Red Hat Security Advisory 2022-7087-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
fca50b816352284283719223772465fc844e46a838bb499c5771780fa7f2b2d4
Red Hat Security Advisory 2022-7108-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Issues addressed include a null pointer vulnerability.
f3f780f06187a411b3e4210730f379ea1591d4f182e7e175fee1bf77eda04458
Red Hat Security Advisory 2022-7111-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include an information leakage vulnerability.
820828b786b8169a369883b9ca17ad091636370e4113b40cca406c30a5afa23b
Red Hat Security Advisory 2022-7137-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
99689913c1a06522ad3f0dc49aebbf27b850cc44a8e6389964f838fa78fec401
Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.
7e26c2475110ff7340d7988275fa609b265fd44e6f52933eac803e2512ab54ab
Red Hat Security Advisory 2022-7129-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Issues addressed include a denial of service vulnerability.
271ab07056668c5b709d9b3ecb43837a541fcd7a85c6db2ee4599a1910871f51
Red Hat Security Advisory 2022-7146-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
8e7c5822c5699a4b37665a2fcbb99d8600774481ba94be9394f41389d31d9995
Red Hat Security Advisory 2022-7089-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
106964827c0c930a1b9b7091a6e43f428c01254b1f0b80258fbf4d8491615871
Red Hat Security Advisory 2022-7090-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
6e3e0fcfb56e0e3ded9ed56daccbe1f5ed533fb8fd434b9a7e2be29cee374c74
Ubuntu Security Notice 5227-3 - USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code.
a6fab17d3bb3fe4daa99440220954cc7377bd994f44acb7e03af694b527800f5
Ubuntu Security Notice 5696-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
b39e7c8482f2a0bb81953364570c9bed10ae72e4a2980e9d5de62426066533b9
Red Hat Security Advisory 2022-7086-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
948a192d953c8aecee2d6d8876565efe259dd2a95e31ea43237fc6f2628c9015
Red Hat Security Advisory 2022-7088-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
858fe1a0626f566fb6334529ea78b89fa6807df1ed6740cf1481cd67daf15bba
Debian Linux Security Advisory 5260-1 - Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, used exec() on input passed to the server component.
8d7af12785c3d0a89415518ecb456a32bb0666b172393a6eaaa1cb90b13d69d5
Backdoor.Win32.Psychward.10 malware suffers from an unauthenticated remote command execution vulnerability.
50c8d45b439f940960ae1c8f607103a266bf0e358d5a088cf19752880f976bdf
Red Hat Security Advisory 2022-7077-01 - Updated CVE security packages are now available for Red Hat Certificate System 9.7.
deb0ecc95b22487376a970df9720990c59ed4f4999353b017efc609b30d2e8b3
MutableSecurity is a Linux CLI program for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring. It supports multiple solutions (teler as web IDS, Fail2ban as host IPS, Let's Encrypt for generating SSL certificates, and ClamAV as antimalware), password-based and key-based SSH authentication, and parallel deployment to multiple remote hosts.
d3847e2b262ecf876f62497edbddf483e0a440a5a45baaabc6a3e5663502e780
Email-Worm.Win32.Kipis.c malware suffers from a remote file write vulnerability that allows for remote code execution.
a928474123c62826be6937b0f16cc3bd810a092305c80c11b1dba87312f0d8be
Debian Linux Security Advisory 5257-2 - The security update announced as DSA 5257-1 caused regressions on certain systems using the amdgpu driver. Updated packages are now available to correct this issue.
31df1a13a472fb9920be07dd6def1cfe5cc5fa4533aedbce2d08deabd63b4e3c
Pega Platform versions 8.1.0 through 8.7.3 suffer from a remote code execution vulnerability. If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running on PegaCloud due to its design and architecture.
14f97e39b3b48a9075da1f6e66862a187e036b509ff25bfce33fb66bb645c604
Backdoor.Win32.Delf.arh malware suffers from an authentication bypass vulnerability.
e5c413409b33c8c771245af2c651a2554e93871a2544df61fe5e997eedfd885b
Ubuntu Security Notice 5695-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
24debba98266b5e8e24734da3cfae7e77580075aa9e13660bf0442c6c99a9d63
Red Hat Security Advisory 2022-7070-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.
c31f78842179a2b912c6c99758ab50ef1823b80fa6d58f3e9a4e76954466fdec
Red Hat Security Advisory 2022-7071-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.
118fe7e57fd18d32fcd735ed5ff8c392b20302166b3324716230c3685335eea0
Red Hat Security Advisory 2022-7069-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.4.0 ESR. Issues addressed include a denial of service vulnerability.
981eae351f1a598ecd87a47e8435249de68b633abb07574f71f9d77fbfb7b321