Debian Linux Security Advisory 4956-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
159314f03c94060d1101ae48c34f241e429ec9fd329b884ff87cfda5209508e7Debian Linux Security Advisory 4957-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service, HTTP request smuggling or cache poisoning.
ba6d55ba4643d5019068c3a8db53edc311218b25702c1dab84615cded98e95edDebian Linux Security Advisory 4958-1 - Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed.
ce39898f17e1fdc88655eae8c1df6a05ea93369c0eca23b7aadf728f15c01b45Debian Linux Security Advisory 4959-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
ff98129ebd1fa410559c670f3f44a955e5253b4e998d707541f680b29e1ab353Debian Linux Security Advisory 4960-1 - Several vulnerabilities were discovered in HAProxy, a fast and reliable load balancing reverse proxy, which can result in HTTP request smuggling. By carefully crafting HTTP/2 requests, it is possible to smuggle another HTTP request to the backend selected by the HTTP/2 request. With certain configurations, it allows an attacker to send an HTTP request to a backend, circumventing the backend selection logic.
74a02124421182397f21d86ca1b1ff0cf7b0c64bd9aa38186fa98eaad1c5a405Debian Linux Security Advisory 4961-1 - Henry de Valence reported a flaw in the signature verification code in Tor, a connection-based low-latency anonymous communication system. A remote attacker can take advantage of this flaw to cause an assertion failure, resulting in denial of service.
d8fd46641386674cf3a52e8f81848a25ad7fddb7438c710b83873a461be4de4cDebian Linux Security Advisory 4962-1 - The update for ledgersmb released as DSA 4862-1 introduced a regression in the display of some search results. Updated ledgersmb packages are now available to correct this issue.
4f9d4bf6b0e20a288cb975a798832a4dc31c818f95dace609059a514d2777a32Debian Linux Security Advisory 4963-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
7f1c8fe693e955cee08270c3932882796ea0d36a94ccf9ffa0552f25e4502d26Debian Linux Security Advisory 4964-1 - Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks.
9e6f0a7dbfa410df4fbfb4fdd4d7afb87834d40f87fd2d39991e605d11f976adDebian Linux Security Advisory 4965-1 - It was discovered that a buffer overflow in rekeying in libssh could result in denial of service or potentially the execution of arbitrary code.
51cf4039278881bec9f067e5cdcadada9c752de725e77c89140310d82ef1fcb8Debian Linux Security Advisory 4966-1 - Multiple security issues were discovered in the GPAC multimedia framework which could result in denial of service or the execution of arbitrary code.
f9408c4f545796fa96a49fcae04173143c198d71051f29aba976ab36c3f54891Red Hat Security Advisory 2021-3235-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include buffer overflow, bypass, code execution, out of bounds write, and privilege escalation vulnerabilities.
f286c4f6d85e2f33403a2dacd758e8f35f083b2b3b3b066fb546a1d7034c2479Red Hat Security Advisory 2021-3234-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
8ffa6e8c2b84659d3c0861d3b909f98b7167a2b94a019d9622740741fd969678Red Hat Security Advisory 2021-3255-02 - The microcode_ctl packages provide microcode updates for Intel. Issues addressed include information leakage and privilege escalation vulnerabilities.
9417e06e19534a6d0714e3e384aba45a2a7685ddf7850eebaf8e982ab5dca932Red Hat Security Advisory 2021-3273-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include bypass and denial of service vulnerabilities.
0a337cca1a247a8a2726799c8b8e280346469a4f3ec523b969f217eb5766ddd0Red Hat Security Advisory 2021-3252-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include buffer overflow, code execution, denial of service, and traversal vulnerabilities.
05d8615e2ff62f71aec723a17e396003df102bd5b199b067ca9160421e948fe6Red Hat Security Advisory 2021-3272-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include bypass and denial of service vulnerabilities.
56ad4fa33c8573a80de0ceaf7952386e6d07274bd2804bbd5ade73cb2a6181ddRed Hat Security Advisory 2021-3253-01 - libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Issues addressed include buffer overflow and code execution vulnerabilities.
12cbbcf8917d9a3641cda9fc77db1ab11f4a0b013f3a5908210053753a813ab3Red Hat Security Advisory 2021-3193-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
327538d7579a80bb4b3d6c9b1c04d9c61a8b8cd0c28c44b27bc0ce76c75bd0e7Ubuntu Security Notice 5053-1 - It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code.
f3a279c38ed606749ddabedbd85154581e55cffe1b0adcb35cbdf2b297cc05deRed Hat Security Advisory 2021-3233-01 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include a buffer overflow vulnerability.
6be98a6925869e1147021473fada7a4429130b94ff373a3c8f888759d44b56efUbuntu Security Notice 5051-3 - USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS. Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
601aedb02dcb81703c8f8937728eed132e75664b1787c8dacac442483a1a66efUbuntu Security Notice 5051-2 - USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
d608c60ee7f2610b9130e1d0027f1eeb33623ea36322fb9c087707f70f2a504bUbuntu Security Notice 5052-1 - MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges.
0ea9b9b187dca2bf7ba1f179a3b10563d15e3a5471c3875c0a889c5422cc0083Ubuntu Security Notice 5037-2 - USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a regression that caused Firefox to repeatedly prompt for a password. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, or execute arbitrary code. Various other issues were also addressed.
e7345d5b5d486e0daa13fc62b565f07e5438ea8c70f891e628005c753b119411
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed