Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
Monthly Archives: January 2024
DSA-5605-1 thunderbird – security update
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
DSA-5606-1 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, phishing, clickjacking, privilege escalation, HSTS bypass or
bypass of content security policies.
GLSA 202401-27: Ruby: Multiple vulnerabilities
GLSA 202401-28: GOCR: Multiple Vulnerabilities
GLSA 202401-29: sudo: Memory Manipulation
firefox-flatpak-122.0-1
FEDORA-FLATPAK-2024-95e1b2c636
Packages in this update:
firefox-flatpak-122.0-1
Update description:
Firefox 122.0 release.
Malicious npm Packages Used to Target GitHub Developer SSH Keys
ReversingLabs noted a 1300% surge in harmful open-source packages between 2020 and 2023
Hackers Target Atlassian Confluence With RCE Exploits
Shadowserver reported over 39,000 exploitation attempts from 600 unique IP addresses, mainly Russian
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.