[SECURITY] Fedora 33 Update: rubygem-actionpack-6.0.3.3-2.fc33

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +49 more potentially affected by CVE-2020-15210 via tensorflow-gpu (>=1.10.1 <=1.15.3)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.2.0 - keras-textclassification =0.1.6 and more Source cves: CVE-2020-15210 Source advisory: OSV:PYSEC-2020-325...

deep-floorplan (=0.0.0) potentially affected by CVE-2020-15194 via tensorflow-gpu (=2.3.0)

tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15194 Source advisory: OSV:PYSEC-2020-309...

tensorflowjs (>=1.5.2 <=1.7.4) potentially affected by CVE-2020-15208 via tensorflow-cpu (=2.1.0)

tensorflow-cpu PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - tensorflowjs =1.5.2, =1.7.4 Source cves: CVE-2020-15208 Source advisory: OSV:PYSEC-2020-288...

deep-floorplan (=0.0.0) potentially affected by CVE-2020-15204 via tensorflow-gpu (=2.3.0)

tensorflow-gpu PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - deep-floorplan =0.0.0 Source cves: CVE-2020-15204 Source advisory: OSV:GHSA-Q8GV-Q7WR-9JF8...

tensorflowjs (>=1.5.2 <=1.7.4) potentially affected by CVE-2020-15206 via tensorflow-cpu (=2.1.0)

tensorflow-cpu PYPI version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - tensorflowjs =1.5.2, =1.7.4 Source cves: CVE-2020-15206 Source advisory: OSV:GHSA-W5GH-2WR2-PM6G...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +49 more potentially affected by CVE-2020-15205 via tensorflow-gpu (>=1.10.1 <=1.15.3)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.1.0, =0.1.0, =1.0.0, =0.2.3, =0.0.1, =0.0.7, =0.2.0 - keras-textclassification =0.1.6 and more Source cves: CVE-2020-15205 Source advisory: OSV:GHSA-G7P5-5759-QV46...

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation the array size is not checked when constructed with unit().

...

DEBIAN-CVE-2020-25791

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

CVE-2020-25791

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

CVE-2020-25791

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

PT-2020-16213

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description The issue concerns memory safety in the sized-chunks crate for Rust. Specifically, in the Chunk implementation, the array size is not checked when constructed with From, unit, or pair...

PT-2020-16211

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description An issue was discovered in the sized-chunks crate, where the array size is not checked when constructed with unit, pair, or From in the Chunk implementation. Additionally, the Clone and...

CVE-2020-13466

STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...

CVE-2020-13466

STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...

CVE-2020-13471

Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...

Design/Logic Flaw

STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...

CVE-2020-13471

Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...

CVE-2020-13466

STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration...

False-positive validity for NFT1 genesis transactions

Impact In the npm package named "slp-validate", versions prior to 1.2.2 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any o...