Read Time:9 Second
FEDORA-2022-a88218de5c
Packages in this update:
dhcp-4.4.3-2.fc35
Update description:
Security fix for CVE-2021-25220
New version 4.4.3
Add keama migration utility
Category Archives: Advisories
dhcp-4.4.3-2.fc36
Read Time:9 Second
FEDORA-2022-3f293290c3
Packages in this update:
dhcp-4.4.3-2.fc36
Update description:
Security fix for CVE-2021-25220
New version 4.4.3
Add keama migration utility
USN-5378-3: XZ Utils vulnerability
Read Time:18 Second
USN-5378-2 fixed a vulnerability in XZ Utils. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Cleemy Desu Wayo discovered that Gzip incorrectly handled certain
filenames. If a user or automated system were tricked into performing zgrep
operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
golang-x-crypto-0-0.43.20220412git7b82a4e.fc34
Read Time:7 Second
FEDORA-2022-d37fb34309
Packages in this update:
golang-x-crypto-0-0.43.20220412git7b82a4e.fc34
Update description:
Update for CVE-2022-27191
golang-x-crypto-0-0.43.20220412git7b82a4e.fc36
Read Time:7 Second
FEDORA-2022-14712f9699
Packages in this update:
golang-x-crypto-0-0.43.20220412git7b82a4e.fc36
Update description:
Update for CVE-2022-27191
golang-x-crypto-0-0.43.20220412git7b82a4e.fc35
Read Time:7 Second
FEDORA-2022-a4c9009f3e
Packages in this update:
golang-x-crypto-0-0.43.20220412git7b82a4e.fc35
Update description:
Update for CVE-2022-27191
CVE-2020-29653
Read Time:11 Second
Froxlor through 0.10.22 does not perform validation on user input passed in the customermail GET parameter. The value of this parameter is reflected in the login webpage, allowing the injection of arbitrary HTML tags.
USN-5378-2: XZ Utils vulnerability
Read Time:10 Second
Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain
filenames. If a user or automated system were tricked into performing
xzgrep operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
USN-5378-1: Gzip vulnerability
Read Time:10 Second
Cleemy Desu Wayo discovered that Gzip incorrectly handled certain
filenames. If a user or automated system were tricked into performing zgrep
operations with specially crafted filenames, a remote attacker could
overwrite arbitrary files.
Post Title
Read Time:20 Second
Multiple vulnerabilities have been discovered in Citrix SD-WAN. Citrix SD-WAN is a software defined Wide Area Network (WAN) which can allow for easier management of multiple networks. The most severe of these vulnerabilities contains hard-coded credentials. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.