OS: Suse
The container bci/rust was updated. The following patches have been included in this update: |
The container bci/rust was updated. The following patches have been included in this update: |
The container bci/ruby was updated. The following patches have been included in this update: |
The container bci/python was updated. The following patches have been included in this update: |
OS: Gentoo
Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could result in denial of service. |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. |
Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution. |
CVEMAP.ORG: Vulnerabilities & Exposures
OS: Fedora
* Fix scrollbar jumping to top when drag released outside window in GTK 4. * Fix video rendering when GL is disabled. * Fix flickering on looped videos when starting again. * Fix CPU usage on autoplaying videos. * Choose amount of painting threads depending on available CPU cores on GTK 4. * Fix several crashes and rendering issues. * Fix CVE-2023-28204 and CVE-2023-32373. |
Rebase to upstream version 3.0.9 |
Update to 7.1.1.11 (#2210875) ---- Update to 7.1.1.10 (#2207788) Security fix for CVE-2023-34151 Security fix for CVE-2023-34152 Security fix for CVE-2023-34153 |
* Fix scrollbar jumping to top when drag released outside window in GTK 4. * Fix video rendering when GL is disabled. * Fix flickering on looped videos when starting again. * Fix CPU usage on autoplaying videos. * Choose amount of painting threads depending on available CPU cores on GTK 4. * Fix several crashes and rendering issues. * Fix CVE-2023-28204 and CVE-2023-32373. |
OS: Debian
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2023-0464 |
It was discovered that there was a potential buffer overflow and denial of service vulnerabilty in the gdhcp client implementation of connman, a command-line network manager designed for use on embedded devices. |
Two security issues were discocvered in LibreOffice, which could potentially result in the execution of arbitrary code when loading a malformed spreadsheet document or unacknowlegded loading of linked documents within a floating frame. |
Several vulnerabilities were discovered in libraw, a library for reading RAW files obtained from digital photo cameras, which may result in denial of service or the execution of arbitrary code if specially crafted files are processed. |
OS: Mageia
Use of Out-of-range Pointer Offset in GitHub repository vim/vim. (CVE-2023-2426) References: - https://bugs.mageia.org/show_bug.cgi?id=31954 |
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters |
Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. (CVE-2023-32762) QTextLayout buffer overflow in SVG file rendering. (CVE-2023-32763) |
Possible command injection in the Backend Error Handler (CVE-2023-24805) References: - https://bugs.mageia.org/show_bug.cgi?id=31939 - https://www.openwall.com/lists/oss-security/2023/05/17/5 |
OS: Slackware
New ntp packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. |
New cups packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. |
New openssl packages are available for Slackware 15.0 and -current to fix a security issue. |
New ntfs-3g packages are available for Slackware 14.2 and 15.0 to fix security issues. |
OS: CentOS
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1791 |
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1806 |
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1875 |
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1332 |
NIST Vulnerability Database
OS: Scientific
git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652) * git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and oth [More...] |
This update upgrades Firefox to version 102.11.0 ESR. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...] |
This update upgrades Thunderbird to version 102.11.0. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...] |
apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86 [More...] |
OS: Debian LTS
It was discovered that there was a series of heap overflow and integer overflow vulnerabilities in Sofia-SIP, a building block for creating VoIP/SIP and instant messaging applications. |
An issue has been found in cups, the Common UNIX Printing System. Due to a buffer overflow vulnerability in the function format_log_line() a remote attackers could cause a denial-of-service(DoS). The vulnerability |
The security update of netatalk, the Apple Filing Protocol service, announced as DLA-3426-1 caused a regression when the netatalk server was configured to use the AppleDouble v2 file system format. |
It was discovered that the patch to fix CVE-2023-32700 in texlive-bin, released as DLA-3427-1, was incomplete and caused an error when running the lualatex command. |
Exploit-DB.com
NIST Vulnerability Database
OS: Arch
The package linux-zen before version 6.0.1.zen2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
The package linux-lts before version 5.15.73-3 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
The package linux before version 6.0.1.arch2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
The package linux-hardened before version 5.19.15.hardened2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
OS: Ubuntu
Several security issues were fixed in the Linux kernel. |
Several security issues were fixed in the Linux kernel. |
Several security issues were fixed in the Linux kernel. |
Several security issues were fixed in the Linux kernel. |
OS: Rocky
Important: libwebp security update |
nvme-cli bug fix and enhancement update |
Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update |
tomcat bug fix and enhancement update |
OS: Redhat
Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. |
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, |
Red Hat OpenShift Container Platform release 4.13.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. |
Red Hat OpenShift Container Platform release 4.11.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. |
OS: OpenSuse
An update that fixes 16 vulnerabilities is now available. |
An update that fixes 43 vulnerabilities is now available. |
An update that fixes one vulnerability is now available. |
An update that fixes four vulnerabilities is now available. |