vitich.kiev.ua was registered on Dec 15, 1999
LinuxSecurity
Ubuntu 5810-3: Git vulnerabilities
Several security issues were fixed in Git.
Oracle8: ELSA-2023-0606: thunderbird Important Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Debian: DSA-5342-1: xorg-server security update
Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.
RedHat: RHSA-2023-0565:01 Important: OpenShift Container Platform 4.11.26
Red Hat OpenShift Container Platform release 4.11.26 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
SciLinux: SLSA-2023-0600-1 Important: thunderbird on SL7.x x86_64
This update upgrades Thunderbird to version 102.7.1. * Mozilla: Revocation status of S/Mime signature certificates was not checked (CVE-2023-0430) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 thunderbird-102.7.1-2.el7_9.x86_64.rpm thunderbird-debuginfo-102.7.1-2.el7_9.x86 [More...]
Oracle9: ELSA-2023-0611: git security Important Security Update
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle9: ELSA-2023-0608: thunderbird Important Security Update
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle8: ELSA-2023-0610: git security Important Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle7: ELSA-2023-0600: thunderbird Important (aarch64) Security Update
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Oracle7: ELSA-2023-0600: thunderbird Important Security Update
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
RedHat: RHSA-2023-0566:01 Moderate: OpenShift Container Platform 4.11.26
Red Hat OpenShift Container Platform release 4.11.26 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
SUSE: 2023:291-1 bci/python Security Update
The container bci/python was updated. The following patches have been included in this update:
SUSE: 2023:283-1 suse/sle15 Security Update
The container suse/sle15 was updated. The following patches have been included in this update:
Debian LTS: DLA-3310-1: xorg-server security update
Jan-Niklas Sohn, working with Trend Micro Zero Day Initiative, discovered a vulnerability in the X.Org X server. A potential use after free mighty result in local privilege escalation if
Debian LTS: DLA-3309-1: graphite-web security update
It was discovered that there were a number of issues in graphite-web, a tool provide realtime graphing of system statistics etc. A series of cross-site scripting (XSS) vulnerabilties existed that
Mageia 2023-0042: opusfile security update
NULL pointer dereferences in op_get_data() and op_open1() in opusfile.c (CVE-2022-47021) References: - https://bugs.mageia.org/show_bug.cgi?id=31505
Mageia 2023-0041: advancecomp security update
Segmentation fault on invalid MNG size References: - https://bugs.mageia.org/show_bug.cgi?id=31499 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QJTWGZLBNOSKCUFIH7AQANEJPFF7DVDL/
Mageia 2023-0040: sofia-sip security update
Missing message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow (CVE-2023-22741) References: - https://bugs.mageia.org/show_bug.cgi?id=31493
Mageia 2023-0039: dojo security update
Dijit Editor's LinkDialog plugin of dojo 1.14.0 to 1.14.7 is vulnerable to cross-site scripting (XSS) attacks. (CVE-2020-4051) Prototype pollution vulnerability via the setObject() function. (CVE-2021-23450)
Mageia 2023-0038: libtiff security update
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. (CVE-2022-48281) References: