Monthly Archives: October 2023

Advisories

grafana-pcp-5.1.1-4.fc38

Read Time:10 Second

FEDORA-2023-00b3e9d551

Packages in this update:

grafana-pcp-5.1.1-4.fc38

Update description:

Move location of plugin from /usr/share/… to /usr/libexec/… because there is a binary executable

Read More

Advisories

USN-6411-1: Exim vulnerabilities

Read Time:34 Second

It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
reads, resulting in information leakage. (CVE-2023-42114)

It was discovered that Exim incorrectly handled validation of user-supplied
data. A remote attacker could possibly use this issue to perform
out-of-bounds writes, resulting in arbitrary code execution. This issue
only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04.
(CVE-2023-42115)

It was discovered that Exim incorrectly handled certain challenge requests.
A remote attacker could possibly use this issue to perform out-of-bounds
writes, resulting in arbitrary code execution. (CVE-2023-42116)

Read More

Advisories

CVE-2022-4132

Read Time:9 Second

A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page).

Read More

Advisories

USN-6401-1: FreeRDP vulnerabilities

Read Time:30 Second

It was discovered that FreeRDP did not properly manage certain inputs. A
malicious server could use this issue to cause FreeRDP clients to crash,
resulting in a denial of service, or possibly obtain sensitive
information. (cve-2023-39350, cve-2023-39351, CVE-2023-39353,
CVE-2023-39354, CVE-2023-40181, CVE-2023-40188, CVE-2023-40589)

It was discovered that FreeRDP did not properly manage certain inputs. A
malicious server could use this issue to cause FreeRDP clients to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(cve-2023-40186 CVE-2023-40567, CVE-2023-40569)

Read More