openSUSE Security Update: Mozilla: February 2013 update round (Firefox 19)
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2013:0323-1
Rating:             important
References:         #796895 #804248 
Cross-References:   CVE-2013-0765 CVE-2013-0772 CVE-2013-0773
                    CVE-2013-0774 CVE-2013-0775 CVE-2013-0776
                    CVE-2013-0777 CVE-2013-0778 CVE-2013-0779
                    CVE-2013-0780 CVE-2013-0781 CVE-2013-0782
                    CVE-2013-0783
Affected Products:
                    openSUSE 12.2
                    openSUSE 12.1
______________________________________________________________________________

   An update that fixes 13 vulnerabilities is now available.

Description:


   MozillaFirefox was updated to Firefox 19.0 (bnc#804248)
   MozillaThunderbird was updated to Thunderbird 17.0.3
   (bnc#804248) seamonkey was updated to SeaMonkey 2.16
   (bnc#804248) xulrunner was updated to 17.0.3esr
   (bnc#804248) chmsee was updated to version 2.0.

   Changes in MozillaFirefox 19.0:
   * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous
   memory safety hazards
   * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds
   read in image rendering
   * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL
   objects can be wrapped again
   * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
   bypass of COW and SOW security wrappers   * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
   JavaScript Workers   * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
   in nsImageLoadingContent
   * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
   HTTPS connection through malicious proxy
   * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
   CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
   Use-after-free, out of bounds read, and buffer overflow
   issues found using Address Sanitizer
   - removed obsolete patches
   * mozilla-webrtc.patch
   * mozilla-gstreamer-803287.patch
   - added patch to fix session restore window order
   (bmo#712763)

   - update to Firefox 18.0.2
   * blocklist and CTP updates
   * fixes in JS engine

   - update to Firefox 18.0.1
   * blocklist updates
   * backed out bmo#677092 (removed patch)
   * fixed problems involving HTTP proxy transactions

   - Fix WebRTC to build on powerpc

   Changes in MozillaThunderbird:
   - update to Thunderbird 17.0.3 (bnc#804248)
   * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety
   hazards
   * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
   bypass of COW and SOW security wrappers   * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
   JavaScript Workers   * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
   in nsImageLoadingContent
   * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
   HTTPS connection through malicious proxy
   * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
   Use-after-free, out of bounds read, and buffer overflow
   issues found using Address Sanitizer

   - update Enigmail to 1.5.1
   * The release fixes the regressions found in the past few
   weeks

   Changes in seamonkey:
   - update to SeaMonkey 2.16 (bnc#804248)
   * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous
   memory safety hazards
   * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds
   read in image rendering
   * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL
   objects can be wrapped again
   * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
   bypass of COW and SOW security wrappers   * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
   JavaScript Workers   * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
   in nsImageLoadingContent
   * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
   HTTPS connection through malicious proxy
   * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
   CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
   Use-after-free, out of bounds read, and buffer overflow
   issues found using Address Sanitizer
   - removed obsolete patches
   * mozilla-webrtc.patch
   * mozilla-gstreamer-803287.patch

   - update to SeaMonkey 2.15.2
   * Applications could not be removed from the "Application
   details" dialog under Preferences, Helper Applications
   (bmo#826771).
   * View / Message Body As could show menu items out of
   context (bmo#831348)

   - update to SeaMonkey 2.15.1
   * backed out bmo#677092 (removed patch)
   * fixed problems involving HTTP proxy transactions

   - backed out restartless language packs as it broke
   multi-locale setup (bmo#677092, bmo#818468)

   Changes in xulrunner:
   - update to 17.0.3esr (bnc#804248)
   * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety
   hazards
   * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content
   bypass of COW and SOW security wrappers   * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in
   JavaScript Workers   * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free
   in nsImageLoadingContent
   * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on
   HTTPS connection through malicious proxy
   * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
   Use-after-free, out of bounds read, and buffer overflow
   issues found using Address Sanitizer


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.2:

      zypper in -t patch openSUSE-2013-141

   - openSUSE 12.1:

      zypper in -t patch openSUSE-2013-141

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.2 (i586 x86_64):

      MozillaFirefox-19.0-2.33.1
      MozillaFirefox-branding-upstream-19.0-2.33.1
      MozillaFirefox-buildsymbols-19.0-2.33.1
      MozillaFirefox-debuginfo-19.0-2.33.1
      MozillaFirefox-debugsource-19.0-2.33.1
      MozillaFirefox-devel-19.0-2.33.1
      MozillaFirefox-translations-common-19.0-2.33.1
      MozillaFirefox-translations-other-19.0-2.33.1
      MozillaThunderbird-17.0.3-49.31.1
      MozillaThunderbird-buildsymbols-17.0.3-49.31.1
      MozillaThunderbird-debuginfo-17.0.3-49.31.1
      MozillaThunderbird-debugsource-17.0.3-49.31.1
      MozillaThunderbird-devel-17.0.3-49.31.1
      MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1
      MozillaThunderbird-translations-common-17.0.3-49.31.1
      MozillaThunderbird-translations-other-17.0.3-49.31.1
      chmsee-2.0-2.14.3
      chmsee-debuginfo-2.0-2.14.3
      chmsee-debugsource-2.0-2.14.3
      enigmail-1.5.1+17.0.3-49.31.1
      enigmail-debuginfo-1.5.1+17.0.3-49.31.1
      mozilla-js-17.0.3-2.30.1
      mozilla-js-debuginfo-17.0.3-2.30.1
      seamonkey-2.16-2.34.2
      seamonkey-debuginfo-2.16-2.34.2
      seamonkey-debugsource-2.16-2.34.2
      seamonkey-dom-inspector-2.16-2.34.2
      seamonkey-irc-2.16-2.34.2
      seamonkey-translations-common-2.16-2.34.2
      seamonkey-translations-other-2.16-2.34.2
      seamonkey-venkman-2.16-2.34.2
      xulrunner-17.0.3-2.30.1
      xulrunner-buildsymbols-17.0.3-2.30.1
      xulrunner-debuginfo-17.0.3-2.30.1
      xulrunner-debugsource-17.0.3-2.30.1
      xulrunner-devel-17.0.3-2.30.1
      xulrunner-devel-debuginfo-17.0.3-2.30.1

   - openSUSE 12.2 (x86_64):

      mozilla-js-32bit-17.0.3-2.30.1
      mozilla-js-debuginfo-32bit-17.0.3-2.30.1
      xulrunner-32bit-17.0.3-2.30.1
      xulrunner-debuginfo-32bit-17.0.3-2.30.1

   - openSUSE 12.1 (i586 x86_64):

      MozillaFirefox-19.0-2.62.1
      MozillaFirefox-branding-upstream-19.0-2.62.1
      MozillaFirefox-buildsymbols-19.0-2.62.1
      MozillaFirefox-debuginfo-19.0-2.62.1
      MozillaFirefox-debugsource-19.0-2.62.1
      MozillaFirefox-devel-19.0-2.62.1
      MozillaFirefox-translations-common-19.0-2.62.1
      MozillaFirefox-translations-other-19.0-2.62.1
      MozillaThunderbird-17.0.3-33.51.1
      MozillaThunderbird-buildsymbols-17.0.3-33.51.1
      MozillaThunderbird-debuginfo-17.0.3-33.51.1
      MozillaThunderbird-debugsource-17.0.3-33.51.1
      MozillaThunderbird-devel-17.0.3-33.51.1
      MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1
      MozillaThunderbird-translations-common-17.0.3-33.51.1
      MozillaThunderbird-translations-other-17.0.3-33.51.1
      chmsee-2.0-2.32.3
      chmsee-debuginfo-2.0-2.32.3
      chmsee-debugsource-2.0-2.32.3
      enigmail-1.5.1+17.0.3-33.51.1
      enigmail-debuginfo-1.5.1+17.0.3-33.51.1
      mozilla-js-17.0.3-2.57.1
      mozilla-js-debuginfo-17.0.3-2.57.1
      seamonkey-2.16-2.53.1
      seamonkey-debuginfo-2.16-2.53.1
      seamonkey-debugsource-2.16-2.53.1
      seamonkey-dom-inspector-2.16-2.53.1
      seamonkey-irc-2.16-2.53.1
      seamonkey-translations-common-2.16-2.53.1
      seamonkey-translations-other-2.16-2.53.1
      seamonkey-venkman-2.16-2.53.1
      xulrunner-17.0.3-2.57.1
      xulrunner-buildsymbols-17.0.3-2.57.1
      xulrunner-debuginfo-17.0.3-2.57.1
      xulrunner-debugsource-17.0.3-2.57.1
      xulrunner-devel-17.0.3-2.57.1
      xulrunner-devel-debuginfo-17.0.3-2.57.1

   - openSUSE 12.1 (x86_64):

      mozilla-js-32bit-17.0.3-2.57.1
      mozilla-js-debuginfo-32bit-17.0.3-2.57.1
      xulrunner-32bit-17.0.3-2.57.1
      xulrunner-debuginfo-32bit-17.0.3-2.57.1

   - openSUSE 12.1 (ia64):

      mozilla-js-debuginfo-x86-17.0.3-2.57.1
      mozilla-js-x86-17.0.3-2.57.1
      xulrunner-debuginfo-x86-17.0.3-2.57.1
      xulrunner-x86-17.0.3-2.57.1


References:

   https://www.suse.com/security/cve/CVE-2013-0765.html
   https://www.suse.com/security/cve/CVE-2013-0772.html
   https://www.suse.com/security/cve/CVE-2013-0773.html
   https://www.suse.com/security/cve/CVE-2013-0774.html
   https://www.suse.com/security/cve/CVE-2013-0775.html
   https://www.suse.com/security/cve/CVE-2013-0776.html
   https://www.suse.com/security/cve/CVE-2013-0777.html
   https://www.suse.com/security/cve/CVE-2013-0778.html
   https://www.suse.com/security/cve/CVE-2013-0779.html
   https://www.suse.com/security/cve/CVE-2013-0780.html
   https://www.suse.com/security/cve/CVE-2013-0781.html
   https://www.suse.com/security/cve/CVE-2013-0782.html
   https://www.suse.com/security/cve/CVE-2013-0783.html
   https://bugzilla.novell.com/796895
   https://bugzilla.novell.com/804248

--

openSUSE: 2013:0323-1: important: Mozilla

February 22, 2013
An update that fixes 13 vulnerabilities is now available.

Description

MozillaFirefox was updated to Firefox 19.0 (bnc#804248) MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248) seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0. Changes in MozillaFirefox 19.0: * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - added patch to fix session restore window order (bmo#712763) - update to Firefox 18.0.2 * blocklist and CTP updates * fixes in JS engine - update to Firefox 18.0.1 * blocklist updates * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - Fix WebRTC to build on powerpc Changes in MozillaThunderbird: - update to Thunderbird 17.0.3 (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - update Enigmail to 1.5.1 * The release fixes the regressions found in the past few weeks Changes in seamonkey: - update to SeaMonkey 2.16 (bnc#804248) * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - update to SeaMonkey 2.15.2 * Applications could not be removed from the "Application details" dialog under Preferences, Helper Applications (bmo#826771). * View / Message Body As could show menu items out of context (bmo#831348) - update to SeaMonkey 2.15.1 * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions - backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468) Changes in xulrunner: - update to 17.0.3esr (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.2: zypper in -t patch openSUSE-2013-141 - openSUSE 12.1: zypper in -t patch openSUSE-2013-141 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 12.2 (i586 x86_64): MozillaFirefox-19.0-2.33.1 MozillaFirefox-branding-upstream-19.0-2.33.1 MozillaFirefox-buildsymbols-19.0-2.33.1 MozillaFirefox-debuginfo-19.0-2.33.1 MozillaFirefox-debugsource-19.0-2.33.1 MozillaFirefox-devel-19.0-2.33.1 MozillaFirefox-translations-common-19.0-2.33.1 MozillaFirefox-translations-other-19.0-2.33.1 MozillaThunderbird-17.0.3-49.31.1 MozillaThunderbird-buildsymbols-17.0.3-49.31.1 MozillaThunderbird-debuginfo-17.0.3-49.31.1 MozillaThunderbird-debugsource-17.0.3-49.31.1 MozillaThunderbird-devel-17.0.3-49.31.1 MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1 MozillaThunderbird-translations-common-17.0.3-49.31.1 MozillaThunderbird-translations-other-17.0.3-49.31.1 chmsee-2.0-2.14.3 chmsee-debuginfo-2.0-2.14.3 chmsee-debugsource-2.0-2.14.3 enigmail-1.5.1+17.0.3-49.31.1 enigmail-debuginfo-1.5.1+17.0.3-49.31.1 mozilla-js-17.0.3-2.30.1 mozilla-js-debuginfo-17.0.3-2.30.1 seamonkey-2.16-2.34.2 seamonkey-debuginfo-2.16-2.34.2 seamonkey-debugsource-2.16-2.34.2 seamonkey-dom-inspector-2.16-2.34.2 seamonkey-irc-2.16-2.34.2 seamonkey-translations-common-2.16-2.34.2 seamonkey-translations-other-2.16-2.34.2 seamonkey-venkman-2.16-2.34.2 xulrunner-17.0.3-2.30.1 xulrunner-buildsymbols-17.0.3-2.30.1 xulrunner-debuginfo-17.0.3-2.30.1 xulrunner-debugsource-17.0.3-2.30.1 xulrunner-devel-17.0.3-2.30.1 xulrunner-devel-debuginfo-17.0.3-2.30.1 - openSUSE 12.2 (x86_64): mozilla-js-32bit-17.0.3-2.30.1 mozilla-js-debuginfo-32bit-17.0.3-2.30.1 xulrunner-32bit-17.0.3-2.30.1 xulrunner-debuginfo-32bit-17.0.3-2.30.1 - openSUSE 12.1 (i586 x86_64): MozillaFirefox-19.0-2.62.1 MozillaFirefox-branding-upstream-19.0-2.62.1 MozillaFirefox-buildsymbols-19.0-2.62.1 MozillaFirefox-debuginfo-19.0-2.62.1 MozillaFirefox-debugsource-19.0-2.62.1 MozillaFirefox-devel-19.0-2.62.1 MozillaFirefox-translations-common-19.0-2.62.1 MozillaFirefox-translations-other-19.0-2.62.1 MozillaThunderbird-17.0.3-33.51.1 MozillaThunderbird-buildsymbols-17.0.3-33.51.1 MozillaThunderbird-debuginfo-17.0.3-33.51.1 MozillaThunderbird-debugsource-17.0.3-33.51.1 MozillaThunderbird-devel-17.0.3-33.51.1 MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1 MozillaThunderbird-translations-common-17.0.3-33.51.1 MozillaThunderbird-translations-other-17.0.3-33.51.1 chmsee-2.0-2.32.3 chmsee-debuginfo-2.0-2.32.3 chmsee-debugsource-2.0-2.32.3 enigmail-1.5.1+17.0.3-33.51.1 enigmail-debuginfo-1.5.1+17.0.3-33.51.1 mozilla-js-17.0.3-2.57.1 mozilla-js-debuginfo-17.0.3-2.57.1 seamonkey-2.16-2.53.1 seamonkey-debuginfo-2.16-2.53.1 seamonkey-debugsource-2.16-2.53.1 seamonkey-dom-inspector-2.16-2.53.1 seamonkey-irc-2.16-2.53.1 seamonkey-translations-common-2.16-2.53.1 seamonkey-translations-other-2.16-2.53.1 seamonkey-venkman-2.16-2.53.1 xulrunner-17.0.3-2.57.1 xulrunner-buildsymbols-17.0.3-2.57.1 xulrunner-debuginfo-17.0.3-2.57.1 xulrunner-debugsource-17.0.3-2.57.1 xulrunner-devel-17.0.3-2.57.1 xulrunner-devel-debuginfo-17.0.3-2.57.1 - openSUSE 12.1 (x86_64): mozilla-js-32bit-17.0.3-2.57.1 mozilla-js-debuginfo-32bit-17.0.3-2.57.1 xulrunner-32bit-17.0.3-2.57.1 xulrunner-debuginfo-32bit-17.0.3-2.57.1 - openSUSE 12.1 (ia64): mozilla-js-debuginfo-x86-17.0.3-2.57.1 mozilla-js-x86-17.0.3-2.57.1 xulrunner-debuginfo-x86-17.0.3-2.57.1 xulrunner-x86-17.0.3-2.57.1


References

https://www.suse.com/security/cve/CVE-2013-0765.html https://www.suse.com/security/cve/CVE-2013-0772.html https://www.suse.com/security/cve/CVE-2013-0773.html https://www.suse.com/security/cve/CVE-2013-0774.html https://www.suse.com/security/cve/CVE-2013-0775.html https://www.suse.com/security/cve/CVE-2013-0776.html https://www.suse.com/security/cve/CVE-2013-0777.html https://www.suse.com/security/cve/CVE-2013-0778.html https://www.suse.com/security/cve/CVE-2013-0779.html https://www.suse.com/security/cve/CVE-2013-0780.html https://www.suse.com/security/cve/CVE-2013-0781.html https://www.suse.com/security/cve/CVE-2013-0782.html https://www.suse.com/security/cve/CVE-2013-0783.html https://bugzilla.novell.com/796895 https://bugzilla.novell.com/804248--


Severity
Announcement ID: openSUSE-SU-2013:0323-1
Rating: important
Affected Products: openSUSE 12.2 openSUSE 12.1

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved