Red Hat Security Advisory 2022-7087-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
fca50b816352284283719223772465fc844e46a838bb499c5771780fa7f2b2d4Red Hat Security Advisory 2022-7108-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Issues addressed include a null pointer vulnerability.
f3f780f06187a411b3e4210730f379ea1591d4f182e7e175fee1bf77eda04458Red Hat Security Advisory 2022-7111-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include an information leakage vulnerability.
820828b786b8169a369883b9ca17ad091636370e4113b40cca406c30a5afa23bRed Hat Security Advisory 2022-7137-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
99689913c1a06522ad3f0dc49aebbf27b850cc44a8e6389964f838fa78fec401Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.
7e26c2475110ff7340d7988275fa609b265fd44e6f52933eac803e2512ab54abRed Hat Security Advisory 2022-7129-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Issues addressed include a denial of service vulnerability.
271ab07056668c5b709d9b3ecb43837a541fcd7a85c6db2ee4599a1910871f51Red Hat Security Advisory 2022-7146-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
8e7c5822c5699a4b37665a2fcbb99d8600774481ba94be9394f41389d31d9995Red Hat Security Advisory 2022-7089-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
106964827c0c930a1b9b7091a6e43f428c01254b1f0b80258fbf4d8491615871Red Hat Security Advisory 2022-7090-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
6e3e0fcfb56e0e3ded9ed56daccbe1f5ed533fb8fd434b9a7e2be29cee374c74Ubuntu Security Notice 5227-3 - USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code.
a6fab17d3bb3fe4daa99440220954cc7377bd994f44acb7e03af694b527800f5Ubuntu Security Notice 5696-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
b39e7c8482f2a0bb81953364570c9bed10ae72e4a2980e9d5de62426066533b9Red Hat Security Advisory 2022-7086-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
948a192d953c8aecee2d6d8876565efe259dd2a95e31ea43237fc6f2628c9015Red Hat Security Advisory 2022-7088-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
858fe1a0626f566fb6334529ea78b89fa6807df1ed6740cf1481cd67daf15bbaDebian Linux Security Advisory 5260-1 - Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, used exec() on input passed to the server component.
8d7af12785c3d0a89415518ecb456a32bb0666b172393a6eaaa1cb90b13d69d5Backdoor.Win32.Psychward.10 malware suffers from an unauthenticated remote command execution vulnerability.
50c8d45b439f940960ae1c8f607103a266bf0e358d5a088cf19752880f976bdfRed Hat Security Advisory 2022-7077-01 - Updated CVE security packages are now available for Red Hat Certificate System 9.7.
deb0ecc95b22487376a970df9720990c59ed4f4999353b017efc609b30d2e8b3MutableSecurity is a Linux CLI program for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring. It supports multiple solutions (teler as web IDS, Fail2ban as host IPS, Let's Encrypt for generating SSL certificates, and ClamAV as antimalware), password-based and key-based SSH authentication, and parallel deployment to multiple remote hosts.
d3847e2b262ecf876f62497edbddf483e0a440a5a45baaabc6a3e5663502e780Email-Worm.Win32.Kipis.c malware suffers from a remote file write vulnerability that allows for remote code execution.
a928474123c62826be6937b0f16cc3bd810a092305c80c11b1dba87312f0d8beDebian Linux Security Advisory 5257-2 - The security update announced as DSA 5257-1 caused regressions on certain systems using the amdgpu driver. Updated packages are now available to correct this issue.
31df1a13a472fb9920be07dd6def1cfe5cc5fa4533aedbce2d08deabd63b4e3cPega Platform versions 8.1.0 through 8.7.3 suffer from a remote code execution vulnerability. If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture.
14f97e39b3b48a9075da1f6e66862a187e036b509ff25bfce33fb66bb645c604Backdoor.Win32.Delf.arh malware suffers from an authentication bypass vulnerability.
e5c413409b33c8c771245af2c651a2554e93871a2544df61fe5e997eedfd885bUbuntu Security Notice 5695-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
24debba98266b5e8e24734da3cfae7e77580075aa9e13660bf0442c6c99a9d63Red Hat Security Advisory 2022-7070-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.
c31f78842179a2b912c6c99758ab50ef1823b80fa6d58f3e9a4e76954466fdecRed Hat Security Advisory 2022-7071-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.
118fe7e57fd18d32fcd735ed5ff8c392b20302166b3324716230c3685335eea0Red Hat Security Advisory 2022-7069-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.
981eae351f1a598ecd87a47e8435249de68b633abb07574f71f9d77fbfb7b321
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed