An update that fixes 11 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3826-1 important: hdf5
Category: LinuxSecurity.com – Hybrid RSS
SUSE: 2022:3833-1 moderate: podofo
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3833-1 moderate: podofo
SUSE: 2022:3834-1 moderate: python-Flask-Security
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3834-1 moderate: python-Flask-Security
Oracle6: ELSA-2022-9967: Extended Lifecycle Support (ELS) compat-expat1 Important Security
The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Oracle6: ELSA-2022-9967: Extended Lifecycle Support (ELS)…
RedHat: RHSA-2022-7268:01 Important: Red Hat OpenStack Platform 13.0
An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, This article has…
SUSE: 2022:2792-1 bci/golang Security Update
The container bci/golang was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2792-1 bci/golang Security Update
SUSE: 2022:2794-1 bci/openjdk Security Update
The container bci/openjdk was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2794-1 bci/openjdk Security Update
SUSE: 2022:2779-1 suse/sles12sp4 Security Update
The container suse/sles12sp4 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2779-1 suse/sles12sp4 Security Update
SUSE: 2022:2780-1 suse/sles12sp5 Security Update
The container suse/sles12sp5 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2780-1 suse/sles12sp5 Security Update
SUSE: 2022:2785-1 bci/dotnet-aspnet Security Update
The container bci/dotnet-aspnet was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2785-1 bci/dotnet-aspnet Security Update
Slackware: 2022-304-01: vim Security Update
New vim packages are available for Slackware 15.0 and -current to fix a security issue. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Slackware: 2022-304-01: vim Security Update
Slackware: 2022-304-02: php80/php81 Security Update
New php80/php81 packages are available for Slackware 15.0 and -current to fix security issues. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Slackware: 2022-304-02: php80/php81 Security Update
Gentoo: GLSA-202210-38: Expat: Denial of Service
A vulnerability has been found in Expat which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-38: Expat: Denial of Service
Gentoo: GLSA-202210-39: libxml2: Multiple Vulnerabilities
Multiple vulnerabilities have been found in libxml2, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-39: libxml2: Multiple Vulnerabilities
Gentoo: GLSA-202210-40: SQLite: Multiple Vulnerabilities
Multiple vulnerabilities have been found in SQLite, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-40: SQLite: Multiple Vulnerabilities
Gentoo: GLSA-202210-41: android-tools: Multiple Vulnerabilities
Multiple vulnerabilities have been found in android-tools, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-41: android-tools: Multiple Vulnerabilities
Gentoo: GLSA-202210-42: zlib: Multiple vulnerabilities
A buffer overflow in zlib might allow an attacker to cause remote code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-42: zlib: Multiple vulnerabilities
openSUSE: 2022:10183-1 moderate: pyenv
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10183-1 moderate: pyenv
Gentoo: GLSA-202210-35: Mozilla Thunderbird: Multiple Vulnerabilities
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-35: Mozilla Thunderbird: Multiple Vulnerabilities
Gentoo: GLSA-202210-34: Mozilla Firefox: Multiple Vulnerabilities
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-34: Mozilla Firefox: Multiple Vulnerabilities
Ubuntu 5707-1: Libtasn1 vulnerability
Libtasn1 could cause a crash when processing certain inputs. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5707-1: Libtasn1 vulnerability
SUSE: 2022:3819-1 moderate: podman
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3819-1 moderate: podman
SUSE: 2022:3820-1 moderate: podman
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3820-1 moderate: podman
openSUSE: 2022:10177-1 important: chromium
An update that fixes 11 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10177-1 important: chromium
openSUSE: 2022:10182-1 important: opera
An update that fixes 6 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10182-1 important: opera
SUSE: 2022:3817-1 critical: libtasn1
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3817-1 critical: libtasn1
openSUSE: 2022:10178-1 important: jhead
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10178-1 important: jhead
openSUSE: 2022:10181-1 important: opera
An update that fixes 6 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10181-1 important: opera
openSUSE: 2022:10179-1 important: jhead
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10179-1 important: jhead
openSUSE: 2022:10180-1 important: chromium
An update that fixes 11 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10180-1 important: chromium
Debian LTS: DLA-3174-1: pysha3 security update
Nicky Mouha discovered a buffer overflow in ‘sha3’, a Python library for the SHA-3 hashing functions. For Debian 10 buster, this problem has been fixed in version This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…
RedHat: RHSA-2022-7261:01 Moderate: OpenShift API for Data Protection
OpenShift API for Data Protection (OADP) 1.0.5 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is…
Gentoo: GLSA-202210-28: exif: Denial of Service
A vulnerability has been discovered in exif which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-28: exif: Denial of Service
Gentoo: GLSA-202210-29: Net-SNMP: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-29: Net-SNMP: Multiple Vulnerabilities
Gentoo: GLSA-202210-30: X.Org X server, XWayland: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-30: X.Org X server,…
Gentoo: GLSA-202210-31: OpenEXR: Multiple Vulnerabilities
Multiple vulnerabilities have been discovered in OpenEXR, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-31: OpenEXR: Multiple Vulnerabilities
Gentoo: GLSA-202210-32: hiredis, hiredis-py: Multiple Vulnerabilities
An integer overflow has been found in hiredis which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-32: hiredis, hiredis-py: Multiple Vulnerabilities
Gentoo: GLSA-202210-33: Libtirpc: Denial of Service
A vulnerability has been discovered in Libtirpc which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-33: Libtirpc: Denial of Service
Fedora 36: cacti-spine 2022-1a85254c11
– Update to 1.2.22 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: cacti-spine 2022-1a85254c11
Fedora 36: curl 2022-01ffde372c
– url: use IDN decoded names for HSTS checks (CVE-2022-42916) – http_proxy: restore the protocol pointer on error (CVE-2022-42915) – netrc: replace fgets with Curl_get_line (CVE-2022-35260) – fix POST following PUT confusion (CVE-2022-32221) This article has been indexed from LinuxSecurity.com…
openSUSE: 2022:10168-1 important: exim
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10168-1 important: exim
openSUSE: 2022:10169-1 important: libmad
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10169-1 important: libmad
openSUSE: 2022:10171-1 important: pdns-recursor
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10171-1 important: pdns-recursor
openSUSE: 2022:10170-1 moderate: cacti, cacti-spine
An update that contains security fixes can now be installed. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10170-1 moderate: cacti, cacti-spine
Debian: DSA-5267-1: pysha3 security update
Nicky Mouha discovered a buffer overflow in ‘sha3’, a Python library for the SHA-3 hashing functions. For the stable distribution (bullseye), this problem has been fixed in This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…
Debian LTS: DLA-3172-1: libxml2 security update
It was discovered that libxml2, the GNOME XML library, was vulnerable to integer overflows and memory corruption. CVE-2022-40303 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3172-1: libxml2 security update
Sigstore Reaches GA For Working To Secure The Open-Source Software Supply Chain
Sigstore that is backed by Google, Red Hat, GitHub, and other prominent organizations with an aim to secure the open-source software supply chain has reached general availability and issued the “v1.0” releases for their key software components. This article has…
New Open-Source Tool Scans Public AWS S3 Buckets for Secrets
A new open-source ‘S3crets Scanner’ scanner allows researchers and red-teamers to search for ‘secrets’ mistakenly stored in publicly exposed or company’s Amazon AWS S3 storage buckets. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…
Debian: DSA-5266-1: expat security update
A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code. This article has been indexed…
Debian LTS: DLA-3170-1: thunderbird security update
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For Debian 10 buster, these problems have been fixed in version This article has been indexed from LinuxSecurity.com – Hybrid…
Debian: DSA-5264-1: batik security update
It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. For the stable distribution (bullseye), these problems have been fixed in This article has been indexed…
Debian: DSA-5265-1: tomcat9 security update
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2021-43980 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian: DSA-5265-1: tomcat9 security update
Debian: DSA-5263-1: chromium security update
A security issue was discovered in Chromium, which could result in the execution of arbitrary code. For the stable distribution (bullseye), this problem has been fixed in This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…
Microsoft’s Lennart Poettering Proposes Tightening Up Linux Boot Process
Building your own initial RAMdisk? That’s insecure! This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Microsoft’s Lennart Poettering Proposes Tightening Up Linux Boot Process
Why I Love My Chromebook: Reason 1, It’s a Linux Desktop
We appreciate power but sometimes it’s about getting up and running sooner. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Why I Love My Chromebook: Reason 1, It’s a Linux Desktop
Fedora 36: mingw-expat 2022-d93b3bd8b9
Update to 2.4.9, fixes CVE-2022-30674. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: mingw-expat 2022-d93b3bd8b9
Fedora 35: mingw-expat 2022-c22feb71ba
Update to 2.4.9, fixes CVE-2022-30674. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 35: mingw-expat 2022-c22feb71ba
Debian LTS: DLA-3169-1: batik security update
It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. For Debian 10 buster, these problems have been fixed in version This article has been indexed…
Debian LTS: DLA-3167-1: ncurses security update
An issue has been found in ncurses, a collection of shared libraries for terminal handling. This issue is about an out-of-bounds read in convert_strings in the This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…
Debian LTS: DLA-3168-1: openvswitch security update
An issue has been found in openvswitch, a software-based, Ethernet virtual switch. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3168-1: openvswitch security update
SUSE: 2022:2774-1 suse/sle-micro/5.3/toolbox Security Update
The container suse/sle-micro/5.3/toolbox was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2774-1 suse/sle-micro/5.3/toolbox Security Update
SUSE: 2022:2775-1 suse/sle-micro/5.1/toolbox Security Update
The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2775-1 suse/sle-micro/5.1/toolbox Security Update
SUSE: 2022:2776-1 suse/sle-micro/5.2/toolbox Security Update
The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2776-1 suse/sle-micro/5.2/toolbox Security Update
Mageia 2022-0400: libreoffice security update
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme ‘vnd.libreoffice.command’ specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal…
RedHat: RHSA-2022-7242:01 Important: Satellite 6.11.4 Async Security Update
Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. 2. Relevant releases/architectures: Red Hat Satellite 6.11 for RHEL 7 – noarch This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…
RedHat: RHSA-2022-7238:01 Important: Red Hat OpenStack Platform
An update for puppet-mysql is now available for Red Hat OpenStack Platform 13.0 (Queens), 16.1 (Train), 16.2 (Train) and 17.0 (Wallaby). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring…
RedHat: RHSA-2022-7191:01 Important: device-mapper-multipath security update
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, This…
RedHat: RHSA-2022-7257:01 Low: Red Hat Integration Camel-K 1.8.1 security
A micro version update is now available for Red Hat Integration Camel K. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as…
Debian LTS: DLA-3164-1: python-django security update
Multiple vulnerabilities were discovered in Django, a popular Python-based web development framework: * CVE-2020-24583: Fix incorrect permissions on intermediate-level This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3164-1: python-django security update
Everything You Need To Know About Open Source Network Monitoring Tools
It’s necessary to monitor your company’s network for several reasons. Modern networks can be monitored in a variety of ways. In contrast to application performance management systems, which use agents to retrieve performance information from the application stack, network monitoring…
SUSE: 2022:2767-1 bci/rust Security Update
The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2767-1 bci/rust Security Update
SUSE: 2022:2768-1 bci/rust Security Update
The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2768-1 bci/rust Security Update
Ubuntu 22.10 Gets First Kernel Security Update to Address Recent Wi-Fi Stack Vulnerabilities
Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the…
SUSE: 2022:2769-1 bci/rust Security Update
The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2769-1 bci/rust Security Update
SUSE: 2022:2770-1 bci/rust Security Update
The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2770-1 bci/rust Security Update
SUSE: 2022:2771-1 bci/rust Security Update
The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2771-1 bci/rust Security Update
SUSE: 2022:2772-1 suse/sle15 Security Update
The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2772-1 suse/sle15 Security Update
Incoming OpenSSL Critical Fix: Organizations, Users, Get Ready!
The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0). This article has…
SUSE: 2022:3807-1 important: libconfuse0
An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3807-1 important: libconfuse0
SUSE: 2022:2763-1 suse/pcp Security Update
The container suse/pcp was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2763-1 suse/pcp Security Update
SUSE: 2022:2764-1 bci/python Security Update
The container bci/python was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2764-1 bci/python Security Update
SUSE: 2022:2765-1 bci/python Security Update
The container bci/python was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2765-1 bci/python Security Update
SUSE: 2022:2766-1 bci/ruby Security Update
The container bci/ruby was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2766-1 bci/ruby Security Update
SUSE: 2022:2756-1 bci/golang Security Update
The container bci/golang was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2756-1 bci/golang Security Update
Fedora 36: git 2022-8b58806840
Upstream update including security & bug fixes as well as feature enhancements. From the upstream [release notes](https://github.com/git/git/raw/v2.38.1/Documen tation/RelNotes/2.30.6.txt): CVE-2022-39253 ————– When relying on the `–local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies)…
Fedora 36: dotnet6.0 2022-d80b1d2827
This is the monthly .NET 6 update for September 2022. It updates the .NET SDK to 6.0.109 and Runtime to 6.0.9. This includes a fix for CVE-2022-38013 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…
Fedora 36: glances 2022-e016e6f445
Update to 3.3.0.1 and CVE-2022-25844 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: glances 2022-e016e6f445
SUSE: 2022:2757-1 bci/bci-init Security Update
The container bci/bci-init was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2757-1 bci/bci-init Security Update
SUSE: 2022:2738-1 suse/sle15 Security Update
The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2738-1 suse/sle15 Security Update
SUSE: 2022:2739-1 suse/sle15 Security Update
The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2739-1 suse/sle15 Security Update
Mageia 2022-0396: git security update
CVE-2022-39253: A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim’s machine. CVE-2022-39260: Allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes.…
Mageia 2022-0397: thunderbird security update
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. (CVE-2022-40674) References: – https://bugs.mageia.org/show_bug.cgi?id=30986 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Mageia 2022-0397: thunderbird security update
Mageia 2022-0398: nginx security update
Two security issues were identified in the ngx_http_mp4_module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact. (CVE-2022-41741, CVE-2022-41742) This…
Mageia 2022-0399: firefox security update
expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) Fixes webrtc. References: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Mageia 2022-0399: firefox security update
Debian LTS: DLA-3166-1: ruby-sinatra security update
A file traversal vulnerability was discovered in src:ruby-sinatra, a popular web server often used with Ruby on Rails. We now validate that any expanded paths match the allowed `public_dir` when serving static files. This article has been indexed from LinuxSecurity.com…
Debian LTS: DLA-3165-1: expat security update
In src:expat, an XML parsing C library, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian…
SUSE: 2022:3806-1 important: dbus-1
An update that solves three vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3806-1 important: dbus-1
SUSE: 2022:3801-1 important: openjpeg2
An update that fixes 5 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3801-1 important: openjpeg2
SUSE: 2022:3802-1 important: openjpeg2
An update that fixes 8 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3802-1 important: openjpeg2
Ubuntu 5706-1: Linux kernel (Azure CVM) vulnerabilities
Several security issues were fixed in the Linux kernel. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5706-1: Linux kernel (Azure CVM) vulnerabilities