USN-5193-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain inputs. An attacker could use this issue to cause the server to
crash, resulting in a denial of service, or possibly execute arbitrary
code and escalate privileges.
It was discovered that LLVM Toolchain did not properly manage memory under
certain circumstances. If a user were tricked into opening a specially
crafted MLIR file, an attacker could possibly use this issue to cause LLVM
Toolchain to crash, resulting in a denial of service. (CVE-2023-29932,
CVE-2023-29934, CVE-2023-29939)
It was discovered that LLVM Toolchain did not properly manage memory under
certain circumstances. If a user were tricked into opening a specially
crafted MLIR file, an attacker could possibly use this issue to cause LLVM
Toolchain to crash, resulting in a denial of service. This issue only
affected llvm-toolchain-15. (CVE-2023-29933)
caddy-2.7.0~beta2-1.fc39
Automatic update for caddy-2.7.0~beta2-1.fc39.
* Thu Jul 27 2023 Carl George <carl@george.computer> – 2.7.0~beta2-1
– Update to version 2.7.0~beta2, resolves rhbz#2225732 rhbz#2124366
– Resolves CVE-2022-41717 rhbz#2164315
– Resolves CVE-2022-41723 rhbz#2178412
– Add man pages
– Use generated shell completion files instead of static ones
– Add fish shell completions
– Switch to systemd sysusers
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> – 2.5.2-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Tue Jan 24 2023 Carl George <carl@george.computer> – 2.5.2-3
– Rebuild for CVE-2022-41717 in golang
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> – 2.5.2-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Configuration Manager. Authentication is required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability.
