vitich.kiev.ua was registered on Dec 15, 1999

Linux

USN-5845-2: OpenSSL vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 22:06
USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215)
Categories: Linux, Security

Ubuntu 5846-1: X.Org X Server vulnerability

LinuxSecurity - Tue, 07/02/2023 - 21:23
X.Org X Server could be made to crash or run programs as the administrator if it received specially crafted input.
Categories: Linux, Security

Ubuntu 5845-1: OpenSSL vulnerabilities

LinuxSecurity - Tue, 07/02/2023 - 21:23
Several security issues were fixed in OpenSSL.
Categories: Linux, Security

Ubuntu 5844-1: OpenSSL vulnerabilities

LinuxSecurity - Tue, 07/02/2023 - 21:22
Several security issues were fixed in OpenSSL.
Categories: Linux, Security

USN-5847-1: Grunt vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 20:56
It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-7729) It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2022-0436) It was discovered that there was a race condition in the Grunt file copy function, which could lead to an arbitrary file write. An attacker could possibly use this issue to perform a local privilege escalation attack or to execute arbitrary code. (CVE-2022-1537)
Categories: Linux, Security

USN-5846-1: X.Org X Server vulnerability

UbuntuSecurity - Tue, 07/02/2023 - 19:32
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.
Categories: Linux, Security

USN-5845-1: OpenSSL vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 19:24
David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215)
Categories: Linux, Security

USN-5844-1: OpenSSL vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 19:20
David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate verification. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203) Hubert Kario discovered that OpenSSL had a timing based side channel in the OpenSSL RSA Decryption implementation. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2022-4304) Dawei Wang discovered that OpenSSL incorrectly handled parsing certain PEM data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2022-4450) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215) Marc Schönefeld discovered that OpenSSL incorrectly handled malformed PKCS7 data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0216) Kurt Roeckx discovered that OpenSSL incorrectly handled validating certain DSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0217) Hubert Kario and Dmitry Belyavsky discovered that OpenSSL incorrectly validated certain signatures. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0401)
Categories: Linux, Security

02/07 openssl 3.0.8

Останні версії ПЗ - Tue, 07/02/2023 - 19:12
OpenSSL: a library for providing encrypted transport layers
Categories: Linux

Ubuntu 5810-3: Git vulnerabilities

LinuxSecurity - Tue, 07/02/2023 - 18:45
Several security issues were fixed in Git.
Categories: Linux, Security

USN-5810-3: Git vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 18:07
USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903)
Categories: Linux, Security

Oracle8: ELSA-2023-0606: thunderbird Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 17:59
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Debian: DSA-5342-1: xorg-server security update

LinuxSecurity - Tue, 07/02/2023 - 17:48
Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.
Categories: Linux, Security

RedHat: RHSA-2023-0565:01 Important: OpenShift Container Platform 4.11.26

LinuxSecurity - Tue, 07/02/2023 - 17:25
Red Hat OpenShift Container Platform release 4.11.26 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

SciLinux: SLSA-2023-0600-1 Important: thunderbird on SL7.x x86_64

LinuxSecurity - Tue, 07/02/2023 - 17:03
This update upgrades Thunderbird to version 102.7.1. * Mozilla: Revocation status of S/Mime signature certificates was not checked (CVE-2023-0430) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 thunderbird-102.7.1-2.el7_9.x86_64.rpm thunderbird-debuginfo-102.7.1-2.el7_9.x86 [More...]
Categories: Linux, Security

Oracle9: ELSA-2023-0611: git security Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle9: ELSA-2023-0608: thunderbird Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle8: ELSA-2023-0610: git security Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle7: ELSA-2023-0600: thunderbird Important (aarch64) Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Pages