INFOSEC – USERSPACE.ORG :

[Linux Security]

OS: Ubuntu

Ubuntu 24.10 and 24.04 LTS USN-7503-1: python-h11 info leak issue

python-h11 could be made to expose sensitive information over the network.

Ubuntu 18.04 LTS USN-7501-2: Django denial of service issue

Django could be made to crash if it received specially crafted network traffic.

Ubuntu 25.04 LTS: USN-7501-1 critical: Django denial of service

Django could be made to crash if it received specially crafted network traffic.

Ubuntu 18.04 LTS: USN-7502-1 critical: Horde Css Parser remote execution

Horde Css Parser could be made to crash or run programs as your login if it opened a specially crafted file.

OS: Slackware

Slackware 15.0: 2025-127-01 critical: mariadb security fix

New mariadb packages are available for Slackware 15.0 and -current to fix security issues.

Slackware 15.0: 2025-119-02 critical: mozilla-thunderbird security fix

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

Slackware 15.0: 2025-119-01 critical: mozilla-firefox security improvements

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues.

Slackware: 2025-109-01: critical: zsh code execution threat

New zsh packages are available for Slackware 15.0 to fix a security issue.

OS: Scientific

Scientific Linux 7 SLSA-2023:6885 Critical: Python TLS Handshake Bypass

python: TLS handshake bypass (CVE-2023-40217) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6885 SL7 srpm python-0:2.7.5-94.el7_9.src x86_64 python-0:2.7.5-94.el7_9.x86_64 i386 python-libs-0:2.7.5-94.el7_9.i686 - Scientific Linux Development Team

SciLinux: SLSA-2023:6886 Critical: Plexus-Archiver File Creation Risk

plexus-archiver: Arbitrary File Creation in AbstractUnArchiver (CVE-2023-37460) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6886 SL7 srpm plexus-archiver-0:2.4.2-6.el7_9.src noarch plexus-archiver-0:2.4.2-6.el7_9.noarch - Scientific Linux Development Team

Scientific Linux 7 Advisory SLSA-2023:5691 Critical DoS in BIND

bind: stack exhaustion in control channel code may lead to DoS (CVE-2023-3341) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:5691 SL7 srpm bind-32:9.11.4-26.P2.el7_9.15.src i386 bind-export-libs-32:9.11.4-26.P2.el7_9.15.i686 x86_64 bind-export-libs-32:9.11.4-26.P2.el7_9.15.x86_64 noarch bind-license-32:9.11.4-26.P2.el7_9.15.noarch - Scie [More...]

Scientific Linux SLSA-2023:5615 Moderate Security Issue in libssh2

libssh2: use-of-uninitialized-value in _libssh2_transport_read (CVE-2020-22218) --- This content is derived from https://sso.redhat.com/auth/realms/redhat-external/protocol/saml?SAMLRequest=fZJBT8MwDIX%2FSm85ZWk7yrZonVQxIU0ChDbgwAVlqccipUmJXTb49aQbg3Hh6jy%2F79nOFFVjW1l1tHVLeOsAKakQIZDx7so77BoIKwjvRsPj8qZkW6IWpRBKa0AcBKi3igbaN6L2O2e9qlH0nmJjnLLmE1hSEQWz7giOfsa9fhsuXA37kmUsmUdu1PfQXwSiP%2FdXMaMIoGyD4ljmsCcIESPa4Mlrbw9olizmJXvJ9WgMWmV8qMcTfpGNUq7WxZCvVTEe5dmoUJebKEXsYhAk5ahkeZoXPL3g6eQhHcqikGn2zJInCHhIlg9Sluwb61D2oJJ1wUmv0KB0qgGUpOWqur2RUSjVaY3nLe3%2FPac52Gzaq%2BUhXZh1zmwM1PxnxVNx%2Fjw9HvEu2i3m994a%2FZFU1vrdVVwXQckodPEO1z40iv4P0FdMzTcHqWz7wZHAEROzI%2FPvX5l9AQ%3D%3D&RelayState=https%3A%2F%2Faccess.redhat.com%2Ferrata%2FRHSA-2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=BrJPc%2FvdbvszAnFEmxMHTWhWO5IJXnU8CNik001PBsM04yezeCS%2B0pETxgMIupFPsrxTbmD1oepOHhERcPL4Byk1qKkm6TtFvfXm74lB8Pui6rdjg%2B8IwVmrenuF4Ph3LD4ZnDeuNW3YO4dDbN5Q4%2F89FIjEkeGKeLLar10vtkiy8GweKEe8cuja3717pxNrVTOi8ckfBHwomdUD8Xw1IE6M1qHI4u6pOMtxqpKQPu%2FZzsAgrME854P7NQqtGaZRI3eqZlBRVyG2FYrR7KFC6QtA%2FdVCYBxBWG4JdxZhXmbM%2Fc%2Bn%2B04WEKPpbhH12qa7URkjktnYMsJNcVF7rtYtn1D6gCyPnuXrwe7qcV0MgnrfuqmW4FoGsGrjhFdp7Eebe40wh78VaLxxAxO9hR%2BrYRDgNjvtewICpUbzYQUm6jzVk3i%2FYjt5Pmr9HesI1zvaI80Jmpgud1snf1z7VWoIqnAXwIZyLlo%2BxyFZs4qDUBgFr9tqrgbnGjBgTzdyJTItq7yFMVJDCt6dy5LjnMgKSMd%2BjjsoDBjssytWMM4ulzlyQHtn4IdVgCe4q4jgLQrHXf4ZucbUIA6q%2Fxgg7favSO%2FZaivTQq%2BoaQQKJ1NXxPiMXw6j354mdaEtz8jK549xaCEZi2OiF3l8Qrzc%2B7JikRXQ8wlX1gh8SbiNHfo6ZcE%3D 023:5615 SL7 srpm libssh2-0:1.8.0-4.el7_9.1.src i386 libssh2-0:1.8.0-4.el7_9.1.i686 x86_64 libssh2-0:1.8.0-4.el7_9.1.x86_64 noarch libssh2-docs-0:1.8.0- 4.el7_9.1.noarch - Scientific Linux Development Team

OS: Debian LTS

Debian Bullseye: DLA-4157-1 Moderate: Request Tracker Info Disclosure

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system, which could result in information disclosure, cross-site scripting and use of weak encryption for S/MIME emails.

Debian 11: DLA-4156-1 critical: openssh DisableForwarding security issue

Tim Rice discovered that the DisableForwarding directive was documented as disabling X11 and agent forwarding but it failed to do so. For Debian 11 bullseye, this problem has been fixed in version

Debian 11: DLA-4155-1 High: libapache2-mod-auth-openidc DoS

A vulnerability has been fixed in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality.

Debian LTS 11 DLA-4154-1: Critical MariaDB Crash Issues

MariaDB a popular database engine was affected by two vulnerabilties. CVE-2023-52969

OS: Mageia

Mageia 9: MGASA-2025-0151: Critical Thunderbird Updates

Process isolation bypass using "javascript:" URI links in cross-origin frames. (CVE-2025-4083) Unsafe attribute access during XPath parsing. (CVE-2025-4087) Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. (CVE-2025-4091)

Mageia 9: 2025-0150 critical: firefox javascript sandbox escape

A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape, CVE-2025-4083. A vulnerability was identified in Firefox where XPath parsing could

Mageia 9: 2025-0149 critical: libpam hashed password leak

libpam vulnerable to leaking hashed passwords. (CVE-2024-10041) References: - https://bugs.mageia.org/show_bug.cgi?id=34219 - https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S3CBZDTRIQZKAUHHWFBJKJ7PYA7BPARL/

Mageia 9: 2025-0148 Critical Fix for GraphicsMagick Buffer Issue

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. (CVE-2025-32460) References:

OS: Suse

SUSE: 2025:1511-1 moderate: apparmor CVE-2024-10041 threat update

* bsc#1241678 Cross-References: * CVE-2024-10041

SUSE: 2025:1512-1 moderate security patch for apparmor issues

* bsc#1241678 Cross-References: * CVE-2024-10041

SUSE OpenSSL-3 Security Update: 2025:1516-1 Moderate Denial of Service Fix

* bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365

SUSE: 2025:0613-2 moderate: Timing attack in openssl-1_1

* bsc#1236136 * bsc#1236771 Cross-References: * CVE-2024-13176

OS: Redhat

Red Hat: RHSA-2023-5538-01 Important: libvpx Heap Overflow and Crash

An update for libvpx is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Red Hat Enterprise Linux 8.2 RHSA-2023-5527 Important: Bind DoS Risk

An update for bind is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Enterprise Linux 8.2 RHSA-2023-5534-01 Important: libvpx Issues

An update for libvpx is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Important Advisory RHSA-2023-5539-01 for libvpx Crash and Heap Overflow

An update for libvpx is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

OS: CentOS

CentOS 7 CESA-2024-1498 Moderate Advisory: Thunderbird Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:1498

CentOS 7 CESA-2024-1486 Critical: Firefox Security Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:1486

CentOS 7 CESA-2024-1249 Important: Kernel Critical Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:1249

CentOS 7 CESA-2024-0957 Critical Thunderbird Security Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:0957

OS: Gentoo

Gentoo: GLSA-202504-02 critical: Zip Archive buffer overflow detected

A vulnerability has been discovered in XZ Utils, which could lead to denial of service.

Gentoo: GLSA 202502-01 Warning: OpenSSH Security Flaws, Access Risk

Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.

Gentoo PHP Security Advisory GLSA-202501-11 High: Code Execution Risk

Multiple vulnerabilities have been discovered in PHP, the worst of which could lead to arbitrary code execution.

Gentoo: GLSA-202501-10 High: Mozilla Firefox Arbitrary Code Exec

Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.

Exploit-DB.com

[webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)

[webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)

[webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)

[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

OS: Debian

Debian DSA-5917-1: Critical DoS in libapache2-mod-auth-openidc

A vulnerability has been discovered in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality:

Debian: DSA-5916-1 severe: chromium remote code execution risk

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

Debian: DSA-5915-1 critical: vips buffer overflow Denial of Service

A heap-based buffer overflow vulnerability was discovered in vips, an fast image processing library designed with efficiency in mind, which may result in denial of service (application crash) if a specially crafted TIFF image file is processed.

Debian Bookworm DSA-5914-1 critical: chromium DoS and code exec risk

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

OS: Arch

ArchLinux: 202503-1: exim: privilege escalation

The package exim before version 4.98.2-1 is vulnerable to privilege escalation.

Arch Linux: 202501-1 Critical: rsync Multiple Issues Advisory

The package rsync before version 3.4.0-1 is vulnerable to multiple issues including arbitrary code execution, arbitrary file upload, information disclosure and privilege escalation.

Arch Linux: ASA-202410-1: oath-toolkit high severity privilege escalation

The package oath-toolkit before version 2.6.12-1 is vulnerable to privilege escalation.

Arch Linux: 202407-1 High: OpenSSH Authentication Bypass Issue

The package openssh before version 9.8p1-1 is vulnerable to authentication bypass.