OPENSUSE-SU-2024:14311-1 python310-numpy1-1.26.4-1.1 on GA media

These are all security issues fixed in the python310-numpy1-1.26.4-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2023-35943 Envoy vulnerable to CORS filter segfault when origin header is removed

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeadersand encodeHeaders. Versions 1.27....

CVE-2016-6332

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked...