Category: LinuxSecurity.com – Hybrid RSS

An update that fixes 11 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3826-1 important: hdf5

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3833-1 moderate: podofo

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3834-1 moderate: python-Flask-Security

Read more →

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Oracle6: ELSA-2022-9967: Extended Lifecycle Support (ELS)…

Read more →

An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, This article has…

Read more →

The container bci/golang was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2792-1 bci/golang Security Update

Read more →

The container bci/openjdk was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2794-1 bci/openjdk Security Update

Read more →

The container suse/sles12sp4 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2779-1 suse/sles12sp4 Security Update

Read more →

The container suse/sles12sp5 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2780-1 suse/sles12sp5 Security Update

Read more →

The container bci/dotnet-aspnet was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2785-1 bci/dotnet-aspnet Security Update

Read more →

New vim packages are available for Slackware 15.0 and -current to fix a security issue. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Slackware: 2022-304-01: vim Security Update

Read more →

New php80/php81 packages are available for Slackware 15.0 and -current to fix security issues. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Slackware: 2022-304-02: php80/php81 Security Update

Read more →

A vulnerability has been found in Expat which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-38: Expat: Denial of Service

Read more →

Multiple vulnerabilities have been found in libxml2, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-39: libxml2: Multiple Vulnerabilities

Read more →

Multiple vulnerabilities have been found in SQLite, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-40: SQLite: Multiple Vulnerabilities

Read more →

Multiple vulnerabilities have been found in android-tools, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-41: android-tools: Multiple Vulnerabilities

Read more →

A buffer overflow in zlib might allow an attacker to cause remote code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-42: zlib: Multiple vulnerabilities

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10183-1 moderate: pyenv

Read more →

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-35: Mozilla Thunderbird: Multiple Vulnerabilities

Read more →

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-34: Mozilla Firefox: Multiple Vulnerabilities

Read more →

Libtasn1 could cause a crash when processing certain inputs. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5707-1: Libtasn1 vulnerability

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3819-1 moderate: podman

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3820-1 moderate: podman

Read more →

An update that fixes 11 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10177-1 important: chromium

Read more →

An update that fixes 6 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10182-1 important: opera

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3817-1 critical: libtasn1

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10178-1 important: jhead

Read more →

An update that fixes 6 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10181-1 important: opera

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10179-1 important: jhead

Read more →

An update that fixes 11 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10180-1 important: chromium

Read more →

Nicky Mouha discovered a buffer overflow in ‘sha3’, a Python library for the SHA-3 hashing functions. For Debian 10 buster, this problem has been fixed in version This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

OpenShift API for Data Protection (OADP) 1.0.5 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is…

Read more →

A vulnerability has been discovered in exif which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-28: exif: Denial of Service

Read more →

Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-29: Net-SNMP: Multiple Vulnerabilities

Read more →

Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-30: X.Org X server,…

Read more →

Multiple vulnerabilities have been discovered in OpenEXR, the worst of which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-31: OpenEXR: Multiple Vulnerabilities

Read more →

An integer overflow has been found in hiredis which could result in arbitrary code execution. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-32: hiredis, hiredis-py: Multiple Vulnerabilities

Read more →

A vulnerability has been discovered in Libtirpc which could result in denial of service. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Gentoo: GLSA-202210-33: Libtirpc: Denial of Service

Read more →

– Update to 1.2.22 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: cacti-spine 2022-1a85254c11

Read more →

– url: use IDN decoded names for HSTS checks (CVE-2022-42916) – http_proxy: restore the protocol pointer on error (CVE-2022-42915) – netrc: replace fgets with Curl_get_line (CVE-2022-35260) – fix POST following PUT confusion (CVE-2022-32221) This article has been indexed from LinuxSecurity.com…

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10168-1 important: exim

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10169-1 important: libmad

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10171-1 important: pdns-recursor

Read more →

An update that contains security fixes can now be installed. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: openSUSE: 2022:10170-1 moderate: cacti, cacti-spine

Read more →

Nicky Mouha discovered a buffer overflow in ‘sha3’, a Python library for the SHA-3 hashing functions. For the stable distribution (bullseye), this problem has been fixed in This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

It was discovered that libxml2, the GNOME XML library, was vulnerable to integer overflows and memory corruption. CVE-2022-40303 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3172-1: libxml2 security update

Read more →

Sigstore that is backed by Google, Red Hat, GitHub, and other prominent organizations with an aim to secure the open-source software supply chain has reached general availability and issued the “v1.0” releases for their key software components. This article has…

Read more →

A new open-source ‘S3crets Scanner’ scanner allows researchers and red-teamers to search for ‘secrets’ mistakenly stored in publicly exposed or company’s Amazon AWS S3 storage buckets. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…

Read more →

A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code. This article has been indexed…

Read more →

Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For Debian 10 buster, these problems have been fixed in version This article has been indexed from LinuxSecurity.com – Hybrid…

Read more →

It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. For the stable distribution (bullseye), these problems have been fixed in This article has been indexed…

Read more →

Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2021-43980 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian: DSA-5265-1: tomcat9 security update

Read more →

A security issue was discovered in Chromium, which could result in the execution of arbitrary code. For the stable distribution (bullseye), this problem has been fixed in This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

Building your own initial RAMdisk? That’s insecure! This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Microsoft’s Lennart Poettering Proposes Tightening Up Linux Boot Process

Read more →

We appreciate power but sometimes it’s about getting up and running sooner. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Why I Love My Chromebook: Reason 1, It’s a Linux Desktop

Read more →

Update to 2.4.9, fixes CVE-2022-30674. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: mingw-expat 2022-d93b3bd8b9

Read more →

Update to 2.4.9, fixes CVE-2022-30674. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 35: mingw-expat 2022-c22feb71ba

Read more →

It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file. For Debian 10 buster, these problems have been fixed in version This article has been indexed…

Read more →

An issue has been found in ncurses, a collection of shared libraries for terminal handling. This issue is about an out-of-bounds read in convert_strings in the This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article:…

Read more →

An issue has been found in openvswitch, a software-based, Ethernet virtual switch. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3168-1: openvswitch security update

Read more →

The container suse/sle-micro/5.3/toolbox was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2774-1 suse/sle-micro/5.3/toolbox Security Update

Read more →

The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2775-1 suse/sle-micro/5.1/toolbox Security Update

Read more →

The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2776-1 suse/sle-micro/5.2/toolbox Security Update

Read more →

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme ‘vnd.libreoffice.command’ specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal…

Read more →

Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. 2. Relevant releases/architectures: Red Hat Satellite 6.11 for RHEL 7 – noarch This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

An update for puppet-mysql is now available for Red Hat OpenStack Platform 13.0 (Queens), 16.1 (Train), 16.2 (Train) and 17.0 (Wallaby). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring…

Read more →

An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, This…

Read more →

A micro version update is now available for Red Hat Integration Camel K. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as…

Read more →

Multiple vulnerabilities were discovered in Django, a popular Python-based web development framework: * CVE-2020-24583: Fix incorrect permissions on intermediate-level This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3164-1: python-django security update

Read more →

It’s necessary to monitor your company’s network for several reasons. Modern networks can be monitored in a variety of ways. In contrast to application performance management systems, which use agents to retrieve performance information from the application stack, network monitoring…

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2767-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2768-1 bci/rust Security Update

Read more →

Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the…

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2769-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2770-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2771-1 bci/rust Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2772-1 suse/sle15 Security Update

Read more →

The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0). This article has…

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3807-1 important: libconfuse0

Read more →

The container suse/pcp was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2763-1 suse/pcp Security Update

Read more →

The container bci/python was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2764-1 bci/python Security Update

Read more →

The container bci/python was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2765-1 bci/python Security Update

Read more →

The container bci/ruby was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2766-1 bci/ruby Security Update

Read more →

The container bci/golang was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2756-1 bci/golang Security Update

Read more →

Upstream update including security & bug fixes as well as feature enhancements. From the upstream [release notes](https://github.com/git/git/raw/v2.38.1/Documen tation/RelNotes/2.30.6.txt): CVE-2022-39253 ————– When relying on the `–local` clone optimization, Git dereferences symbolic links in the source repository before creating hardlinks (or copies)…

Read more →

This is the monthly .NET 6 update for September 2022. It updates the .NET SDK to 6.0.109 and Runtime to 6.0.9. This includes a fix for CVE-2022-38013 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

Update to 3.3.0.1 and CVE-2022-25844 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: glances 2022-e016e6f445

Read more →

The container bci/bci-init was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2757-1 bci/bci-init Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2738-1 suse/sle15 Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2739-1 suse/sle15 Security Update

Read more →

CVE-2022-39253: A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim’s machine. CVE-2022-39260: Allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes.…

Read more →

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. (CVE-2022-40674) References: – https://bugs.mageia.org/show_bug.cgi?id=30986 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Mageia 2022-0397: thunderbird security update

Read more →

Two security issues were identified in the ngx_http_mp4_module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact. (CVE-2022-41741, CVE-2022-41742) This…

Read more →

expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) Fixes webrtc. References: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Mageia 2022-0399: firefox security update

Read more →

A file traversal vulnerability was discovered in src:ruby-sinatra, a popular web server often used with Ruby on Rails. We now validate that any expanded paths match the allowed `public_dir` when serving static files. This article has been indexed from LinuxSecurity.com…

Read more →

In src:expat, an XML parsing C library, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian…

Read more →

An update that solves three vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3806-1 important: dbus-1

Read more →

An update that fixes 5 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3801-1 important: openjpeg2

Read more →

An update that fixes 8 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3802-1 important: openjpeg2

Read more →

Several security issues were fixed in the Linux kernel. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5706-1: Linux kernel (Azure CVM) vulnerabilities

Read more →