vitich.kiev.ua was registered on Dec 15, 1999

Linux

Debian LTS: DLA-3217-1: g810-led security update

LinuxSecurity - Sat, 03/12/2022 - 06:43
g810-led, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.
Categories: Linux, Security

Debian LTS: DLA-3216-1: vlc security update

LinuxSecurity - Sat, 03/12/2022 - 06:41
Mitsurugi Heishiro found out that in VLC, multimedia player and streamer, a potential buffer overflow in the vnc module could trigger remote code execution if a malicious vnc URL is deliberately played.
Categories: Linux, Security

Fedora 37: librime 2022-18023b665f

LinuxSecurity - Sat, 03/12/2022 - 04:03
Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.
Categories: Linux, Security

Fedora 37: rr 2022-18023b665f

LinuxSecurity - Sat, 03/12/2022 - 04:03
Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.
Categories: Linux, Security

Fedora 37: fastnetmon 2022-18023b665f

LinuxSecurity - Sat, 03/12/2022 - 04:03
Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.
Categories: Linux, Security

Fedora 36: rr 2022-5d37367673

LinuxSecurity - Sat, 03/12/2022 - 03:44
Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.
Categories: Linux, Security

Fedora 36: fastnetmon 2022-5d37367673

LinuxSecurity - Sat, 03/12/2022 - 03:44
Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.
Categories: Linux, Security

Fedora 36: librime 2022-5d37367673

LinuxSecurity - Sat, 03/12/2022 - 03:44
Update capnproto to version 0.9.2 to address CVE-2022-46149. Dependent packages were rebuilt for both the fix for the security issue and the capnproto SONAME bump.
Categories: Linux, Security

Fedora 36: thunderbird 2022-b83fff8106

LinuxSecurity - Sat, 03/12/2022 - 03:44
Update to 102.5.1 ; https://www.mozilla.org/en- US/security/advisories/mfsa2022-50/ ; https://www.thunderbird.net/en- US/thunderbird/102.5.1/releasenotes/
Categories: Linux, Security

RedHat: RHSA-2022-8765:01 Important: kernel-rt security and bug fix update

LinuxSecurity - Sat, 03/12/2022 - 02:55
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

RedHat: RHSA-2022-8767:01 Important: kernel security and bug fix update

LinuxSecurity - Sat, 03/12/2022 - 02:55
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

RedHat: RHSA-2022-8768:01 Important: kpatch-patch security update

LinuxSecurity - Sat, 03/12/2022 - 02:55
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

12/02 nautilus 43.1

Останні версії ПЗ - Sat, 03/12/2022 - 01:02
Nautilus: a file manager for the GNOME desktop
Categories: Linux

DSA-5293 chromium

DebianSecurity - Sat, 03/12/2022 - 00:00
security update
Categories: Linux, Security

USN-5755-2: Linux kernel vulnerabilities

UbuntuSecurity - Fri, 02/12/2022 - 21:35
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621)
Categories: Linux, Security

USN-5756-2: Linux kernel (GKE) vulnerabilities

UbuntuSecurity - Fri, 02/12/2022 - 21:32
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3564) It was discovered that the ISDN implementation of the Linux kernel contained a use-after-free vulnerability. A privileged user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3565) It was discovered that the TCP implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3566) It was discovered that the IPv6 implementation in the Linux kernel contained a data race condition. An attacker could possibly use this to cause undesired behaviors. (CVE-2022-3567) It was discovered that the Realtek RTL8152 USB Ethernet adapter driver in the Linux kernel did not properly handle certain error conditions. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3594) It was discovered that a null pointer dereference existed in the NILFS2 file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3621)
Categories: Linux, Security

SUSE: 2022:4310-1 important: emacs

LinuxSecurity - Fri, 02/12/2022 - 17:21
An update that fixes one vulnerability is now available.
Categories: Linux, Security

12/02 evolution 3.46.2

Останні версії ПЗ - Fri, 02/12/2022 - 15:40
Evolution: information management software providing mail, address book and calendaring functionality
Categories: Linux

Slackware: 2022-336-01: mozilla-thunderbird Security Update

LinuxSecurity - Fri, 02/12/2022 - 15:03
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue.
Categories: Linux, Security

SUSE: 2022:3296-1 suse/sle-micro/5.2/toolbox Security Update

LinuxSecurity - Fri, 02/12/2022 - 12:44
The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update:
Categories: Linux, Security

Pages