It was discovered that LibTIFF could be made to read out of bounds when
processing certain malformed image files with the tiffcrop tool. If a user
were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service. (CVE-2023-0795, CVE-2023-0796, CVE-2023-0797,
CVE-2023-0798, CVE-2023-0799)

It was discovered that LibTIFF could be made to write out of bounds when
processing certain malformed image files with the tiffcrop tool. If a user
were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2023-0800,
CVE-2023-0801, CVE-2023-0802, CVE-2023-0803, CVE-2023-0804)

Read More

USN-5892-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Christian Holler discovered that NSS incorrectly handled certain PKCS 12
certificated bundles. A remote attacker could use this issue to cause NSS
to crash, leading to a denial of service, or possibly execute arbitrary
code. (CVE-2023-0767)

Read More

A vulnerability was found in Fastly Plugin up to 0.97. It has been rated as problematic. Affected by this issue is the function post of the file lib/api.php. The manipulation of the argument url leads to cross site scripting. The attack may be launched remotely. Upgrading to version 0.98 is able to address this issue. The name of the patch is d7fe42538f4d4af500e3af9678b6b06fba731656. It is recommended to upgrade the affected component. VDB-222326 is the identifier assigned to this vulnerability.

Read More

USN-5672-1 fixed a vulnerability in GMP. This update provides
the corresponsing update for Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that GMP did not properly manage memory
on 32-bit platforms when processing a specially crafted
input. An attacker could possibly use this issue to cause
applications using GMP to crash, resulting in a denial of
service.

Read More

FEDORA-2023-fd848970c4

Packages in this update:

libmemcached-awesome-1.1.4-1.fc38

Update description:

Version 1.1.4 – released 2022-03-06

Fix gh #107:
macOS: deprecated sasl API (improve detection of libsasl2).
Fix gh #131:
Consider renaming tools (add CLIENT_PREFIX build option; default: mem)
Fix gh #132:
Add build of static library (add BUILD_SHARED_LIBS build option; default: ON).
Fix gh #134:
Update client option documentation.
Fix gh #136:
libmemcachedutil is underlinked (link against libmemcached).
Fix gh php-memcached#531:
get returns random values when lower than default OPT_POLL_TIMEOUT is set.

Read More

FEDORA-2023-7da1639d3f

Packages in this update:

libmemcached-awesome-1.1.4-1.fc36

Update description:

Version 1.1.4 – released 2022-03-06

Fix gh #107:
macOS: deprecated sasl API (improve detection of libsasl2).
Fix gh #131:
Consider renaming tools (add CLIENT_PREFIX build option; default: mem)
Fix gh #132:
Add build of static library (add BUILD_SHARED_LIBS build option; default: ON).
Fix gh #134:
Update client option documentation.
Fix gh #136:
libmemcachedutil is underlinked (link against libmemcached).
Fix gh php-memcached#531:
get returns random values when lower than default OPT_POLL_TIMEOUT is set.

Read More

FEDORA-2023-c9bbaadcbf

Packages in this update:

libmemcached-awesome-1.1.4-1.fc37

Update description:

Version 1.1.4 – released 2022-03-06

Fix gh #107:
macOS: deprecated sasl API (improve detection of libsasl2).
Fix gh #131:
Consider renaming tools (add CLIENT_PREFIX build option; default: mem)
Fix gh #132:
Add build of static library (add BUILD_SHARED_LIBS build option; default: ON).
Fix gh #134:
Update client option documentation.
Fix gh #136:
libmemcachedutil is underlinked (link against libmemcached).
Fix gh php-memcached#531:
get returns random values when lower than default OPT_POLL_TIMEOUT is set.

Read More