#js

Red Hat Security Advisory 2024-6189-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-6187-03 - An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-6184-03 - An update for orc is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-6162-03 - An update for python-urllib3 is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-6160-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-6159-03 - An update for orc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-6156-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

The threat of VBA macros has diminished since Microsoft prevented the execution of macros in Microsoft Office documents downloaded from the internet, but not all users are using the latest up-to-date Office versions and can still be vulnerable.

A vulnerability was found in nescalante urlregex up to 0.5.0 and classified as problematic. This issue affects some unknown processing of the file index.js of the component Backtracking. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 0.5.1 is able to address this issue. The identifier of the patch is e5a085afe6abfaea1d1a78f54c45af9ef43ca1f9. It is recommended to upgrade the affected component.

Debian Linux Security Advisory 5762-1 - The WebKitGTK web engine suffers from multiple vulnerabilities. An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash. Huang Xilin discovered that processing maliciously crafted web content may lead to an unexpected process crash. Huang Xilin discovered that processing maliciously crafted web content may lead to an unexpected process crash. More issues are listed in this advisory.