Read Time:10 Second
FEDORA-2024-698737a3c5
Packages in this update:
espeak-ng-1.51.1-6.fc38
Update description:
Security fix for CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994.
Daily Archives: January 3, 2024
espeak-ng-1.51.1-6.fc39
Read Time:10 Second
FEDORA-2024-5661c87b25
Packages in this update:
espeak-ng-1.51.1-6.fc39
Update description:
Security fix for CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994.
exim-4.97.1-1.el8
Read Time:7 Second
FEDORA-EPEL-2024-9bc09085c7
Packages in this update:
exim-4.97.1-1.el8
Update description:
Security fix for CVE-2023-51766.
exim-4.97.1-1.el7
Read Time:7 Second
FEDORA-EPEL-2024-8eb8988cb8
Packages in this update:
exim-4.97.1-1.el7
Update description:
Security fix for CVE-2023-51766.
exim-4.97.1-1.el9
Read Time:7 Second
FEDORA-EPEL-2024-54a5c04d0c
Packages in this update:
exim-4.97.1-1.el9
Update description:
Security fix for CVE-2023-51766.
USN-6566-1: SQLite vulnerabilities
Read Time:21 Second
It was discovered that SQLite incorrectly handled certain protection
mechanisms when using a CLI script with the –safe option, contrary to
expectations. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-46908)
It was discovered that SQLite incorrectly handled certain memory operations
in the sessions extension. A remote attacker could possibly use this issue
to cause SQLite to crash, resulting in a denial of service. (CVE-2023-7104)
USN-6565-1: OpenSSH vulnerabilities
Read Time:33 Second
It was discovered that OpenSSH incorrectly handled supplemental groups when
running helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand as a different user. An attacker could possibly
use this issue to escalate privileges. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-41617)
It was discovered that OpenSSH incorrectly added destination constraints
when PKCS#11 token keys were added to ssh-agent, contrary to expectations.
This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-51384)
It was discovered that OpenSSH incorrectly handled user names or host names
with shell metacharacters. An attacker could possibly use this issue to
perform OS command injection. (CVE-2023-51385)
exim-4.97.1-1.fc38
Read Time:6 Second
FEDORA-2024-e0841c83bb
Packages in this update:
exim-4.97.1-1.fc38
Update description:
Security fix for CVE-2023-51766.
exim-4.97.1-1.fc39
Read Time:6 Second
FEDORA-2024-1ef6197a49
Packages in this update:
exim-4.97.1-1.fc39
Update description:
=Security fix for CVE-2023-51766.
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:27 Second
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.