Read Time:9 Second
FEDORA-FLATPAK-2023-92c2b96978
Packages in this update:
firefox-stable-3820230515105518.1
Update description:
Update to 113.0.1
Update to 113.0
Update to 112.0.2
Category Archives: Advisories
edk2-20230301gitf80f052277c8-26.fc37
Read Time:9 Second
FEDORA-2023-ca393d660a
Packages in this update:
edk2-20230301gitf80f052277c8-26.fc37
Update description:
include latest dbx update (may 9th, black lotus edition).
drop ASSERT from NestedInterruptTplLib (rhbz#2183336).
USN-6060-3: MySQL regression
Read Time:44 Second
USN-6060-1 fixed vulnerabilities in MySQL. The new upstream 8.0.33 version
introduced a regression on the armhf architecture. This update fixes the
problem.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.33 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
Ubuntu 22.10, and Ubuntu 23.04. Ubuntu 18.04 LTS has been updated to MySQL
5.7.42.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-42.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html
https://www.oracle.com/security-alerts/cpuapr2023.html
edk2-20230301gitf80f052277c8-26.fc38
Read Time:7 Second
FEDORA-2023-ec64a06fe2
Packages in this update:
edk2-20230301gitf80f052277c8-26.fc38
Update description:
include latest dbx update (may 9th, black lotus edition).
osslsigncode-2.5-3.el8
Read Time:6 Second
FEDORA-EPEL-2023-29e8ff9273
Packages in this update:
osslsigncode-2.5-3.el8
Update description:
Update to latest version
USN-6075-1: Thunderbird vulnerabilities
Read Time:29 Second
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-32205, CVE-2023-32207,
CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215)
Irvan Kurniawan discovered that Thunderbird did not properly manage memory
when using RLBox Expat driver. An attacker could potentially exploits this
issue to cause a denial of service. (CVE-2023-32206)
libssh-0.10.5-1.fc37
Read Time:8 Second
FEDORA-2023-5fa5ca2043
Packages in this update:
libssh-0.10.5-1.fc37
Update description:
Update to 0.10.5 (CVE-2023-1667 CVE-2023-2283)
ZDI-23-633: D-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
ZDI-23-632: D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
ZDI-23-631: D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.