Ubuntu Security Notice 4065-1 - It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. Various other issues were also addressed.
a8539b3cc79beff6e700e8c2b6380ce9def258a5a3fd8be174cc49a7546e02ba
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
af92729c781d870110885c31ebcbe4c4224ed51bb580d00c896fe9746994211c
On Microsoft Windows, the RPCSS Activation Kernel RPC server's security callback can be bypassed resulting in elevation of privilege.
8798d39be121b1ca424688b64bf7499391b79aa9b2b31c8a56654a285be15b2e
WordPress OneSignal plugin version 1.17.5 suffers from a persistent cross site scripting vulnerability.
69a55dcdfade112b867c9d8499936d3cc7985c0d6bba0fdf4cc1683089ebf87f
Ubuntu Security Notice 4064-1 - A sandbox escape was discovered in Thunderbird. If a user were tricked in to installing a malicious language pack, an attacker could exploit this to gain additional privileges. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same origin restrictions, conduct cross-site scripting attacks, spoof origin attributes, or execute arbitrary code. Various other issues were also addressed.
d8bb2d36469cca9788e2761790b4d38cd8c92d475841dd30ce09db715d30ac1e