APPLE-SA-09-16-2024-1 iOS 18 and iPadOS 18
Posted by Apple Product Security via Fulldisclosure on Sep 16 APPLE-SA-09-16-2024-1 iOS 18 and iPadOS 18 iOS 18 and iPadOS 18 addresses the following issues....
DSA-5771-1 php-twig – security update
Fabien Potencier discovered that under some conditions the sandbox mechanism of Twig, a template engine for PHP, could by bypassed. https://security-tracker.debian.org/tracker/DSA-5771-1 Read More
DSA-5770-1 expat – security update
Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary...
DSA-5772-1 libreoffice – security update
Yufan You discovered that Libreoffice's handling of documents based on ZIP archives was suspectible to spoofing attacks when the repair mode attempts to address a...
USN-7015-1: Python vulnerabilities
It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to...
USN-7014-1: nginx vulnerability
It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote...
USN-7013-1: Dovecot vulnerabilities
It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to...
USN-7012-1: curl vulnerability
Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations. Read More
USN-7011-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in...
USN-6560-3: OpenSSH vulnerability
USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that OpenSSH incorrectly...