**MariaDB 10.5.23 & Galera 26.4.16** Release notes: https://mariadb.com/kb/en/mariadb-10-5-23-release-notes/
Comment
Archive for November, 2023
149 results.
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
**MariaDB 10.5.23 & Galera 26.4.16** Release notes: https://mariadb.com/kb/en/mariadb-10-5-23-release-notes/
The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.
Debian: DSA-5566-1: thunderbird security update
Nov26
on November 26, 2023
at 12:44 am
Posted In: Uncategorized
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. For the oldstable distribution (bullseye), these problems have been fixed
Debian: DSA-5565-1: gst-plugins-bad1.0 security update
Nov25
on November 25, 2023
at 3:34 pm
Posted In: Uncategorized
Multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
Fedora 37: kubernetes 2023-6ad09ef90b
Nov25
on November 25, 2023
at 1:51 am
Posted In: Uncategorized
Resolves CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes. Upstream change log at: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG- 1.25.md#changelog-since-v12515
Debian: DSA-5564-1: gimp security update
Nov24
on November 24, 2023
at 10:53 pm
Posted In: Uncategorized
Michael Randrianantenaina reported several vulnerabilities in GIMP, the GNU Image Manipulation Program, which could result in denial of service (application crash) or potentially the execution of arbitrary code if malformed DDS, PSD and PSP files are opened.
The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.
Ubuntu 6513-1: Python vulnerabilities
Nov23
on November 23, 2023
at 9:38 pm
Posted In: Uncategorized
Several security issues were fixed in Python.
Ubuntu 6512-1: LibTIFF vulnerabilities
Nov23
on November 23, 2023
at 9:37 pm
Posted In: Uncategorized
Several security issues were fixed in LibTIFF.
Ubuntu 6510-1: Apache HTTP Server vulnerability
Nov23
on November 23, 2023
at 5:39 pm
Posted In: Uncategorized
Apache HTTP Server could be made to crash if it received a specially crafted request.
Debian: DSA-5563-1: intel-microcode security update
Nov23
on November 23, 2023
at 3:56 pm
Posted In: Uncategorized
Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, avis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel processors
OpenZFS could allow unintended access to network services.
Ubuntu 6508-1: poppler vulnerabilities
Nov23
on November 23, 2023
at 6:40 am
Posted In: Uncategorized
Several security issues were fixed in poppler.
Ubuntu 6509-1: Firefox vulnerabilities
Nov23
on November 23, 2023
at 6:06 am
Posted In: Uncategorized
Several security issues were fixed in Firefox.
Fedora 37: microcode_ctl 2023-40e71fe5b9
Nov23
on November 23, 2023
at 1:39 am
Posted In: Uncategorized
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
This is an extended update of the OpenVPN 2.6.7 release which contains security fixes for CVE-2023-46849 and CVE-2023-46850. That release had a regression causing the `openvpn` daemon to segfault frequently; which is why the 2.6.7 release was pulled. This 2.6.8 release contains a fix for the regression issue as well.
update to 119.0.6045.159, upstream security release – High CVE-2023-5997, use after free in Garbage Collection – High CVE-2023-6112, use after free in Navigation —- Fix bz#2240127, audio/video decode issue in chromium
Debian: DSA-5562-1: tor security update
Nov22
on November 22, 2023
at 7:37 pm
Posted In: Uncategorized
It was discovered that Tor was susceptible to a crash during handshake with a remote relay, resulting in denial of service. For the oldstable distribution (bullseye), support for tor is now
Debian: DSA-5561-1: firefox-esr security update
Nov22
on November 22, 2023
at 7:20 pm
Posted In: Uncategorized
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information leaks or clickjacking.
Ubuntu 6507-1: GlusterFS vulnerability
Nov22
on November 22, 2023
at 5:08 pm
Posted In: Uncategorized
GlusterFS could be made to crash if it received a specially crafted request.
Ubuntu 6506-1: Apache HTTP Server vulnerabilities
Nov22
on November 22, 2023
at 4:01 pm
Posted In: Uncategorized
Several security issues were fixed in Apache HTTP Server.
Patch for CVE-2022-24599
Patch for CVE-2022-24599
– Updated to latest upstream (120.0)
Ubuntu 6503-1: Linux kernel vulnerabilities
Nov21
on November 21, 2023
at 8:31 pm
Posted In: Uncategorized
Several security issues were fixed in the Linux kernel.
Ubuntu 6502-1: Linux kernel vulnerabilities
Nov21
on November 21, 2023
at 8:31 pm
Posted In: Uncategorized
Several security issues were fixed in the Linux kernel.
A security improvement was added to hibagent.
Ubuntu 6491-1: Node.js vulnerabilities
Nov21
on November 21, 2023
at 10:56 am
Posted In: Uncategorized
Several security issues were fixed in Node.js.