Category: Advisories

Posted by Artur Janicki via Fulldisclosure on Mar 27 [APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 13th International Workshop on Cyber Crime (IWCC 2024 - https://www.ares-conference.eu/iwcc/)...

Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue...

USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was...

FEDORA-EPEL-2024-e2cad98fb0 Packages in this update: tinyxml-2.6.2-28.el9 Update description: Security fixes for CVE-2021-42260, CVE-2023-34194 and its duplicate CVE-2023-40462. Fix incorrect text element encoding (upstream isssue #51)....

FEDORA-EPEL-2024-0ced8d6066 Packages in this update: tinyxml-2.6.2-28.el8 Update description: Security fixes for CVE-2021-42260, CVE-2023-34194 and its duplicate CVE-2023-40462. Fix incorrect text element encoding (upstream isssue #51)....

FEDORA-2024-c266dab9e9 Packages in this update: unbound-1.19.1-4.fc40 Update description: CVE-2024-1931 - Fix trim of EDE text from large udp responses from spinning cpu. Read More

FEDORA-EPEL-2024-15cde9f00b Packages in this update: chromium-123.0.6312.58-1.el7 Update description: Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds...

FEDORA-EPEL-2024-24aceec24b Packages in this update: chromium-123.0.6312.58-1.el9 Update description: Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds...

FEDORA-EPEL-2024-fc233c6d2e Packages in this update: chromium-123.0.6312.58-1.el8 Update description: Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds...

Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to...