Post Content
Category Archives: Advisories
USN-5615-3: SQLite vulnerability
USN-5615-1 fixed several vulnerabilities in SQLite. This update provides
the corresponding fix for CVE-2020-35525 for Ubuntu 14.04 LTS.
Original advisory details:
It was discovered that SQLite incorrectly handled INTERSEC query
processing. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-35525)
It was discovered that SQLite incorrectly handled ALTER TABLE for views
that have a nested FROM clause. An attacker could use this issue to cause
SQLite to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS.
(CVE-2020-35527)
It was discovered that SQLite incorrectly handled embedded null characters
when tokenizing certain unicode strings. This issue could result in
incorrect results. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-20223)
cups-2.4.10-1.fc39
FEDORA-2024-7c36291390
Packages in this update:
cups-2.4.10-1.fc39
Update description:
Rebase to 2.4.10, security fix for CVE-2024-35235
ghostscript-10.02.1-5.fc39
FEDORA-2024-c45c747f02
Packages in this update:
ghostscript-10.02.1-5.fc39
Update description:
Security fixes for CVE-2024-33870, CVE-2024-29510
Fix for issues in gating
Security fix for CVE-2024-33871
cups-2.4.10-1.fc40
FEDORA-2024-a3d1f80409
Packages in this update:
cups-2.4.10-1.fc40
Update description:
Rebase to 2.4.10, security fix for CVE-2024-35235
ghostscript-10.02.1-10.fc40
FEDORA-2024-f433c5c4da
Packages in this update:
ghostscript-10.02.1-10.fc40
Update description:
Security fixes for CVE-2024-33870, CVE-2024-29510
USN-6857-1: Squid vulnerabilities
Joshua Rogers discovered that Squid incorrectly handled requests with the
urn: scheme. A remote attacker could possibly use this issue to cause
Squid to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS. (CVE-2021-28651)
It was discovered that Squid incorrectly handled SSPI and SMB
authentication. A remote attacker could use this issue to cause Squid to
crash, resulting in a denial of service, or possibly obtain sensitive
information. This issue only affected Ubuntu 16.04 LTS. (CVE-2022-41318)
Joshua Rogers discovered that Squid incorrectly handled HTTP message
processing. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-49285)
Joshua Rogers discovered that Squid incorrectly handled Helper process
management. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-49286)
Joshua Rogers discovered that Squid incorrectly handled HTTP request
parsing. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service.
(CVE-2023-50269, CVE-2024-25617)
USN-6852-2: Wget vulnerability
USN-6852-1 fixed a vulnerability in Wget. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that Wget incorrectly handled semicolons in the userinfo
subcomponent of a URI. A remote attacker could possibly trick a user into
connecting to a different host than expected.
USN-6856-1: FontForge vulnerabilities
It was discovered that FontForge incorrectly handled filenames. If a user or an
automated system were tricked into opening a specially crafted input file, a
remote attacker could possibly use this issue to perform a command injection.
(CVE-2024-25081)
It was discovered that FontForge incorrectly handled archives and compressed
files. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to perform
command injection. (CVE-2024-25082)
Polyfill.io Supply Chain Attack
What is the attack?Over 100,000+ sites have been impacted by a supply chain attack involving the Polyfill.io service. Polyfill is a popular tool used for enhancing browser capabilities by hundreds of thousands of sites to ensure that all website visitors can use the same codebase for unsupported functionality. Earlier this year, the polyfill.io domain was purchased, and the script was modified to redirect users to malicious and scam sites.What is the recommended Mitigation?Given the confirmed malicious operations, owners of websites using polyfill.io are advised to remove it immediately and search their code repositories for instances of polyfill.io. Users are also advised to consider using alternate services provided by Cloudflare and Fastly.What FortiGuard Coverage is available?FortiGuard Labs’ research team is investigating the coverage and has blocked all the known Indicators of compromise (IoCs).