It was discovered that SQLite incorrectly handled certain protection
mechanisms when using a CLI script with the –safe option, contrary to
expectations. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-46908)

It was discovered that SQLite incorrectly handled certain memory operations
in the sessions extension. A remote attacker could possibly use this issue
to cause SQLite to crash, resulting in a denial of service. (CVE-2023-7104)

Advisories

USN-6565-1: OpenSSH vulnerabilities

January 3, 2024

Read Time:33 Second

It was discovered that OpenSSH incorrectly handled supplemental groups when
running helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand as a different user. An attacker could possibly
use this issue to escalate privileges. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-41617)

It was discovered that OpenSSH incorrectly added destination constraints
when PKCS#11 token keys were added to ssh-agent, contrary to expectations.
This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-51384)

It was discovered that OpenSSH incorrectly handled user names or host names
with shell metacharacters. An attacker could possibly use this issue to
perform OS command injection. (CVE-2023-51385)

Advisories

exim-4.97.1-1.fc38

January 3, 2024

Read Time:6 Second

FEDORA-2024-e0841c83bb

Packages in this update:

exim-4.97.1-1.fc38

Update description:

Security fix for CVE-2023-51766.

Advisories

exim-4.97.1-1.fc39

January 3, 2024

Read Time:6 Second

FEDORA-2024-1ef6197a49

Packages in this update:

exim-4.97.1-1.fc39

Update description:

=Security fix for CVE-2023-51766.

Advisories

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

January 3, 2024

Read Time:27 Second

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

News

Over 100 European Banks Face Cyber Resilience Test

January 3, 2024

Read Time:7 Second

The European Central Bank (ECB) will undertake a stress test on 109 European banks’ cyber-attack response capabilities after IT risk management shortfalls identified

Cyber Security News

Yearly Archives: 2024

espeak-ng-1.51.1-6.fc39

FEDORA-2024-5661c87b25

Packages in this update:

Update description:

exim-4.97.1-1.el8

FEDORA-EPEL-2024-9bc09085c7

Packages in this update:

Update description:

exim-4.97.1-1.el7

FEDORA-EPEL-2024-8eb8988cb8

Packages in this update:

Update description:

exim-4.97.1-1.el9

FEDORA-EPEL-2024-54a5c04d0c

Packages in this update:

Update description:

USN-6566-1: SQLite vulnerabilities

USN-6565-1: OpenSSH vulnerabilities

exim-4.97.1-1.fc38

FEDORA-2024-e0841c83bb

Packages in this update:

Update description:

exim-4.97.1-1.fc39

FEDORA-2024-1ef6197a49

Packages in this update:

Update description:

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Over 100 European Banks Face Cyber Resilience Test

News, Advisories and much more