Gentoo Linux Security Advisory 202401-24 - Multiple denial of service vulnerabilities have been discovered in Nettle. Versions greater than or equal to 3.9.1 are affected.
b2b7995a3b3d102f3ba61b008faa0a4d374977257cf19d57646d6514262afae4
Gentoo Linux Security Advisory 202401-23 - A buffer overread vulnerability has been found in libuv. Versions greater than or equal to 1.41.1 are affected.
a1d98c5d3663ab5a3cd31b313c33b2ba88d065e8f085e2993c77fdeb8f968599
Gentoo Linux Security Advisory 202401-22 - Multiple vulnerabilities have been discovered in libspf2, the worst of which can lead to remote code execution. Versions greater than or equal to 1.2.11 are affected.
4df9712baaacd6e6f669da956478624a2d0582ad60f2fbd6ecdc17e27f5e2396
Gentoo Linux Security Advisory 202401-21 - A vulnerability has been found in KTextEditor where local code can be executed without user interaction. Versions greater than or equal to 5.90.0-r2 are affected.
e18be6e0e589094dc0bf306aff7478ea2c316df15ee6a9d58fbe76bb8bbd6803
Gentoo Linux Security Advisory 202401-20 - A vulnerability has been found in QPDF which can lead to a heap-based buffer overflow. Versions greater than or equal to 10.1.0 are affected.
69b3736c24b0845bb03eb0957955a8f6ad32fc45aa1950f917fb02f5a73d2d4e
Gentoo Linux Security Advisory 202401-19 - Multiple vulnerabilities have been found in Opera, the worst of which can lead to remote code execution. Versions greater than or equal to 73.0.3856.284 are affected.
d555786617084799df45cfbed82ca07fb4afd6fa168f910245e907df3e94c1a2
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173e
Ubuntu Security Notice 6579-2 - USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
6b8afe9c3f76e059a150804fa723c661478617df43e76e0f814143028a21e93b
Ubuntu Security Notice 6583-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.44 in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information:
0082e9e9a88f33ff401159113f071dd4630bada8baaebcf81fd8b16b81a9f296
Ubuntu Security Notice 6585-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
d368df4c0d357987893502f341336db0f44b79a83468cb12d62846d219bc5e7b
Ubuntu Security Notice 6584-1 - Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
486e45e1623fd297d952a83d392ee0ab81d01bc53495bad464db7ee92f739a3a
Ubuntu Security Notice 6581-1 - It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service.
f59dca768c623409e354e28333e5c3d985139d888916565968db33cdc71152c7
Red Hat Security Advisory 2024-0256-03 - An update for python3 is now available for Red Hat Enterprise Linux 8.
15c3b178f8fee1cbc445035de871e25288649c5781612a83fd68e85f42a2666c
Red Hat Security Advisory 2024-0255-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
c3b8ebb04990b508a88474523bab8687332f945b40f5ded1942ac55e5a9a966f
Red Hat Security Advisory 2024-0254-03 - An update for rsync is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer over-read vulnerability.
7a24cbb4322b6221eaddcf1077f0869f9fcf4a232d146de8a289931c145d8858
Red Hat Security Advisory 2024-0253-03 - An update for sqlite is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
6c775f9944647a287d06ff7ba3d87e442f72522f488e8d6a5da8762868c02e2b
Red Hat Security Advisory 2024-0252-03 - An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and cross site request forgery vulnerabilities.
d61da2c121b751ae21f9658eb6dd9d4e748b91cf53d65ff7171ed809205f5b3c
Ubuntu Security Notice 6582-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
efacb4bdb05b573622a6891d651f7f79948338036201cc4c73c3478731777aee
MailCarrier version 2.51 remote denial of service exploit.
8d7ecacd83b4b1b521a71b23531e9e47816a0daa81b52e8212fa585f7d4ae53a
Ubuntu Security Notice 6580-1 - It was discovered that w3m incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
f8d794f17780f4bd0df84db08bae50da6a56925ccc89d293edc51618ed8d80dc
LightFTP version 1.1 remote denial of service exploit.
44982ff8d2df3f166c03d5a967d77f762d6994bee1f7757b01fe4c9887521198