A heap-based buffer overflow vulnerability was found in the HTTP chunk parsing code of minidlna, a lightweight DLNA/UPnP-AV server, which may result in denial of service or the execution of arbitrary code.
Archive for June, 2023
Several security issues were fixed in the kernel.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Several security issues were fixed in pngcheck.
Several security issues were fixed in Ruby.
Gregory James Duck reported that missing input validation in various functions provided by libx11, the X11 client-side library, may result in denial of service.
An update for c-ares is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
Jettison could be made to crash if it opened a specially crafted file.
Update to 114.0.5735.133. Fixes the following security issues: CVE-2023-3214, CVE-2023-3215, CVE-2023-3215, CVE-2023-3217,
An update for c-ares is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Red Hat Integration Camel Extensions for Quarkus 2.13.3 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of
Hear special guest host Chloé Bringmann and special guest Angela Jin in the WordPress Briefing as they discuss the next generation of WordCamps.
Podman could be made to pull an untrusted image.
PyPDF2 could be made to crash if it opened a specially crafted file.
Update to 102.12.0 ; https://www.thunderbird.net/en- US/thunderbird/102.12.0/releasenotes/ ; https://www.thunderbird.net/en- US/thunderbird/102.11.2/releasenotes/
Jurien de Jong discovered that the parsing of KeyInfo elements within the XMLTooling library may result in server-side request forgery. For the oldstable distribution (bullseye), this problem has been fixed
libX11 1.8.6 (CVE-2023-3138)
Bump to 5.8.6
Security fix for CVE-2023-33461
Bump to 5.8.6
Bump to 5.8.6
Bump to 5.8.6
update to 114.0.5735.106. Fixes the following security issue: CVE-2023-3709
Update to v1.85.2 —- Update to v1.85.1 —- Update to v1.85.0 Fixes CVE-2023-32682, CVE-2023-32683 —- Update to v1.84.1
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Xu Biang discovered that missing input sanitising in Sofia-SIP, a SIP User-Agent library could result in denial of service. For the oldstable distribution (bullseye), this problem has been fixed