Read Time:9 Second
FEDORA-2022-ed44881ff7
Packages in this update:
ImageMagick-6.9.12.62-1.fc35
Update description:
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
Category Archives: Advisories
ImageMagick-6.9.12.62-1.fc36
Read Time:9 Second
FEDORA-2022-776925f086
Packages in this update:
ImageMagick-6.9.12.62-1.fc36
Update description:
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
ImageMagick-6.9.12.62-1.fc37
Read Time:9 Second
FEDORA-2022-c3a50ebb66
Packages in this update:
ImageMagick-6.9.12.62-1.fc37
Update description:
Update ImageMagick to 6.9.12.62 (#2121962)
Fixes CVE-2021-3574 (#2124540, #2124541, #2124542)
pcs-0.11.3-4.fc38
Read Time:14 Second
FEDORA-2022-23f40e879d
Packages in this update:
pcs-0.11.3-4.fc38
Update description:
Automatic update for pcs-0.11.3-4.fc38.
Changelog
* Wed Sep 7 2022 Miroslav Lisik <mlisik@redhat.com> – 0.11.3-4
– Fixed ruby socket permissions
– Resolves: rhbz#2123389
golang-1.18.6-1.fc36
Read Time:8 Second
FEDORA-2022-67ec8c61d0
Packages in this update:
golang-1.18.6-1.fc36
Update description:
Includes fixes for CVE-2022-27664 and CVE-2022-32190
golang-1.19.1-1.fc37
Read Time:8 Second
FEDORA-2022-45097317b4
Packages in this update:
golang-1.19.1-1.fc37
Update description:
Includes fixes for CVE-2022-27664 and CVE-2022-32190
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.21.0: Patch SC-202209.1
Read Time:32 Second
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.19.0 to 5.21.0: Patch SC-202209.1
Arnie Cabral
Wed, 09/07/2022 – 10:46
Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (moment.js) was found to contain vulnerabilities, and updated versions have been made available by the providers.
Out of caution, and in line with best practice, Tenable has upgraded the bundled components to address the potential impact of these issues. Tenable.sc Patch SC-202209.1 updates moment.js to version 2.29.4 to address the identified vulnerabilities.
Dropping security updates for WordPress versions 3.7 through 4.0
Read Time:45 Second
As of December 1, 2022 the WordPress Security Team will no longer provide security updates for WordPress versions 3.7 through 4.0.
These versions of WordPress were first released eight or more years ago so the vast majority of WordPress installations run a more recent version of WordPress. The chances this will affect your site, or sites, is very small.
If you are unsure if you are running an up-to-date version of WordPress, please log in to your site’s dashboard. Out of date versions of WordPress will display a notice that looks like this:
In WordPress versions 3.8 – 4.0, the version you are running is displayed in the bottom of the “At a Glance” section of the dashboard. In WordPress 3.7 this section is titled “Right Now”.
The Make WordPress Security blog has further details about the process to end support.
CVE-2021-36782
Read Time:16 Second
A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7.
CVE-2021-36783
Read Time:18 Second
A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE Rancher Rancher versions prior to 2.6.4; Rancher versions prior to 2.5.13.