Category Archives: Advisories

Advisories

p7zip-16.02-31.fc41

Read Time:7 Second

FEDORA-2024-6ecf5236ae

Packages in this update:

p7zip-16.02-31.fc41

Update description:

Fix wrapper to hide password from process history

Read More

Advisories

USN-7055-1: FreeRADIUS vulnerability

Read Time:25 Second

Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc
Stevens, and Adam Suhl discovered that FreeRADIUS incorrectly authenticated
certain responses. An attacker able to intercept communications between a
RADIUS client and server could possibly use this issue to forge responses,
bypass authentication, and access network devices and services.

This update introduces new configuration options called “limit_proxy_state”
and “require_message_authenticator” that default to “auto” but should be
set to “yes” once all RADIUS devices have been upgraded on a network.

Read More

Advisories

USN-7053-1: ImageMagick vulnerabilities

Read Time:18 Second

It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or potentially leak sensitive information.
These vulnerabilities included heap and stack-based buffer overflows,
memory leaks, and improper handling of uninitialized values.

Read More

Advisories

USN-7054-1: unzip vulnerability

Read Time:15 Second

It was discovered that unzip did not properly handle unicode strings under
certain circumstances. If a user were tricked into opening a specially
crafted zip file, an attacker could possibly use this issue to cause unzip
to crash, resulting in a denial of service, or possibly execute arbitrary
code.

Read More