[SYSS-2024-020]: C-MOR Video Surveillance – Reflected Cross-Site Scripting (CWE-79)

Read Time:18 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-020
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Reflected Cross-Site Scripting (CWE-79)
Risk Level: Medium
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure:…

Read More

Certified Asterisk Security Release certified-20.7-cert3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Certified Asterisk 20.7-cert3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-20.7-cert3
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-20.7-cert3

## Change Log for Release asterisk-certified-20.7-cert3

###…

Read More

Certified Asterisk Security Release certified-18.9-cert12

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Certified Asterisk 18.9-cert12.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert12
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-18.9-cert12

## Change Log for Release asterisk-certified-18.9-cert12

###…

Read More

Asterisk Security Release 21.4.3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Asterisk 21.4.3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.4.3
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 21.4.3

## Change Log for Release asterisk-21.4.3

### Links:

– [Full ChangeLog](…

Read More

Asterisk Security Release 20.9.3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Asterisk 20.9.3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.9.3
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.9.3

## Change Log for Release asterisk-20.9.3

### Links:

– [Full ChangeLog](…

Read More

Asterisk Security Release 18.24.3

Read Time:22 Second

Posted by Asterisk Development Team via Fulldisclosure on Sep 05

The Asterisk Development Team would like to announce security release
Asterisk 18.24.3.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.24.3
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 18.24.3

## Change Log for Release asterisk-18.24.3

### Links:

– [Full ChangeLog](…

Read More

clamav-1.0.7-1.fc39

Read Time:25 Second

FEDORA-2024-05d7ee197e

Packages in this update:

clamav-1.0.7-1.fc39

Update description:

Update to 1.0.7

CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with existing access to the ‘clamd’ or ‘freshclam’ services from using a symlink to corrupt system files.
CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file parser that could cause a denial-of-service (DoS) condition.

Read More