USN-5948-2: Werkzeug vulnerabilities

Read Time:27 Second

USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the
corresponding updates for Ubuntu 23.04.

Original advisory details:

It was discovered that Werkzeug did not properly handle the parsing of
nameless cookies. A remote attacker could possibly use this issue to
shadow other cookies. (CVE-2023-23934)

It was discovered that Werkzeug could be made to process unlimited number
of multipart form data parts. A remote attacker could possibly use this
issue to cause Werkzeug to consume resources, leading to a denial of
service. (CVE-2023-25577)

CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

Casino Players Using Hidden Cameras for Cheating

Friday Squid Blogging: Squid on Pizza

Scams Based on Fake Google Emails

Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%

The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)

US and Japan Blame North Korea for $308m Crypto Heist

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Spyware Maker NSO Group Liable for WhatsApp User Hacks

USN-5948-2: Werkzeug vulnerabilities

ofono-2.14-1.fc40

icecat-flatpak-115.18.0-2

mupdf-1.24.6-2.fc40

mupdf-1.21.1-6.el9

DSA-5837-1 fastnetmon – security update

DSA-5836-1 xen – security update