Set CKA_NSS_SERVER_DISTRUST_AFTER and CKA_NSS_EMAIL_DISTRUST_AFTER for 3 TrustCor Root Certificates. r=KathleenWilson References: - https://bugs.mageia.org/show_bug.cgi?id=31232
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. (CVE-2022-46391) References: - https://bugs.mageia.org/show_bug.cgi?id=31230
2-byte DoS in netkit-telnetd. (CVE-2022-39028) References: - https://bugs.mageia.org/show_bug.cgi?id=31229 - https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. (CVE-2022-4170) References:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. (CVE-2022-30065) References:
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working
Security fix for TALOS-2022-1594. References: - https://bugs.mageia.org/show_bug.cgi?id=31207 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/IWF2CGKHHMVPAEZ2VSMQDVMDS4VUYMV3/
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. (CVE-2013-4235) References: - https://bugs.mageia.org/show_bug.cgi?id=31198
If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If
In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. (CVE-2022-36227)
Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content. (CVE-2022-45414) References:
The chromium-browser-stable package has been updated to the new 108 branch with the 108.0.5359.94 release, fixing many bugs and 29 vulnerabilities, together with 107.0.5304.121 and 108.0.5359.71. Some of the security fixes are -
In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. (CVE-2022-37026) References:
JBIG-KIT could be made to crash if it opened a specially crafted file. (CVE-2017-9937) References: - https://bugs.mageia.org/show_bug.cgi?id=31189
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. (CVE-2022-3970)
In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. (CVE-2022-39316)
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. (CVE-2021-3574) A flaw was found in ImageMagick. The vulnerability occurs due to improper
Fixed validation of embedded certificates was when checking OCSP responses (CVE-2022-43705) References: - https://bugs.mageia.org/show_bug.cgi?id=31176
Fixed unsanitized NUL in environment variables in syscalls, os/exec (go#56327) (bsc#1204941). (CVE-2022-41716) runtime: lock count" fatal error when cgo is enabled (go#56308)
This kernel-linus update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
