Read Time:9 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
Category Archives: Advisories
xen-4.17.2-7.fc38
Read Time:9 Second
FEDORA-2024-0da80aa623
Packages in this update:
xen-4.17.2-7.fc38
Update description:
x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)
xen-4.17.2-7.fc39
Read Time:9 Second
FEDORA-2024-aca9ed1eb1
Packages in this update:
xen-4.17.2-7.fc39
Update description:
x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)
xen-4.18.0-6.fc40
Read Time:9 Second
FEDORA-2024-ee7c81a4d6
Packages in this update:
xen-4.18.0-6.fc40
Update description:
x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)
USN-6644-2: LibTIFF vulnerabilities
Read Time:46 Second
USN-6644-1 fixed vulnerabilities in LibTIFF.
This update provides the corresponding updates for Ubuntu 22.04 LTS.
Original advisory details:
It was discovered that LibTIFF incorrectly handled certain files. If
a user were tricked into opening a specially crafted file, an attacker
could possibly use this issue to cause the application to crash, resulting
in a denial of service. (CVE-2023-52356)
It was discovered that LibTIFF incorrectly handled certain image files
with the tiffcp utility. If a user were tricked into opening a specially
crafted image file, an attacker could possibly use this issue to cause
tiffcp to crash, resulting in a denial of service. (CVE-2023-6228)
It was discovered that LibTIFF incorrectly handled certain files. If
a user were tricked into opening a specially crafted file, an attacker
could possibly use this issue to cause the application to consume
resources, resulting in a denial of service. (CVE-2023-6277)
USN-6664-1: less vulnerability
Read Time:8 Second
It was discovered that less incorrectly handled certain file names.
An attacker could possibly use this issue to cause a crash or execute
arbitrary commands.
golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc38 golang-github-tdewolff-minify-2.20.18-1.fc38 golang-github-tdewolff-parse-2.7.12-1.fc38
Read Time:14 Second
FEDORA-2024-0d4d9925a2
Packages in this update:
golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc38
golang-github-tdewolff-minify-2.20.18-1.fc38
golang-github-tdewolff-parse-2.7.12-1.fc38
Update description:
Update to latest version
Security fix for CVE-2023-39325
golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc39 golang-github-tdewolff-minify-2.20.18-1.fc39 golang-github-tdewolff-parse-2.7.12-1.fc39
Read Time:14 Second
FEDORA-2024-c3e32c5635
Packages in this update:
golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc39
golang-github-tdewolff-minify-2.20.18-1.fc39
golang-github-tdewolff-parse-2.7.12-1.fc39
Update description:
Update to latest version
Security fix for CVE-2023-39325
USN-6663-1: OpenSSL update
Read Time:9 Second
As a security improvement, this update prevents OpenSSL
from returning an error when detecting wrong padding
in PKCS#1 v1.5 RSA, to prevent its use in possible
Bleichenbacher timing attacks.
USN-6305-2: PHP vulnerabilities
Read Time:26 Second
USN-6305-1 fixed several vulnerabilities in PHP. This update provides
the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that PHP incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2023-3823)
It was discovered that PHP incorrectly handled certain PHAR files.
An attacker could possibly use this issue to cause a crash,
expose sensitive information or execute arbitrary code.
(CVE-2023-3824)