Red Hat Security Advisory 2022-1103-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
cd3da72f66a9d3620802f57598d3a1225d845ad596f9cc707e08f89d7fbccd8c
Red Hat Security Advisory 2022-1108-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.12.1 serves as an update to Red Hat Process Automation Manager 7.12.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, information leakage, and traversal vulnerabilities.
7c40dcdbc8c75f8be5ae4c4bf3f34c84f7661a55778b77830347d8a875b6c93e
Ubuntu Security Notice 5313-2 - USN-5313-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression in OpenJDK 11 that could impact interoperability with some popular HTTP/2 servers making it unable to connect to said servers. This update fixes the problem.
1911934539c51bd6df28232883917c98374d9f5b205fb3970482d87c13567eef
Red Hat Security Advisory 2022-1021-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.26. Issues addressed include bypass and denial of service vulnerabilities.
9643b6c8c59dc1959b8e0bc08b83042bd3461d4a3cb4eeaeb911e54bccefe6f6
Red Hat Security Advisory 2022-1091-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
547e0428253fe19394e4d502af2ba7da74aa3bbac454474bed040a5c67725505
Ubuntu Security Notice 5353-1 - It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
406d29aa368301ce542b4f6f12fd32301120acf9aa904fef9458e3370d29fa8d
Red Hat Security Advisory 2022-1083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include an information leakage vulnerability.
9442197180deeb5f25977efd08ace4909b97f3f5729b4b0b9f276d27f078ba23
Ubuntu Security Notice 5352-1 - It was discovered that Libtasn1 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
951cffd9e25ddf1ad22523ce2eefb8c889a1391d77e042330c60a977076e47a5
Ubuntu Security Notice 5351-1 - Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys.
5ebff46b7927019366c4c26262bfda5d50351737a0a1eb80ff2a875a4907b62d
When the filter_var function is used in conjunction with the flags FILTER_VALIDATE_DOMAIN and FILTER_FLAG_HOSTNAME, there is a vulnerability in PHP that allows the filter to be bypassed. A patch has been included by the researcher as the PHP security team seems to have ignored this concern.
adddea024dbdd005a547c113193969e21a6c422c65e5611f207efd46bf8ae635
Message System version 1.0 suffers from a remote shell upload vulnerability.
8170a03bb95176827a82f89c1b133b2b0b7a218409494453ee6b43400a78b8a6
Message System version 1.0 suffers from a local file inclusion vulnerability.
d75e21e8a6211018162bbb7942d070f7c8405b2ef826d1256c7f25275857c3f6
Fingerprint Attendance version 1.0 allows for an arbitrary password reset of any user.
349d72455afa61c19576dd3b35d2b351fb9e9242b3dc49747aede103705ebd0b
Fingerprint Attendance version 1.0 suffers from a remote shell upload vulnerability.
452eb3ee24c8a991d97de78ec5746488245a9a38b450e35ee82a4b76c1b19e8f
Fingerprint Attendance version 1.0 suffers from a remote SQL injection vulnerability.
ea4634340bfbd35d88bc8b15ecde35139882faa21acf2cecdd186022fc7b480e
Sports Complex Booking System version 1.0 suffers from a local file inclusion vulnerability.
c37a2040e63761f072da506d3c0fb1c63067a2b28d02b4a6291592e84d8a1f0c
Debian Linux Security Advisory 5085-2 - The update for expat released as DSA 5085-1 introduced regressions for applications using URI characters (':' in particular) for a namespace separator (while the HTML API docs of function XML_ParserCreateNS have been advising against their use). Updated expat packages are now available which relax the fix for CVE-2022-25236 with regard to RFC 3986 URI characters.
d518bc8536e0ddf3fe6cfe3ace97c1a0386a4b855e7af45f346007135b20089d
Debian Linux Security Advisory 5088-1 - Brief introduction
dee4f00088252d6d121b41c7d234c8f930905a04f6badedea9f5687f59bcc44f
Debian Linux Security Advisory 5089-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
80fd42e30a2a360173b0c33b13bd03451c01ce066a8f77350aaf7909db8af665
Debian Linux Security Advisory 5090-1 - Two security issues have been found in the Mozilla Firefox web browser, which result in the execution of arbitrary code.
d8d2d7425e1b040e61e41ab3863893c2a0895769dbb7c36e395f9d423caa0525
Debian Linux Security Advisory 5091-1 - Felix Wilhelm discovered that the containerd container runtime was susceptible to information disclosure via malformed container images.
e63a6746ffb3a0ebb5b67732d4e19941b8a93c8206828f44778f919a2ccbf65d
Debian Linux Security Advisory 5092-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
f552af15f42a43d3bd0ed3cf4abd129ea2e3af33a492249e58c49290a8e65d87
Debian Linux Security Advisory 5093-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code.
690d288b2f014e89a760c6985b3732a832e9c702b81c05ffd8ea9a3833f63264
Debian Linux Security Advisory 5094-1 - Two security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
26aa5f5512f60f1821a87127469a08e66fd1148d2cf05de9f41b605530f3bf2e
Debian Linux Security Advisory 5095-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
271e4b7d1b99d28febed5f00c4b01bf76715f4001e068e7da511f20bacd0d4ff