Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
89
security advisoryhigh severitysecurity issueFedora 40: 2024-129d8ca6fc High: Type Confusion in V8 Security Advisory
Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-129d8ca6fc 2024-03-07 22:24:39.963937 -------------------------------------------------------------------------------- Name : diffoscope Product : Fedora 40 Version : 257 Release : 2.fc40 URL : https://diffoscope.org/ Summary : In-depth comparison of files, archives, and directories Description : diffoscope will try to get to the bottom of what makes files or directories different. It will recursively unpack archives of many kinds and transform various binary formats into more human readable form to compare them. It can compare two tarballs, ISO images, or PDF just as easily. The differences can be shown in a text or HTML report. diffoscope is developed as part of the "reproducible builds" Debian project and was formerly known as "debbindiff". -------------------------------------------------------------------------------- Update Information: Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires Automatic update for lucene-9.9.2-1.fc40. bump java source/target to 1.8, fixes 2266639 -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 2 2024 Jiri - 257-2 - Rebuilt for java-21-openjdk as system jdk -------------------------------------------------------------------------------- References: [ 1 ] Bug #2123726 - consoleImageViewer crashes at start https://bugzilla.redhat.com/show_bug.cgi?id=2123726 [ 2 ] Bug #2261062 - directory-maven-plugin: FTBFS in Fedora rawhide/f40 https://bugzilla.redhat.com/show_bug.cgi?id=2261062 [ 3 ] Bug#2266639 - directory-maven-plugin fails to build with java-21-openjdk https://bugzilla.redhat.com/show_bug.cgi?id=2266639 [ 4 ] Bug #2266934 - CVE-2024-1938 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266934 [ 5 ] Bug #2266937 - CVE-2024-1939 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266937 [ 6 ] Bug #2267486 - Include Java 21 as system Java Change in Fedora 40 Beta https://bugzilla.redhat.com/show_bug.cgi?id=2267486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-129d8ca6fc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 07, 2024
Fedora
89
security advisorycritical issueFedoraCentOS 8: 2021-72dfc37d5a Severe: Ansible Code Injection
Update to the latest version, fixes a security issue.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-33cb46c6b0 2017-02-22 13:27:29.728588 -------------------------------------------------------------------------------- Name : diffoscope Product : Fedora 24 Version : 77 Release : 1.fc24 URL : https://diffoscope.org/ Summary : In-depth comparison of files, archives, and directories Description : diffoscope will try to get to the bottom of what makes files or directories different. It will recursively unpack archives of many kinds and transform various binary formats into more human readable form to compare them. It can compare two tarballs, ISO images, or PDF just as easily. The differences can be shown in a text or HTML report. diffoscope is developed as part of the "reproducible builds" Debian project and was formerly known as "debbindiff". -------------------------------------------------------------------------------- Update Information: Update to the latest version, fixes a security issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421774 - CVE-2017-0359 diffoscope: writes to arbitrary locations on disk based on the contents of an untrusted archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1421774 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade diffoscope' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Feb 22, 2017
•Important
Fedora
89
security advisoryfedoracriticalFedora 25: FEDORA-2017-101722eb25 Critical: diffoscope Arbitrary File Write
Update to the latest version, fixes a security issue.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-101722eb25 2017-02-22 13:27:06.013537 -------------------------------------------------------------------------------- Name : diffoscope Product : Fedora 25 Version : 77 Release : 1.fc25 URL : https://diffoscope.org/ Summary : In-depth comparison of files, archives, and directories Description : diffoscope will try to get to the bottom of what makes files or directories different. It will recursively unpack archives of many kinds and transform various binary formats into more human readable form to compare them. It can compare two tarballs, ISO images, or PDF just as easily. The differences can be shown in a text or HTML report. diffoscope is developed as part of the "reproducible builds" Debian project and was formerly known as "debbindiff". -------------------------------------------------------------------------------- Update Information: Update to the latest version, fixes a security issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421774 - CVE-2017-0359 diffoscope: writes to arbitrary locations on disk based on the contents of an untrusted archive [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1421774 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade diffoscope' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Feb 22, 2017
•Critical
Fedora
198
security advisorymedium severityfile overwriteArch Linux: ASA-201702-14 Medium: Arbitrary File Overwrite in Diffoscope
The package diffoscope before version 77-1 is vulnerable to arbitrary file overwrite. . Arch Linux Security Advisory ASA-201702-14 ========================================= Severity: Medium Date : 2017-02-17 CVE-ID : CVE-2017-0359 Package : diffoscope Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-175 Summary ====== The package diffoscope before version 77-1 is vulnerable to arbitrary file overwrite. Resolution ========= Upgrade to 77-1. # pacman -Syu "diffoscope> =77-1" The problem has been fixed upstream in version 77. Workaround ========= None. Description ========== It has been discovered that diffoscope may write to arbitrary locations on disk depending on the contents of an untrusted archive. Impact ===== An attacker is able to create a specially crafted archive that, when processed, overwrites arbitrary files on disc. References ========= https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854723 https://salsa.debian.org/reproducible-builds/diffoscope/-/commit/632a40828a54b399787c25e7fa243f732aef7e05 https://security.archlinux.org/CVE-2017-0359 . The Arch Linux Security Notice ASA-201702-14 outlines a moderate level threat concerning diffoscope that permits unintended overwriting.. Arch Linux Advisory, Diffoscope Risk, File Overwrite, Linux Security Advisory. . Severity: Medium. LinuxSecurity.com Team
Feb 17, 2017
•Medium
ArchLinux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!