Tag: LinuxSecurity.com – Hybrid RSS

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3547-1 important: jdom

Read more →

An update that fixes two vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3718-1 important: bluez

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3724-1 important: libosip2

Read more →

New upstream release fixing CVE-2022-3515 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: libksba 2022-3ef41c3410

Read more →

vnc-clipboard: fix integer underflow in vnc_client_cut_text_ext (CVE-2022-3165) (rhbz#2129759) This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: qemu 2022-8dcdfe7297

Read more →

Update to 2.10.3 * Fix CVE-2022-40303 * Fix CVE-2022-40304 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: libxml2 2022-aeafd24818

Read more →

Update to 2.10.3 * Fix CVE-2022-40303 * Fix CVE-2022-40304 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: xmlsec1 2022-aeafd24818

Read more →

– New upstream version (106.0.1) This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: firefox 2022-a648a9484f

Read more →

An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which This…

Read more →

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which This…

Read more →

An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which This article has…

Read more →

The last Java security update introduced a change that broke libbluray’s interactive BD-J support. This update adds compatibility with those Java changes. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3159-1: libbluray…

Read more →

The container ses/7.1/cephcsi/csi-provisioner was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2663-1 ses/7.1/cephcsi/csi-provisioner Security Update

Read more →

The container ses/7.1/cephcsi/csi-resizer was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2664-1 ses/7.1/cephcsi/csi-resizer Security Update

Read more →

The container ses/7.1/ceph/prometheus-node-exporter was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2665-1 ses/7.1/ceph/prometheus-node-exporter Security Update

Read more →

The container ses/7.1/ceph/prometheus-server was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2666-1 ses/7.1/ceph/prometheus-server Security Update

Read more →

The container ses/7.1/rook/ceph was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2667-1 ses/7.1/rook/ceph Security Update

Read more →

Linux operating systems power more than 90% of the world’s public cloud workload , from government web servers to smart manufacturing technologies. But as organizations continue to shift operations to the cloud, cybercriminals are following suit and directing their attention…

Read more →

An update for libksba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update for libksba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update that solves two vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3708-1 important: multipath-tools

Read more →

An update that solves two vulnerabilities, contains one feature and has four fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3710-1 important: multipath-tools

Read more →

An update that solves two vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3709-1 important: multipath-tools

Read more →

pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field (CVE-2022-2393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to…

Read more →

libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 libksba-1.3.0-6.el7_9.i686.rpm libksba-1.3.0-6.el7_9.x86_64.rpm libksba-debuginfo-1.3.0-6.el7_9.i686.rpm libksba-debuginfo-1.3.0-6.el7_9.x86_6 [More…] This…

Read more →

An update that solves one vulnerability and has two fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3713-1 important: multipath-tools

Read more →

An update that solves two vulnerabilities and has 6 fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3711-1 important: multipath-tools

Read more →

An update that solves two vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3707-1 important: multipath-tools

Read more →

An update that solves one vulnerability and has two fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3715-1 important: multipath-tools

Read more →

An update that solves one vulnerability and has 8 fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3714-1 important: multipath-tools

Read more →

It was found that wkhtmltopdf, a command line utility to render HTML files into PDF, allowed local filesystem access by default. This update disables local filesystem access, but it can be enabled if necessary with the –enable-local-file-access or the –allow…

Read more →

An update that solves 15 vulnerabilities, contains one feature and has three fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3704-1 important: the Linux Kernel

Read more →

An update that fixes one vulnerability, contains one feature is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3706-1 moderate: google-gson

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3701-1 moderate: python-Mako

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3705-1 important: postgresql-jdbc

Read more →

Several security issues were fixed in MySQL. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5696-1: MySQL vulnerabilities

Read more →

An incomplete fix was discovered in Pillow. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Ubuntu 5227-3: Pillow vulnerability

Read more →

An update for libksba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update that fixes four vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3698-1 important: MozillaFirefox

Read more →

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Multiple Campaigns Exploit…

Read more →

If you’ve thought about becoming a professional Linux administrator but you’re not sure where to start, this article is for you. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: What Should Be on My…

Read more →

Update to maintenance release 3.0.8 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: libmodsecurity 2022-afa1e7b6c4

Read more →

Several vulnerabilities were discovered in BlueZ, the Linux Bluetooth protocol stack. An attacker could cause a denial-of-service (DoS) or leak information. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian LTS: DLA-3157-1: bluez security…

Read more →

Updated CVE security packages are now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which This article has…

Read more →

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. (CVE-2022-1304) References: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the…

Read more →

ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. (CVE-2021-46790) An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G This article has been indexed from LinuxSecurity.com –…

Read more →

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar…

Read more →

cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. (CVE-2022-40320) References: – https://bugs.mageia.org/show_bug.cgi?id=30856 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Mageia 2022-0387: libconfuse security update

Read more →

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver’s performance, effectively denying legitimate clients access to the DNS resolution service. (CVE-2022-2795) This article has been indexed from LinuxSecurity.com – Hybrid RSS Read…

Read more →

GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osip_body_parse_header. (CVE-2022-41550) References: – https://bugs.mageia.org/show_bug.cgi?id=30963 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Mageia 2022-0389: libosip2 security update

Read more →

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to…

Read more →

This kernel-linus update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to…

Read more →

Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, used exec() on input passed to the server component. This article has been indexed from LinuxSecurity.com – Hybrid RSS…

Read more →

The container suse/pcp was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2650-1 suse/pcp Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2651-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2652-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2653-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2654-1 bci/rust Security Update

Read more →

The container bci/rust was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2655-1 bci/rust Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2639-1 suse/sle15 Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2640-1 suse/sle15 Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2641-1 suse/sle15 Security Update

Read more →

The container bci/nodejs was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2642-1 bci/nodejs Security Update

Read more →

## CKEditor 4.20 New Features: * [#5084](https://github.com/ckeditor/ckeditor4/issues/5084): Added the [`config.t abletools_scopedHeaders`](https://ckeditor.com/docs/ckeditor4/latest/api/CKEDITO R_config.html#cfg-tabletools_scopedHeaders) configuration option controlling the behaviour of table headers with and without the `[scope]` attribute. * This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original…

Read more →

## [3.1.47] – 2022-09-14 ### Security – Applied appropriate javascript and html escaping in mailto plugin to counter injection attacks [#454](https://github.com/smarty-php/smarty/issues/454) ### Fixed – Fixed use of `rand()` without a parameter in math function [#794](https://github.com/smarty-php/smarty/issues/794) – Fixed unselected This article…

Read more →

– [7.92](https://www.drupal.org/project/drupal/releases/7.92) – [7.91](https://www.drupal.org/project/drupal/releases/7.91) – [SA- CORE-2022-012 / CVE-2022-25275](https://www.drupal.org/sa-core-2022-012) – [7.90](https://www.drupal.org/project/drupal/releases/7.90) – [7.89](https://www.drupal.org/project/drupal/releases/7.89) – This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: drupal7 2022-9d655503ea

Read more →

The security update announced as DSA 5257-1 caused regressions on certain systems using the amdgpu driver. Updated packages are now available to correct this issue. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Debian:…

Read more →

Security fix for CVE-2022-2476 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 35: wavpack 2022-c9c086b06f

Read more →

An update that solves 7 vulnerabilities, contains one feature and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3693-1 important: the Linux Kernel

Read more →

Addressing a decades-old deficiency in coding curriculums could have a profound effect on the security of the software supply chain, a leading expert on the subject tells The Daily Swig . This article has been indexed from LinuxSecurity.com – Hybrid…

Read more →

What appeared to be one simple Linux Wi-Fi networking security problem was soon revealed to be five different nasty Wi-Fi security problems. Fortunately, the patches are on their way. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read…

Read more →

– Update to 20.10.20. – Mitigates CVE-2022-39253 This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: Fedora 36: moby-engine 2022-12790ca71a

Read more →

The container bci/dotnet-aspnet was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2631-1 bci/dotnet-aspnet Security Update

Read more →

The container bci/dotnet-sdk was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2632-1 bci/dotnet-sdk Security Update

Read more →

The container bci/dotnet-runtime was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2633-1 bci/dotnet-runtime Security Update

Read more →

The container bci/dotnet-runtime was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2634-1 bci/dotnet-runtime Security Update

Read more →

The container bci/dotnet-runtime was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2635-1 bci/dotnet-runtime Security Update

Read more →

The container suse/sle15 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:2636-1 suse/sle15 Security Update

Read more →

The container suse-sles-15-sp3-chost-byos-v20221019-x86_64-gen2 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:1116-1 suse-sles-15-sp3-chost-byos-v20221019-x86_64-gen2 Security Update

Read more →

The container suse-sles-15-sp3-chost-byos-v20221019-hvm-ssd-x86_64 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:1117-1 suse-sles-15-sp3-chost-byos-v20221019-hvm-ssd-x86_64 Security Update

Read more →

The container sles-15-sp3-chost-byos-v20221019-x86-64 was updated. The following patches have been included in this update: This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:1118-1 sles-15-sp3-chost-byos-v20221019-x86-64 Security Update

Read more →

An update that fixes two vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3692-1 important: libxml2

Read more →

An update that solves 5 vulnerabilities and has two fixes is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3688-1 important: the Linux Kernel

Read more →

An update that fixes 6 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3691-1 important: bluez

Read more →

OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: OldGremlin Hackers Use Linux Ransomware…

Read more →

An update that fixes 9 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3690-1 important: tiff

Read more →

An update that fixes 6 vulnerabilities is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3687-1 important: bluez

Read more →

Linux operating systems power more than 90% of the world’s public cloud workload , from government web servers to smart manufacturing technologies. But as organizations continue to shift operations to the cloud, cybercriminals are following suit and directing their attention…

Read more →

OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling…

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3683-1 critical: libksba

Read more →

An update that solves three vulnerabilities and has one errata is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3682-1 important: bind

Read more →

There are many benefits provided by the internet, however, it also introduced new risks and challenges. The threat to our privacy is one of the most common and notable risks users have to face online. This article has been indexed…

Read more →

This update upgrades Firefox to version 102.4.0 ESR. * Mozilla: Same-origin policy violation could have leaked cross-origin URLs (CVE-2022-42927) * Mozilla: Memory Corruption in JS Engine (CVE-2022-42928) * Mozilla: Denial of Service via window.print (CVE-2022-42929) * Mozilla: Memory safety bugs…

Read more →

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of…

Read more →

An update that fixes one vulnerability is now available. This article has been indexed from LinuxSecurity.com – Hybrid RSS Read the original article: SUSE: 2022:3681-1 critical: libksba

Read more →

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed…

Read more →