4 matches found
Security update for s390-tools
This update for s390-tools fixes the following issues: CVE-2025-3416: s390-tools: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242622 Amended the .spec file Updated the 'service' file Removed the obsolete file 'cargoconfig' Updated 'cputype' and...
CLSA-2025-1738696117 php: Fix of CVE-2024-8929
CVE-2024-8929: fix various heap buffer over-reads for mysqlnd - Modify spec and run-tests.php to fix extension loading during testing...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...
Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy
The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...