Ubuntu Security Notice 6506-1 - David Shoon discovered that the Apache HTTP Server mod_macro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and Choongin Lee discovered that the Apache HTTP Server incorrectly handled certain HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.04, and Ubuntu 23.10.
8a919d1a4d307c69872670d645ac6969f558a3c26282d75583807e9eb42825c5Ubuntu Security Notice 6473-2 - USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
31f113322b019e54154cd30f2be05b8d4ca103f178cbdd5efa89e9a2ef3e0838Ubuntu Security Notice 6473-1 - It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that urllib3 didn't strip HTTP Cookie header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information.
01c8788f56d352f691cc6e76bb162b2e9e247c8c99c3c08204defa5099ea0fa8Ubuntu Security Notice 6405-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Andrew McCreight discovered that Thunderbird did not properly manage during the worker lifecycle. An attacker could potentially exploit this issue to cause a denial of service.
44c67bfcb9e4c46d4275d5fc652fd93c0720d7118f59ef305583872d548cc192Red Hat Security Advisory 2023-5019-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
72a62d3a736b1547c6675abf9bfe6e227959cc9823b20dd323137dce313579bfRed Hat Security Advisory 2023-4955-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
d766a5b888c0a0439a81cd53551230c1bc5fc79b28638959335c9b984d19588cRed Hat Security Advisory 2023-4946-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
9de02aecfd2125c70e43906f896b14d3996965aaa99b792e05b416b4e9cb4226Red Hat Security Advisory 2023-4956-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
f736964638f901998f40bc1e660dcac115f73b1fe064e5567564a0e768cb2be1Red Hat Security Advisory 2023-4947-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
f70f57ad2e6e99d5ee858c17bd5a6c3ccdd344c55e93cc1c9db51b08e84447a8Red Hat Security Advisory 2023-4948-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
ba08874bf835166036061d27b0345844d97e9e42c7bada53dbe84273697ff1b2Red Hat Security Advisory 2023-4945-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
b0b45caf75ea24fc49299a8def1d7ecacf7cbbce52a4f935919e1d5f865968c8Red Hat Security Advisory 2023-4950-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
d5bc8036d85768e0599b7d7d7d4841d1781330f07f9ea5ea451c2a0f9630b750Red Hat Security Advisory 2023-4952-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
da13143b971df95a4f4a4d8d91db21f814c20eea19c857fdb79cd5545691dd4eRed Hat Security Advisory 2023-4954-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.
8d5b62643ce6a32d3c25ff0a63479c7143d0d576d6c1c12109b7183d66afccfeRed Hat Security Advisory 2023-4951-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
0b9e00e8bfc18ebba1912459ebe8684a87005534e9fb818f8948e87d3d031dd1Red Hat Security Advisory 2023-4957-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
9352923c61c653a1d7b23155a3f7aa5a0125ab0aca11e90d911831e0f9789f74Red Hat Security Advisory 2023-4959-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
37fe07ac7a4e1c319e9776e4c282ba5e48364eca426c7da750ff15f579b87ecbRed Hat Security Advisory 2023-4949-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
6a3ce6c86028f60dcb7e1d8b10e565895ee66e96d132e1201f6ea6cb668eb2c7Red Hat Security Advisory 2023-4958-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.
78de6c4811e3c236c95253e5ad165446f39baca6cb8d708d632636efc00192daUbuntu Security Notice 6320-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory when the "UpdateRegExpStatics" attempted to access "initialStringHeap". An attacker could potentially exploit this issue to cause a denial of service.
2c00e5233a4b95c7e2c687bc947a2caa809fd9c1dbecf3436ec032c47d968974
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed