Kaspersky said the figures represented a 1.5 increase compared with the second half of 2021
Daily Archives: March 6, 2023
USN-5923-1: LibTIFF vulnerabilities
It was discovered that LibTIFF could be made to read out of bounds when
processing certain malformed image files with the tiffcrop tool. If a user
were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service. (CVE-2023-0795, CVE-2023-0796, CVE-2023-0797,
CVE-2023-0798, CVE-2023-0799)
It was discovered that LibTIFF could be made to write out of bounds when
processing certain malformed image files with the tiffcrop tool. If a user
were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2023-0800,
CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804)
EPA Calls For Cybersecurity Improvements in Public Water Systems
The memorandum highlights the need for states to include cybersecurity in periodic audits
DoppelPaymer Ransomware Gang Members Busted in Germany, Ukraine
Police also seized electronic equipment and are currently performing forensic examinations
USN-5892-2: NSS vulnerability
USN-5892-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Christian Holler discovered that NSS incorrectly handled certain PKCS 12
certificated bundles. A remote attacker could use this issue to cause NSS
to crash, leading to a denial of service, or possibly execute arbitrary
code. (CVE-2023-0767)
CVE-2015-10094
A vulnerability was found in Fastly Plugin up to 0.97. It has been rated as problematic. Affected by this issue is the function post of the file lib/api.php. The manipulation of the argument url leads to cross site scripting. The attack may be launched remotely. Upgrading to version 0.98 is able to address this issue. The name of the patch is d7fe42538f4d4af500e3af9678b6b06fba731656. It is recommended to upgrade the affected component. VDB-222326 is the identifier assigned to this vulnerability.
USN-5672-2: GMP vulnerability
USN-5672-1 fixed a vulnerability in GMP. This update provides
the corresponsing update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that GMP did not properly manage memory
on 32-bit platforms when processing a specially crafted
input. An attacker could possibly use this issue to cause
applications using GMP to crash, resulting in a denial of
service.
libmemcached-awesome-1.1.4-1.fc38
FEDORA-2023-fd848970c4
Packages in this update:
libmemcached-awesome-1.1.4-1.fc38
Update description:
Version 1.1.4 – released 2022-03-06
Fix gh #107:
macOS: deprecated sasl API (improve detection of libsasl2).
Fix gh #131:
Consider renaming tools (add CLIENT_PREFIX build option; default: mem)
Fix gh #132:
Add build of static library (add BUILD_SHARED_LIBS build option; default: ON).
Fix gh #134:
Update client option documentation.
Fix gh #136:
libmemcachedutil is underlinked (link against libmemcached).
Fix gh php-memcached#531:
get returns random values when lower than default OPT_POLL_TIMEOUT is set.
libmemcached-awesome-1.1.4-1.fc36
FEDORA-2023-7da1639d3f
Packages in this update:
libmemcached-awesome-1.1.4-1.fc36
Update description:
Version 1.1.4 – released 2022-03-06
Fix gh #107:
macOS: deprecated sasl API (improve detection of libsasl2).
Fix gh #131:
Consider renaming tools (add CLIENT_PREFIX build option; default: mem)
Fix gh #132:
Add build of static library (add BUILD_SHARED_LIBS build option; default: ON).
Fix gh #134:
Update client option documentation.
Fix gh #136:
libmemcachedutil is underlinked (link against libmemcached).
Fix gh php-memcached#531:
get returns random values when lower than default OPT_POLL_TIMEOUT is set.
libmemcached-awesome-1.1.4-1.fc37
FEDORA-2023-c9bbaadcbf
Packages in this update:
libmemcached-awesome-1.1.4-1.fc37
Update description:
Version 1.1.4 – released 2022-03-06
Fix gh #107:
macOS: deprecated sasl API (improve detection of libsasl2).
Fix gh #131:
Consider renaming tools (add CLIENT_PREFIX build option; default: mem)
Fix gh #132:
Add build of static library (add BUILD_SHARED_LIBS build option; default: ON).
Fix gh #134:
Update client option documentation.
Fix gh #136:
libmemcachedutil is underlinked (link against libmemcached).
Fix gh php-memcached#531:
get returns random values when lower than default OPT_POLL_TIMEOUT is set.