Debian Linux Security Advisory 5788-1 - Damien Schaeffer discovered a use-after-free in the Mozilla Firefox web browser, which could result in the execution of arbitrary code.
71cf6e08a29d64dd05cec8da672d495e697c717f5050845adf6c9632bc54af0aUbuntu Security Notice 7020-4 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
7bdc12f76ce92161568b6661bc383554aeb8e9e2644aeb9eb55bcc840b9a28c2Ubuntu Security Notice 7062-1 - It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code.
e08b2d1a8c1054fb3429eeda4d87139413be28d69b597bda91a28203871786f0Red Hat Security Advisory 2024-7994-03 - Red Hat Advanced Cluster Management for Kubernetes 2.11.3 General Availability release images, bug fixes, and updated container images.
4f64e5cf12aa3f65ec367ff950438b3d267c2a4645054594527db50d828aa58dRed Hat Security Advisory 2024-7987-03 - An update is now available for Red Hat Satellite 6.15 for RHEL 8. Issues addressed include HTTP request smuggling and null pointer vulnerabilities.
b58d7016764ddfe17daf466f24d943858f278365518a58f25fe14223d941a26fRed Hat Security Advisory 2024-7977-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
5dadc8c60942a612f74731ad17bcda495796bfe8065be680e18a450bfcc6f430Red Hat Security Advisory 2024-7972-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include a code execution vulnerability.
dda3f88a23353ff415491ab18b600dc2473b5b33043d512eceae4eb401e8d30cUbuntu Security Notice 7061-1 - Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not escape them as expected. An attacker could possibly use this issue to inject arbitrary Javascript code into the Go template.
366aa6bc269ca28c4b992ad13527bd77d7968a9ad5dcd84915ed51954acbe4c1Ubuntu Security Notice 7022-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
abe3896117665188580a1dbccbf924257f2bb30260e8e6292a0ede48e9e053f6Ubuntu Security Notice 7060-1 - It was discovered that EDK II did not check the buffer length in XHCI, which could lead to a stack overflow. A local attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Laszlo Ersek discovered that EDK II incorrectly handled recursion. A remote attacker could possibly use this issue to cause EDK II to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
4da85379bce0bd996f69858bb941555e77ae2c4f4a4eeb00ea9f355b115bb3edDebian Linux Security Advisory 5787-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
f4228d9be2e94b5178c0ed22259a02e549ea50feae6bfd6228876d967a2f1977Ubuntu Security Notice 7059-1 - Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned files, leading to a privilege escalation attack.
a238ccdfc4dd16f55ee4565782ae895c255c561f32b8e490049e5e3041d303d0Red Hat Security Advisory 2024-7958-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
cf56dcaf4106898501c231eb5b6e2d40d23a617ee4a0cf0f16c80eeafe647fdaRed Hat Security Advisory 2024-7875-03 - An update for net-snmp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and null pointer vulnerabilities.
bfb4f424d33f632351116317ccc496f237de754375206c1277443c5a6f1922b5Red Hat Security Advisory 2024-7869-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and denial of service vulnerabilities.
0362279b75a2628874ca61c29a2f1b53c2f1041de5e5b0b0578f08131524462dRed Hat Security Advisory 2024-7868-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution and denial of service vulnerabilities.
76429578bbb0ceed040c04152fe294b3388c64cd241ad4b03527ed4fd5c21a46Red Hat Security Advisory 2024-7867-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
e8ca91e87cbffbe6cef3f92b63caefa2394939c1abdc349c42edba3a6baf0ceeRed Hat Security Advisory 2024-7861-03 - An update to the images for Red Hat build of Apicurio Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include a code execution vulnerability.
e76013bfc832f63d8d448637cc58cb22ea429d3fae6f530c4cdb59d7133ddb37Red Hat Security Advisory 2024-7856-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and denial of service vulnerabilities.
c2e8f5f911eac42ae59fdfa7e8258cb32a1d7091bbd6b7bc7dc3f63fc7800d10Red Hat Security Advisory 2024-7854-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass and denial of service vulnerabilities.
95ca81691ca97832a0802a6c5e3b066045e2c06e140d254b8e177b9a701d809dRed Hat Security Advisory 2024-7852-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
6f821c3ab8a8cfb7877610a0c982d1f114fb350a53d231d6688c12de4b495935Red Hat Security Advisory 2024-7594-03 - Red Hat OpenShift Container Platform release 4.15.36 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and out of bounds write vulnerabilities.
0dfe4d19fbde52ed6143060e174763f2cd2e09cc8c746123999ba05fcdfc864dDebian Linux Security Advisory 5729-2 - The fixes for CVE-2024-38474 and CVE-2024-39884 introduced two regressions in mod_rewrite and mod_proxy.
703eefdd0f2dd6fbb59ea885c38a5f69342264fef0c904ef54b8697717bf0ae6Ubuntu Security Notice 7043-4 - USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer discovery protocol entirely. Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.
d6735cd226521138a1caa83e35e3599310090e11b787a19fe17009e31c3e555aUbuntu Security Notice 7042-2 - USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the fix by removing support for the legacy CUPS printer discovery protocol entirely. Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.
c9d388e6e36edc217181c7dfaecdbff89ae45ef265bf94be3ca4b0635d69e57f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed