Category Archives: Advisories

USN-5355-2: zlib vulnerability

Read Time:19 Second

USN-5355-1 fixed a vulnerability in zlib. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Danilo Ramos discovered that zlib incorrectly handled memory when
performing certain deflating operations. An attacker could use this issue
to cause zlib to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Read More

chromium-99.0.4844.84-1.el7

Read Time:13 Second

FEDORA-EPEL-2022-b3413eba96

Packages in this update:

chromium-99.0.4844.84-1.el7

Update description:

Minor update for CVE-2022-1096.

Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.

Read More

chromium-99.0.4844.84-1.el8

Read Time:13 Second

FEDORA-EPEL-2022-5b50dd1ab7

Packages in this update:

chromium-99.0.4844.84-1.el8

Update description:

Minor update for CVE-2022-1096.

Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.

Read More

chromium-99.0.4844.84-1.fc35

Read Time:12 Second

FEDORA-2022-e960d7e1b6

Packages in this update:

chromium-99.0.4844.84-1.fc35

Update description:

Minor update for CVE-2022-1096.

Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.

Read More

chromium-99.0.4844.84-1.fc34

Read Time:12 Second

FEDORA-2022-ba2c5339d4

Packages in this update:

chromium-99.0.4844.84-1.fc34

Update description:

Minor update for CVE-2022-1096.

Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.

Read More

chromium-99.0.4844.84-1.fc36

Read Time:12 Second

FEDORA-2022-8b0d8fb7da

Packages in this update:

chromium-99.0.4844.84-1.fc36

Update description:

Minor update for CVE-2022-1096.

Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.

Read More

CVE-2021-1000

Read Time:13 Second

In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185190688

Read More

CVE-2021-1033

Read Time:13 Second

In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185247656

Read More

USN-5356-1: DOSBox vulnerabilities

Read Time:16 Second

Alexandre Bartel discovered that DOSBox incorrectly handled
long lines in certain files. An attacker could possibly use
this issue to execute arbitrary code. (CVE-2019-7165)

Alexandre Bartel discovered that DOSBox incorrectly performed
access control over certain directories. An attacker could
possibly use this issue to execute arbitrary code.
(CVE-2019-12594)

Read More