.rpm emacs-common-24.3-23.el7_9.1.x86_64.rpm emacs-debuginfo-24.3-23.el7_9.1.x86_64.rpm emacs-nox-24.3-23.el7_9.1.x8 [More...]
git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652) * git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and oth [More...]
This update upgrades Firefox to version 102.11.0 ESR. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...]
This update upgrades Thunderbird to version 102.11.0. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...]
apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86 [More...]
