Debian Linux Security Advisory 5788-1 - Damien Schaeffer discovered a use-after-free in the Mozilla Firefox web browser, which could result in the execution of arbitrary code.
71cf6e08a29d64dd05cec8da672d495e697c717f5050845adf6c9632bc54af0a
Ubuntu Security Notice 7020-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
7bdc12f76ce92161568b6661bc383554aeb8e9e2644aeb9eb55bcc840b9a28c2
Ubuntu Security Notice 7062-1 - It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code.
e08b2d1a8c1054fb3429eeda4d87139413be28d69b597bda91a28203871786f0
Red Hat Security Advisory 2024-7994-03 - Red Hat Advanced Cluster Management for Kubernetes 2.11.3 General Availability release images, bug fixes, and updated container images.
4f64e5cf12aa3f65ec367ff950438b3d267c2a4645054594527db50d828aa58d
Red Hat Security Advisory 2024-7987-03 - An update is now available for Red Hat Satellite 6.15 for RHEL 8. Issues addressed include HTTP request smuggling and null pointer vulnerabilities.
b58d7016764ddfe17daf466f24d943858f278365518a58f25fe14223d941a26f
Red Hat Security Advisory 2024-7977-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
5dadc8c60942a612f74731ad17bcda495796bfe8065be680e18a450bfcc6f430
Red Hat Security Advisory 2024-7972-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include a code execution vulnerability.
dda3f88a23353ff415491ab18b600dc2473b5b33043d512eceae4eb401e8d30c
Ubuntu Security Notice 7061-1 - Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template.
366aa6bc269ca28c4b992ad13527bd77d7968a9ad5dcd84915ed51954acbe4c1
Ubuntu Security Notice 7022-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
abe3896117665188580a1dbccbf924257f2bb30260e8e6292a0ede48e9e053f6
Ubuntu Security Notice 7060-1 - It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
4da85379bce0bd996f69858bb941555e77ae2c4f4a4eeb00ea9f355b115bb3ed
Debian Linux Security Advisory 5787-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
f4228d9be2e94b5178c0ed22259a02e549ea50feae6bfd6228876d967a2f1977
Ubuntu Security Notice 7059-1 - Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned files, leading to a privilege escalation attack.
a238ccdfc4dd16f55ee4565782ae895c255c561f32b8e490049e5e3041d303d0
Red Hat Security Advisory 2024-7958-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
cf56dcaf4106898501c231eb5b6e2d40d23a617ee4a0cf0f16c80eeafe647fda
Red Hat Security Advisory 2024-7875-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and null pointer vulnerabilities.
bfb4f424d33f632351116317ccc496f237de754375206c1277443c5a6f1922b5
Red Hat Security Advisory 2024-7869-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and denial of service vulnerabilities.
0362279b75a2628874ca61c29a2f1b53c2f1041de5e5b0b0578f08131524462d
Red Hat Security Advisory 2024-7868-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution and denial of service vulnerabilities.
76429578bbb0ceed040c04152fe294b3388c64cd241ad4b03527ed4fd5c21a46
Red Hat Security Advisory 2024-7867-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
e8ca91e87cbffbe6cef3f92b63caefa2394939c1abdc349c42edba3a6baf0cee
Red Hat Security Advisory 2024-7861-03 - An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include a code execution vulnerability.
e76013bfc832f63d8d448637cc58cb22ea429d3fae6f530c4cdb59d7133ddb37
Red Hat Security Advisory 2024-7856-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and denial of service vulnerabilities.
c2e8f5f911eac42ae59fdfa7e8258cb32a1d7091bbd6b7bc7dc3f63fc7800d10
Red Hat Security Advisory 2024-7854-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass and denial of service vulnerabilities.
95ca81691ca97832a0802a6c5e3b066045e2c06e140d254b8e177b9a701d809d
Red Hat Security Advisory 2024-7852-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
6f821c3ab8a8cfb7877610a0c982d1f114fb350a53d231d6688c12de4b495935
Red Hat Security Advisory 2024-7594-03 - Red Hat OpenShift Container Platform release 4.15.36 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and out of bounds write vulnerabilities.
0dfe4d19fbde52ed6143060e174763f2cd2e09cc8c746123999ba05fcdfc864d
Debian Linux Security Advisory 5729-2 - The fixes for CVE-2024-38474 and CVE-2024-39884 introduced two regressions in mod_rewrite and mod_proxy.
703eefdd0f2dd6fbb59ea885c38a5f69342264fef0c904ef54b8697717bf0ae6
Ubuntu Security Notice 7043-4 - USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer discovery protocol entirely. Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.
d6735cd226521138a1caa83e35e3599310090e11b787a19fe17009e31c3e555a
Ubuntu Security Notice 7042-2 - USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the fix by removing support for the legacy CUPS printer discovery protocol entirely. Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.
c9d388e6e36edc217181c7dfaecdbff89ae45ef265bf94be3ca4b0635d69e57f