Category Archives: Advisories

ghc-cmark-gfm-0.2.3-1.fc34
ghc-hakyll-4.13.4.0-5.1.fc34
gitit-0.13.0.0-5.1.fc34
pandoc-2.9.2.1-10.fc34
pandoc-citeproc-0.17.0.1-5.fc34
patat-0.8.6.1-1.1.fc34

Update description:

Security fix for CVE-2022-24724

https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
fixed upstream in Haskell cmark-gfm-0.2.3 in bundled cmark-gfm-0.29.0.gfm.3 C library
pandoc-citeproc: update HsYAML-aeson to 0.2.0.1

Advisories

ZDI-22-540: Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability

March 25, 2022

Read Time:12 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-539: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

March 25, 2022

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-541: (0Day) Array Networks MotionPro Buffer Overflow Remote Code Execution Vulnerability

March 25, 2022

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Array Networks MotionPro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

stargz-snapshotter-0.11.3-2.fc36

March 24, 2022

Read Time:7 Second

FEDORA-2022-6c4cb64314

Packages in this update:

stargz-snapshotter-0.11.3-2.fc36

Update description:

Security fix for CVE-2022-21698

Advisories

USN-5321-3: Firefox regressions

March 24, 2022

Read Time:36 Second

USN-5321-1 fixed vulnerabilities in Firefox. The update introduced
several minor regressions. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the browser
UI, bypass security restrictions, obtain sensitive information, or execute
arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382,
CVE-2022-26383, CVE-2022-26384, CVE-2022-26385)

A TOCTOU bug was discovered when verifying addon signatures during
install. A local attacker could potentially exploit this to trick a
user into installing an addon with an invalid signature.
(CVE-2022-26387)

Cyber Security News

Category Archives: Advisories

skopeo-1.7.0-1.fc35

FEDORA-2022-eda0e65b01

Packages in this update:

Update description:

openssl1.1-1.1.1n-1.fc36

FEDORA-2022-8bb51f6901

Packages in this update:

Update description:

openssl1.1-1.1.1n-1.fc37

FEDORA-2022-d6cd1e0cc1

Packages in this update:

Update description:

Changelog

CVE-2018-25032

ghc-cmark-gfm-0.2.3-1.fc34 ghc-hakyll-4.13.4.0-5.1.fc34 gitit-0.13.0.0-5.1.fc34 pandoc-2.9.2.1-10.fc34 pandoc-citeproc-0.17.0.1-5.fc34 patat-0.8.6.1-1.1.fc34

FEDORA-2022-1f981071eb

Packages in this update:

Update description:

ZDI-22-540: Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability

ZDI-22-539: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-22-541: (0Day) Array Networks MotionPro Buffer Overflow Remote Code Execution Vulnerability

stargz-snapshotter-0.11.3-2.fc36

FEDORA-2022-6c4cb64314

Packages in this update:

Update description:

USN-5321-3: Firefox regressions

News, Advisories and much more