vitich.kiev.ua was registered on Dec 15, 1999

Security

USN-5845-2: OpenSSL vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 22:06
USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215)
Categories: Linux, Security

USN-5847-1: Grunt vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 20:56
It was discovered that Grunt was not properly loading YAML files before parsing them. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-7729) It was discovered that Grunt was not properly handling symbolic links when performing file copy operations. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. (CVE-2022-0436) It was discovered that there was a race condition in the Grunt file copy function, which could lead to an arbitrary file write. An attacker could possibly use this issue to perform a local privilege escalation attack or to execute arbitrary code. (CVE-2022-1537)
Categories: Linux, Security

USN-5846-1: X.Org X Server vulnerability

UbuntuSecurity - Tue, 07/02/2023 - 19:32
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.
Categories: Linux, Security

USN-5845-1: OpenSSL vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 19:24
David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215)
Categories: Linux, Security

USN-5844-1: OpenSSL vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 19:20
David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service. (CVE-2023-0286) Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate verification. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203) Hubert Kario discovered that OpenSSL had a timing based side channel in the OpenSSL RSA Decryption implementation. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2022-4304) Dawei Wang discovered that OpenSSL incorrectly handled parsing certain PEM data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2022-4450) Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly handled streaming ASN.1 data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0215) Marc Schönefeld discovered that OpenSSL incorrectly handled malformed PKCS7 data. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0216) Kurt Roeckx discovered that OpenSSL incorrectly handled validating certain DSA public keys. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0217) Hubert Kario and Dmitry Belyavsky discovered that OpenSSL incorrectly validated certain signatures. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0401)
Categories: Linux, Security

Ubuntu 5810-3: Git vulnerabilities

LinuxSecurity - Tue, 07/02/2023 - 18:45
Several security issues were fixed in Git.
Categories: Linux, Security

USN-5810-3: Git vulnerabilities

UbuntuSecurity - Tue, 07/02/2023 - 18:07
USN-5810-1 fixed several vulnerabilities in Git. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903)
Categories: Linux, Security

Oracle8: ELSA-2023-0606: thunderbird Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 17:59
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Debian: DSA-5342-1: xorg-server security update

LinuxSecurity - Tue, 07/02/2023 - 17:48
Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.
Categories: Linux, Security

RedHat: RHSA-2023-0565:01 Important: OpenShift Container Platform 4.11.26

LinuxSecurity - Tue, 07/02/2023 - 17:25
Red Hat OpenShift Container Platform release 4.11.26 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

SciLinux: SLSA-2023-0600-1 Important: thunderbird on SL7.x x86_64

LinuxSecurity - Tue, 07/02/2023 - 17:03
This update upgrades Thunderbird to version 102.7.1. * Mozilla: Revocation status of S/Mime signature certificates was not checked (CVE-2023-0430) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 thunderbird-102.7.1-2.el7_9.x86_64.rpm thunderbird-debuginfo-102.7.1-2.el7_9.x86 [More...]
Categories: Linux, Security

Oracle9: ELSA-2023-0611: git security Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle9: ELSA-2023-0608: thunderbird Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle8: ELSA-2023-0610: git security Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle7: ELSA-2023-0600: thunderbird Important (aarch64) Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

Oracle7: ELSA-2023-0600: thunderbird Important Security Update

LinuxSecurity - Tue, 07/02/2023 - 16:25
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Categories: Linux, Security

RedHat: RHSA-2023-0566:01 Moderate: OpenShift Container Platform 4.11.26

LinuxSecurity - Tue, 07/02/2023 - 11:25
Red Hat OpenShift Container Platform release 4.11.26 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Categories: Linux, Security

SUSE: 2023:291-1 bci/python Security Update

LinuxSecurity - Tue, 07/02/2023 - 10:11
The container bci/python was updated. The following patches have been included in this update:
Categories: Linux, Security

SUSE: 2023:283-1 suse/sle15 Security Update

LinuxSecurity - Tue, 07/02/2023 - 10:04
The container suse/sle15 was updated. The following patches have been included in this update:
Categories: Linux, Security

Debian LTS: DLA-3310-1: xorg-server security update

LinuxSecurity - Tue, 07/02/2023 - 09:27
Jan-Niklas Sohn, working with Trend Micro Zero Day Initiative, discovered a vulnerability in the X.Org X server. A potential use after free mighty result in local privilege escalation if
Categories: Linux, Security

Pages