Apport could be used to escalate privilege on specially configured systems.
Archive for April 13th, 2023
Applications using Flask-CORS could be made to expose sensitive information.
Ghostscript could be made to crash or run programs as your login if it received a specially crafted input.
It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this flaw to cause an information leak.
David Marchard discovered that Open vSwitch, a software-based Ethernet virtual switch, is suspectible to denial of service via malformed IP packets.
A security issue weas fixed in thenify.
An update for openvswitch3.1 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for openvswitch3.1 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for openvswitch2.17 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for openvswitch2.17 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Smarty could be made to crash or run programs if it received a specially crafted template.
Several security issues were fixed in Thunderbird.
Update to 102.10.0 ; https://www.mozilla.org/en- US/security/advisories/mfsa2023-15/ ; https://www.thunderbird.net/en- US/thunderbird/102.10.0/releasenotes/
– New upstream update (112.0)