An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Archive for February, 2022
Multiple security issues were discovered in LibreCAD, an application for computer aided design (CAD) which could result in denial of service or the execution of arbitrary code if a malformed CAD file is opened.
cryptsetup could be made to expose sensitive information.
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Security researchers of JFrog Security and Ismail Aydemir discovered two remote code execution vulnerabilities in the H2 Java SQL database engine which can be exploited through various attack vectors, most notably through the H2 Console and by loading custom classes from remote servers through JNDI. The H2 console
This is the December 2021 update for .NET Core 3.1 It updates .NET Core 3.1 to SDK 3.1.416 and Runtime 3.1.22
– Updated to latest upstream (97.0)
cPanel SEO Has Launched
You’ve likely seen our requests for beta testers over the past few months, as well as the mentions in our newsletter – it’s been no secret that a new product was on the way. The day has now come, and we couldn’t be happier to announce that cPanel SEO has arrived! cPanel SEO was designed to not only improve your search engine results, but also the actual content of your website. …
The post cPanel SEO Has Launched first appeared on cPanel Blog.
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Several vulnerabilities have been discovered in Minetest, a sandbox video game and game creation system. These issues may allow attackers to manipulate game mods and grant them an unfair advantage over other players. These flaws could also be abused for a denial of service attack against a Minetest server or if
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed
**Version 2.14.11** (2022-02-04) * Fix a security issue when in a sandbox: the `sort` filter must require a Closure for the `arrow` parameter * Fix deprecation notice on `round` * Fix call to deprecated `convertToHtml` method
**Version 3.3.8** (2022-02-04) * Fix a security issue when in a sandbox: the `sort` filter must require a Closure for the `arrow` parameter * Fix deprecation notice on `round` * Fix call to deprecated `convertToHtml` method
Security update for CVE-2022-23303, CVE-2022-23304 Update to version 2.10, which upstream maintainer advises for these CVEs.
**Version 3.3.8** (2022-02-04) * Fix a security issue when in a sandbox: the `sort` filter must require a Closure for the `arrow` parameter * Fix deprecation notice on `round` * Fix call to deprecated `convertToHtml` method
Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.
Update to 2.4.4, fixes CVE-2022-23990.
Update to 2.34.5: * Improve VP8 codec selection when using GStreamer 1.20. * Fix connecting to the accessibility bus when using the Bubblewrap sandbox. * Fix links being incorrectly activated when starting a pinch zoom gesture. * Fix touch-based scrolling. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-22589, CVE-2022-22590, CVE-2022-22592
Marcel Neumann, Robert Altschaffel, Loris Guba and Dustin Hermann discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
Several vulnerabilities were discovered in Samba, a SMB/CIFS file, print, and login server for Unix. CVE-2021-44142
– Update to upstream 2.1-34. 20220207 – Removal of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f; – Removal of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04) at revision 0xb00000f; – Removal of 06-86-04/0x01 (SNR B0) microcode (in intel-ucode/06-86-05) at revision 0xb00000f; – Removal of 06-86-05/0x01 (SNR B1) microcode at revision
– Updated to latest upstream (97.0)
An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
CVE-2021-4122 Milan Broz, its maintainer, discovered an issue in cryptsetup, the disk encryption configuration tool for Linux.
Speex could be made to denial of service if it received a specially crafted WAV file.
Red Hat OpenShift Container Platform release 4.9.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9.
**Version 2.17.1** Bug * 163: Backport GHSA-jq4p-mq33-w375 to v2 thanks to @Slamdunk
Security fix for: – CVE-2022-0157 – CVE-2022-0196 – CVE-2022-0197 – CVE-2022-0238