Category Archives: Advisories

openvpn-2.5.6-1.fc34

Read Time:18 Second

FEDORA-2022-7d46acce7c

Packages in this update:

openvpn-2.5.6-1.fc34

Update description:

This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.

NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.

Read More

openvpn-2.5.6-1.fc36

Read Time:18 Second

FEDORA-2022-cb4c1146dc

Packages in this update:

openvpn-2.5.6-1.fc36

Update description:

This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.

NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.

Read More

USN-5331-1: tcpdump vulnerabilities

Read Time:17 Second

It was discovered that tcpdump incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2018-16301)

It was discovered that tcpdump incorrectly handled certain captured data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8037)

Read More

Post Title

Read Time:31 Second

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.

Read More

CVE-2020-36519

Read Time:14 Second

Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.)

Read More