New research shows organizations unprepared for strict new cyber incident reporting requirements
Daily Archives: March 30, 2022
USN-5355-2: zlib vulnerability
USN-5355-1 fixed a vulnerability in zlib. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Danilo Ramos discovered that zlib incorrectly handled memory when
performing certain deflating operations. An attacker could use this issue
to cause zlib to crash, resulting in a denial of service, or possibly
execute arbitrary code.
chromium-99.0.4844.84-1.el7
FEDORA-EPEL-2022-b3413eba96
Packages in this update:
chromium-99.0.4844.84-1.el7
Update description:
Minor update for CVE-2022-1096.
Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.
chromium-99.0.4844.84-1.el8
FEDORA-EPEL-2022-5b50dd1ab7
Packages in this update:
chromium-99.0.4844.84-1.el8
Update description:
Minor update for CVE-2022-1096.
Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.
chromium-99.0.4844.84-1.fc35
FEDORA-2022-e960d7e1b6
Packages in this update:
chromium-99.0.4844.84-1.fc35
Update description:
Minor update for CVE-2022-1096.
Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.
chromium-99.0.4844.84-1.fc34
FEDORA-2022-ba2c5339d4
Packages in this update:
chromium-99.0.4844.84-1.fc34
Update description:
Minor update for CVE-2022-1096.
Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.
chromium-99.0.4844.84-1.fc36
FEDORA-2022-8b0d8fb7da
Packages in this update:
chromium-99.0.4844.84-1.fc36
Update description:
Minor update for CVE-2022-1096.
Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.
CVE-2021-1033
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185247656
CVE-2021-1000
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185190688
CVE-2020-35501
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem