USN-5845-2: OpenSSL vulnerabilities

Read Time:32 Second

USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)

Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)

Squid Fishing in Japan

Deepfake Ukrainian diplomat targeted US senator on Zoom call

Governments Urge Improved Security and Resilience for Undersea Cables

Ireland’s DPC Hits Meta with €91 Million Penalty for GDPR Violation

US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime

NIST Recommends Some Common-Sense Password Rules

Man Arrested Over UK Railway Station Wi-Fi Hack

Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud

USN-5845-2: OpenSSL vulnerabilities

GLSA 202409-26: IcedTea: Multiple Vulnerabilities

WP Engine Reprieve

aws-2020-12.1.fc39

aws-2020-16.1.fc40

Ivanti Virtual Traffic Manager (vTM ) Authentication Bypass Vulnerability (CVE-2024-7593)

ZDI-24-1310: Lenovo Service Bridge Command Injection Remote Code Execution Vulnerability