Category Archives: Advisories

tcpreplay-4.4.2-1.el9

Read Time:42 Second

FEDORA-EPEL-2022-e8156314ff

Packages in this update:

tcpreplay-4.4.2-1.el9

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

tcpreplay-4.4.2-1.fc37

Read Time:41 Second

FEDORA-2022-d31a521866

Packages in this update:

tcpreplay-4.4.2-1.fc37

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

tcpreplay-4.4.2-1.el7

Read Time:42 Second

FEDORA-EPEL-2022-cf9b662b60

Packages in this update:

tcpreplay-4.4.2-1.el7

Update description:

This is Tcpreplay suite 4.4.2

This release contains bug fixes only. What’s changed:

Bug #716 heap-buffer-overflow in get_l2len_protocol() by @fklassen in #738
Bug #721 fixed typo in tcpliveplay.c by @jonathan-dev in #721
Bug #717 avoid assertion in get_layer4_v6 by @fklassen in #739
Bug #718 improved heap-overflow protection by @fklassen in #740
Bug #719 better overflow protection in parse_mpls by @fklassen in #741
Bug #725 FORCE_ALIGN on arm by @fklassen in #742
Bug #729 tcpreplay_edit: disallow both -K and -l options by @fklassen in #743
Bug #735 heap-overflow in get_l2len_protocol by @fklassen in #744
Bug #745 remove autogen.sh from distribution tarballs by @fklassen in #747

Read More

CVE-2021-20260

Read Time:13 Second

A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Read More

CVE-2021-3414

Read Time:12 Second

A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations are also granted. The highest threat from this vulnerability is to data confidentiality.

Read More

CVE-2021-3427

Read Time:16 Second

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it’s interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user’s browser session.

Read More

CVE-2021-3563

Read Time:13 Second

A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.

Read More