Update to 102.5.0 ; https://www.mozilla.org/en- US/security/advisories/mfsa2022-49/ ; https://www.thunderbird.net/en- US/thunderbird/102.5.0/releasenotes/ ; https://www.thunderbird.net/en- US/thunderbird/102.4.2/releasenotes/
Archive for November 17th, 2022
Two font-related CVE updates (CVE-2022-2601 and CVE-2022-3775). For more information, see [upstream’s disclosure](https://lists.gnu.org/archive/html/grub-devel/2022-11/msg00059.html) or the patches themselves.
Update to version 4.17.3
Update to 102.5.0 ; https://www.mozilla.org/en- US/security/advisories/mfsa2022-49/ ; https://www.thunderbird.net/en- US/thunderbird/102.5.0/releasenotes/ ; https://www.thunderbird.net/en- US/thunderbird/102.4.2/releasenotes/
Red Hat OpenShift Container Platform release 4.10.41 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Git could be made to crash or run programs as your login if it received specially crafted input.
Multiple security vulnerabilities have been found in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for information disclosure or the execution of arbitrary code.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the stable distribution (bullseye), these problems have been fixed in
Unbound could be made to stop responding if it received specially crafted network traffic.
An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Updated Satellite 6.9 packages that fix several bugs are now available for Red Hat Satellite. 2. Relevant releases/architectures: Red Hat Satellite 6.9 – noarch, x86_64
Expat could be made to crash or execute arbitrary code.
Several security issues were fixed in multipath-tools.
Several flaws were discovered in jackson-databind, a fast and powerful JSON library for Java. CVE-2020-36518
The wordpress package released in DSA-5279-1 had incorrect dependencies that could not be satisfied in Debian stable: this update corrects the problem. For reference, the original advisory text is provided here again: