Florian Picca reported a bug the charon-tkm daemon in strongSwan an IKE/IPsec suite. The TKM-backed version of the charon IKE daemon (charon-tkm) doesn’t
Archive for November, 2023
Several security issues were fixed in WebKitGTK.
strongSwan could be made to crash or run programs if it received specially crafted network traffic.
release v1.5.0 + security fix for CVE-2023-39325
podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and CVE-2022-41723
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
Includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. [See the whole changelog here](https://go.dev/doc/devel/release).
A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the execution of arbitrary code.
1.22.7
Two security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework. CVE-2023-34462
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
– Update to upstream 2.1-42. 20231114 – Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 up to 0xd0003b9; – Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 up to 0x1000268; – Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc up to 0xc2; – Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision
Fix for CVE-2023-39325
Fixes CVEs reported against Xserver.
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-41983
The system could be made to crash or expose sensitive information under certain conditions.
Several security issues were fixed in OpenVPN.
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Several security issues were fixed in .NET.
The countdown is on for this year’s State of the Word! If you missed the initial announcement a few weeks ago, mark your calendars for December 11, 2023. State of the Word is the annual keynote in which WordPress co-founder Matt Mullenweg celebrates the progress of the open source project and offers a glimpse into its future.
Two vulnerabilities were discovered in openvpn, a virtual private network application which could result in memory disclosure or denial of service.
tidy-html5 could be made to crash or run programs if it opened a specially crafted file.
Several security issues were fixed in Cobbler.
USN-6449-1 introduced a regression in FFmpeg
New version 8.5.3.
New version 8.5.3.
**Release 1.6.5** – Fix PHP8 fatal error when parsing a malformed BODYSTRUCTURE (#9171) – Fix duplicated Inbox folder on IMAP servers that do not use Inbox folder with all capital letters (#9166) – Fix PHP warnings (#9174) – Fix UI issue when dealing with an invalid managesieve_default_headers value (#9175) – Fix bug where images attached to application/smil messages weren’t displayed
* Bump Safari version in user agent header. * Fix blob URL regression that broke many websites. * Fix several crashes and rendering issues. * Fix CVE-2023-41983 and CVE-2023-42852
Several security issues were fixed in the Linux kernel.