Category Archives: Advisories

New upstream snapshot.
Fixes CVE-2021-3826.
Disable deprecated declaration warnings/errors.
Disable nonnull-compare warnings.
Patch “symtab_no_format_overflow” to avoid a false positive format overflow
detection.

Advisories

FreeBSD-EN-22:20.tzdata

August 30, 2022

Read Time:1 Second

Post Content

Advisories

DSA-5222 dpdk – security update

August 30, 2022

Read Time:11 Second

A buffer overflow was discovered in the vhost code of DPDK,
a set of libraries for fast packet processing, which could result
in denial of service or the execution of arbitrary code by malicious
guests/containers.

Advisories

CVE-2020-26938

August 29, 2022

Read Time:22 Second

In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern (“[a-zA-Z][a-zA-Z0-9+.-]+:”) before making a redirection. This allows a malicious client to pass an XSS payload through the redirect_uri parameter while making an authorization request. NOTE: this vulnerability is similar to CVE-2020-7741.

Advisories

CVE-2021-38934

August 29, 2022

Read Time:15 Second

IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 210671.

Advisories