Ubuntu Security Notice 4622-2 - USN-4622-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that OpenLDAP incorrectly handled certain network packets. A remote attacker could use this issue to cause OpenLDAP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
d420329a2e9b3171873d541b809a4af3Ubuntu Security Notice 4630-1 - Hanno Boeck discovered that Raptor incorrectly handled certain memory operations. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code.
fac6aed0d119d65246e14c49596e33d7Ubuntu Security Notice 4629-1 - Michael Chapman discovered that MoinMoin incorrectly handled certain cache actions. An attacker could possibly use this issue to execute arbitrary code. Catarina Leite discovered that MoinMoin incorrectly handled certain SVG files. An attacker could possibly use this issue to execute arbitrary code.
21e4e64c20e4a3fd946601540d00436bRed Hat Security Advisory 2020-5086-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.
247b6393a653a918a5800b4ee4e00b08Red Hat Security Advisory 2020-5083-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Issues addressed include an information leakage vulnerability.
007e7e8c3c5c4c8f53c66d82c5c0bd85Red Hat Security Advisory 2020-5084-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 6.
8c40fdf62ca8cd2432174683e6fc0f70Red Hat Security Advisory 2020-5085-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.
1a98fe86c8824d6579bcab98c8c5b28dUbuntu Security Notice 4628-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker could possibly use this to expose sensitive information. Ezra Caltum, Joseph Nuzman, Nir Shildan and Ofir Joseff discovered that some Intel Processors did not properly remove sensitive information before storage or transfer in some situations. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
d5b28c9aff5b23a7f8ad7249a7633849Gentoo Linux Security Advisory 202011-14 - A vulnerability has been discovered in MariaDB which could result in the arbitrary execution of code. Versions less than 10.5.6 are affected.
e5a90e5c8f3106457c6def3bb08a0605Gentoo Linux Security Advisory 202011-13 - Multiple vulnerabilities have been found in Salt, the worst of which could result in the arbitrary execution of code. Versions less than 3000.5 are affected.
4b25fb52b67e844ca8e3939b03e9586dGentoo Linux Security Advisory 202011-12 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 86.0.4240.193 are affected.
cc4d3131beadbe96ac714f0bcc55aee0Gentoo Linux Security Advisory 202011-11 - A privilege escalation vulnerability has been discovered in Blueman. Versions less than 2.1.4 are affected.
88fca303233f88a46c6d79f2b42b72d6Gentoo Linux Security Advisory 202011-10 - A buffer overflow in tmux might allow remote attacker(s) to execute arbitrary code. Versions less than 3.1c are affected.
ee250d62f4dcb03826e96c97380d6875Gentoo Linux Security Advisory 202011-9 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 5.1.0-r1 are affected.
f222cb40a91121486af43b166261e3beGentoo Linux Security Advisory 202011-8 - Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition. Versions less than 3.4.0 are affected.
d6d26a2f9319036c533eae38d3e0e692Gentoo Linux Security Advisory 202011-7 - A use-after-free in Mozilla Firefox might allow remote attacker(s) to execute arbitrary code. Versions less than 82.0.3 are affected.
f7df7cdc3edb97cbd8db4c097b55a3efUbuntu Security Notice 4627-1 - Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information.
68280722e12e55bac74350f6bcd8f78aUbuntu Security Notice 4626-1 - Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information or gain administrative privileges. Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
826290928fcd6e76f591d4feea48dd2fRed Hat Security Advisory 2020-5079-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.
c7dae196b49762d1673903f3871ed1e4Ubuntu Security Notice 4625-1 - A use-after-free was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to execute arbitrary code.
9ce2e1d9656cdc58bfb93548e5536c86Red Hat Security Advisory 2020-5054-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
3665bf80fb80e17580d7ed2a669f1e07Red Hat Security Advisory 2020-5056-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
40bf1e4803c1827dc705ed0538142fbdRed Hat Security Advisory 2020-5055-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
39fead1e54f0fec7b34134ca5cd89ee4Ubuntu Security Notice 4624-1 - It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause unexpected behaviours, or execute arbitrary code.
7a05bea2012947c33ca0fa3a8095b12dRed Hat Security Advisory 2020-5010-01 - Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Issues addressed include a denial of service vulnerability.
e953addcfd874b13f34ef55c38b1ca22
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed