Red Hat Security Advisory 2022-4930-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Issues addressed include a HTTP request smuggling vulnerability.
256d7d730e436d272a26e847294a772d62a4b31ae61933881d4dc5e1f36ebe9dRed Hat Security Advisory 2022-4924-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
babd3ebc2a8b7287f09962e7e66593d8aa7f2bf82e3320c57e7b67071c1f3727Ubuntu Security Notice 5463-1 - It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. Roman Fiedler discovered that NTFS-3G incorrectly handled certain return codes. A local attacker could possibly use this issue to intercept protocol traffic between FUSE and the kernel.
4d148171efede88e748de7cd3b3a79ab2fc64b62b7ceb59bf5a5473185daa9f8Ubuntu Security Notice 5462-2 - USN-5462-1 fixed several vulnerabilities in Ruby. This update provides the corresponding CVE-2022-28739 update for ruby2.3 on Ubuntu 16.04 ESM. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
b47ace4598aa16889d8fd13a61ab6776251e8e1f05e571cdb335797d23e1ec0cRed Hat Security Advisory 2022-4919-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include HTTP request smuggling, code execution, denial of service, memory leak, and traversal vulnerabilities.
bf1afc73c8ba9c4a4c22d13d1cf262785aff0e2266900d5107732077a9be4c4cRed Hat Security Advisory 2022-4918-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include HTTP request smuggling, code execution, denial of service, memory leak, and traversal vulnerabilities.
8f6215dbc6e2ca60403953e5fff933cecb7aae3db0e8684fc171f45b5bcbc430Red Hat Security Advisory 2022-4922-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.4 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.5 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include HTTP request smuggling, code execution, denial of service, memory leak, and traversal vulnerabilities.
7662acf836b5f242e6276a07b00c0aa87639c1a35f4ad678bade67af019843c5Ubuntu Security Notice 5462-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
93396c53d1b014d262f3aed6dacbfc8d58faaea61e4dae6cbadc94a05bec397aUbuntu Security Notice 5461-1 - It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. It was discovered that FreeRDP incorrectly handled server configurations with an invalid SAM file path. A remote attacker could use this issue to bypass server authentication.
1d0fe0613b35cc1b905808b45f71bafa367f62e1a5115148c9a99c5ea7cc94c8Ubuntu Security Notice 5460-1 - It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs with spaces or spaces with tabs, which could cause a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
b8f2244664433fce0a0b514e45737c4c9a7b3540bab47163fb5325853a62ca5fRed Hat Security Advisory 2022-4914-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.
b43f0c89fd3414efa475d6ec07c2e68d3f66f12f846e7070d1966227905eca9dRed Hat Security Advisory 2022-4915-01 - PostgreSQL is an advanced object-relational database management system.
da10d33ae9ab76b4cc74c4d3a81cfa7948b1d187fe82fbc6316cd849f2b6be19Red Hat Security Advisory 2022-4913-01 - PostgreSQL is an advanced object-relational database management system.
84e0920c55ee4159c03535d6369c2e18f99d67e3b2865dea3143bf316fd42261Red Hat Security Advisory 2022-4893-01 - PostgreSQL is an advanced object-relational database management system.
2fa0fa498326d77ec62422685f9b04739bc32663bce0fbb3f0868144992075ecRed Hat Security Advisory 2022-4899-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. compat-openssl11 provides the legacy 1.1 version of OpenSSL for use with older binaries.
7d380a741e47c29c3992e529a1c11772c840b6ea6a122c5f1eaa8c55c79b57e0Red Hat Security Advisory 2022-4895-01 - PostgreSQL is an advanced object-relational database management system.
7bbf31cb5340e61c49d8636789fa5106483201ca66767621578e495f5060498dRed Hat Security Advisory 2022-4887-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.
83b05034de2b2338b376975b5ba003a53cb61d0f9133ebbed4157eca94f4307dRed Hat Security Advisory 2022-4890-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.
cbd69bdf1a066608fbb8a2c567e65935a60888ac09b182be021e3744daab7c7aRed Hat Security Advisory 2022-4892-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.
4ea37a53c20bf404f37b7880cda6fe46c5f65c0e3b6c5fade778ad40569baacdRed Hat Security Advisory 2022-4896-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow, out of bounds write, and use-after-free vulnerabilities.
3df1bd94283b4f8f828a1326c59af6e3f0bf7a7aa1e643f1d76923d175ca596fRed Hat Security Advisory 2022-4894-01 - PostgreSQL is an advanced object-relational database management system.
8b6185b6d3a0207f73122d84395f1836cba693ed3666dc8382a5ddff972039a3Red Hat Security Advisory 2022-4888-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Issues addressed include a buffer overflow vulnerability.
b3d2c633c86f3ae3591ffda5fb0edd5502b96d56c5ae75eb8445322c31e56d8fRed Hat Security Advisory 2022-1166-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.47.
4781d3645cbc8e39080e6ba70a5d46eed3154b00cf45a72aa851d87243f58b8dUbuntu Security Notice 5459-1 - Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that cifs-utils incorrectly used host credentials when mounting a krb5 CIFS file system from within a container. An attacker inside a container could possibly use this issue to obtain access to sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
2742ad8c53c8d4078d2663f3a6a291fda0c5b7a8aaddb41246e402f6bb7d11f1Red Hat Security Advisory 2022-4582-01 - The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times.
84877d2a5f679446f55a9c0af90d0f47f7abb9166f85ecf7068eae932494ffd2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed