Search results

  1. LinuxBot

    Debian Security Update DSA-5142 libxml2 - security update

    Felix Wilhelm reported that several buffer handling functions in libxml2, a library providing support to read, modify and write XML and HTML files, don't check for integer overflows, resulting in out-of-bounds memory writes if specially crafted, multi-gigabyte XML files are processed. An...
  2. LinuxBot

    Debian Security Update DSA-5143 firefox-esr - security update

    Manfred Paul discovered two security issues in the Mozilla Firefox web browser, which could result in the execution of arbitrary code. Continue reading...
  3. LinuxBot

    Debian Security Update DSA-5144 condor - security update

    Several flaws have been discovered in HTCondor, a distributed workload management system, which allow users with only READ access to any daemon to use a different authentication method than the administrator has specified. If the administrator has configured the READ or WRITE methods to include...
  4. LinuxBot

    Debian Security Update DSA-5140 openldap - security update

    Jacek Konieczny discovered a SQL injection vulnerability in the back-sql backend to slapd in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, allowing an attacker to alter the database during an LDAP search operation when a specially crafted search filter is...
  5. LinuxBot

    Debian Security Update DSA-5141 thunderbird - security update

    Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. Continue reading...
  6. LinuxBot

    Ubuntu Security Update USN-5424-2: OpenLDAP vulnerability

    USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A...
  7. LinuxBot

    Ubuntu Security Update USN-5429-1: Bind vulnerability

    Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Continue reading...
  8. LinuxBot

    Ubuntu Security Update USN-5430-1: GNOME Settings vulnerability

    It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations. Continue reading...
  9. LinuxBot

    Debian Security Update DSA-5138 waitress - security update

    It was discovered that the Waitress WSGI server was susceptible to HTTP request smuggling in some scenarios when used behind a proxy. Continue reading...
  10. LinuxBot

    Debian Security Update DSA-5139 openssl - security update

    Elison Niven discovered that the c_rehash script included in OpenSSL did not sanitise shell meta characters which could result in the execution of arbitrary commands. Continue reading...
  11. LinuxBot

    Ubuntu Security Update USN-5428-1: libXrandr vulnerabilities

    Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-7947, CVE-2016-7948) Continue reading...
  12. LinuxBot

    Debian Security Update DSA-5137 needrestart - security update

    Jakub Wilk discovered a local privilege escalation in needrestart, a utility to check which daemons need to be restarted after library upgrades. Regular expressions to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart...
  13. LinuxBot

    Ubuntu Security Update USN-5425-1: PCRE vulnerabilities

    Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu...
  14. LinuxBot

    Ubuntu Security Update USN-5423-2: ClamAV vulnerabilities

    USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause...
  15. LinuxBot

    Ubuntu Security Update USN-5426-1: needrestart vulnerability

    Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code. Continue reading...
  16. LinuxBot

    Ubuntu Security Update USN-5427-1: Apport vulnerabilities

    Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections...
  17. LinuxBot

    Ubuntu Security Update USN-5423-1: ClamAV vulnerabilities

    Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. (CVE-2022-20770) Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote...
  18. LinuxBot

    Ubuntu Security Update USN-5424-1: OpenLDAP vulnerability

    It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database. Continue reading...
  19. LinuxBot

    Ubuntu Security Update USN-5311-2: containerd regression

    USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for this CVE by mistake. This update corrects the problem. We apologize for the inconvenience. Original advisory details: It was discovered that containerd allows attackers to gain access to read- only...
  20. LinuxBot

    Ubuntu Security Update USN-5422-1: libxml2 vulnerabilities

    Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308) It was...
Top