An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more
Archive for July, 2022
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
ceph 16.2.10 GA Security fix for CVE-2022-0670
Multiple security fixes.
Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks: CVE-2021-33655
Several security issues were fixed in protobuf-c.
MariaDB has announced a significant change in its release schedule. Prior to this change, the major version release was once per year with 5 years of support. As per the announcement however, releases will now be quarterly with just one year of support. This change coincides with the intention of the organization to launch an enterprise server exclusively for its subscribers, and is expected to potentially impact overall use of the community version of …
The post Changes In MariaDB’s Release Schedule first appeared on cPanel Blog.
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.
Several security issues were fixed in ImageMagick.
It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code or escalate privileges. For the oldstable distribution (buster), this problem has been fixed
We appreciate your patience as we’ve worked to update and optimize the translations that we offer within the product. We previously spoke about this in this blog post. As stated therein, we are working hard to bring you the best translations possible. Presently, and to help us focus on our new translations, we currently support English, Spanish, German, and Russian. In the future, we plan to add support for additional languages …
The post Our Supported Translations Update first appeared on cPanel Blog.
Thinking of contributing to WordPress? Josepha Haden Chomphosy guides you through the five stages of contribution on the latest episode of the WP Briefing podcast!
PHP could be made to crash or run programs if it processed specially crafted data.
Apply proposed patch for CVE-2022-28506.
Simon Josefsson discovered an out-of-bounds memory read in GNU SASL, an implementation of the Simple Authentication and Security Layer framework, which could result in denial of service.
Linux disk/nic frontends data leaks [XSA-403, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742] (#2104747) —- update to xen-4.15.3 x86: MMIO Stale Data vulnerabilities (not applied in 4.15.2-5) —- x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166] —- x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362] x86 pv:
**Changelog** “` * Thu Jul 07 2022 Clemens Lang
Security fix for CVE-2022-31116 and CVE-2022-31117. ## 5.4.0 **Added** – Add support for arbitrary size integers **Fixed** – CVE-2022-31116: Replace `wchar_t` string decoding implementation with a `uint32_t`-based one; fix handling of surrogates on decoding – CVE-2022-31117: Potential double free of buffer during string decoding – Fix memory leak on encoding errors when the
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in the execution of arbitrary Java bytecode or the bypass of the Java sandbox.
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Two cross-site scripting vulnerabilities were discovered in the Django Rest Framework, a toolkit to build web APIs. For the oldstable distribution (buster), this problem has been fixed
auto bump to v1.2.6
Fix for CVE-2022-34903 (#2103242)
This update fixes many bugs some of which are security relevant.
Security fixes for CVE-2022-2257, CVE-2022-2284, CVE-2022-2285, CVE-2022-2286, CVE-2022-2287, CVE-2022-2288, CVE-2022-2289, CVE-2022-2264, CVE-2022-2304, CVE-2022-2345, CVE-2022-2344, CVE-2022-2343.
This update fixes many bugs some of which are security relevant.
Several security issues were fixed in the Linux kernel.