Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 46 articles for you...
202
security advisorymemory corruptionopenSUSEopenSUSE 15.6: 2025:01746-1 important: webkit2gtk3 security risks
An update that solves nine vulnerabilities can now be installed.. # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:01746-1 Release Date: 2025-05-29T12:38:02Z Rating: important References: * bsc#1222905 * bsc#1241158 * bsc#1241160 * bsc#1243282 * bsc#1243286 * bsc#1243288 * bsc#1243289 * bsc#1243424 * bsc#1243596 Cross-References: * CVE-2023-42875 * CVE-2023-42970 * CVE-2024-23226 * CVE-2025-24223 * CVE-2025-31204 * CVE-2025-31205 * CVE-2025-31206 * CVE-2025-31215 * CVE-2025-31257 CVSS scores: * CVE-2023-42875 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2023-42875 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42875 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-42970 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42970 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42970 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23226 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23226 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23226 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-24223 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24223 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31204 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-31205 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31205 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-31206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31206 ( NVD ): 4.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31215 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31215 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-31257 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-31257 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-31257 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves nine vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.48.2. Security issues fixed: * CVE-2025-31205: lack of checks may lead to cross-origin data exfiltration through a malicious website (bsc#1243282). * CVE-2025-31204: improper memory handling when processing certain web content may lead to memory corruption (bsc#1243286). * CVE-2025-31206: type confusion issue when processing certain web content may lead to an unexpected crash (bsc#1243288). * CVE-2025-31215: lack of checks when processing certain web content may lead to an unexpected crash (bsc#1243289). * CVE-2025-31257: improper memory handling when processing certain web content may lead to an unexpected crash (bsc#1243596). * CVE-2025-24223: improper memory handling when processing certain web content may lead to memory corruption(bsc#1243424). Other changes and issues fixed: * Enable CSS overscroll behavior by default. * Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. * Fix rendering when device scale factor change comes before the web view geometry update. * Fix network process crash on exit. * Fix the build with ENABLE_RESOURCE_USAGE=OFF. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1746=1 openSUSE-SLE-15.6-2025-1746=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1746=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-1746=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-1746=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-1746=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-1746=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-1746=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.1-lang-2.48.2-150600.12.40.2 * WebKitGTK-4.0-lang-2.48.2-150600.12.40.2 * WebKitGTK-6.0-lang-2.48.2-150600.12.40.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * webkit2gtk-4_1-injected-bundles-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-minibrowser-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150600.12.40.2 *typelib-1_0-WebKit2-4_0-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-2.48.2-150600.12.40.2 * webkit-jsc-6.0-2.48.2-150600.12.40.2 * webkit2gtk3-devel-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-minibrowser-debuginfo-2.48.2-150600.12.40.2 * webkit-jsc-4-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * webkit-jsc-6.0-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150600.12.40.2 * webkit2gtk4-minibrowser-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * webkit-jsc-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-debugsource-2.48.2-150600.12.40.2 * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-minibrowser-2.48.2-150600.12.40.2 * webkit2gtk3-minibrowser-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-minibrowser-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_1-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-2.48.2-150600.12.40.2 * webkit-jsc-4.1-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-devel-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-2.48.2-150600.12.40.2 * webkit-jsc-4.1-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk4-devel-2.48.2-150600.12.40.2 *webkit2gtk3-soup2-debugsource-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-32bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-32bit-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-32bit-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.48.2-150600.12.40.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-64bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-64bit-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-64bit-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.48.2-150600.12.40.2 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-4.0-lang-2.48.2-150600.12.40.2 * WebKitGTK-6.0-lang-2.48.2-150600.12.40.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-devel-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_0-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-2.48.2-150600.12.40.2 *libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-debugsource-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * Basesystem Module 15-SP7 (noarch) * WebKitGTK-4.0-lang-2.48.2-150600.12.40.2 * WebKitGTK-6.0-lang-2.48.2-150600.12.40.2 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-devel-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_0-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_0-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_0-37-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.48.2-150600.12.40.2 * webkitgtk-6_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_0-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk3-soup2-debugsource-2.48.2-150600.12.40.2 * libwebkitgtk-6_0-4-2.48.2-150600.12.40.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_1-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150600.12.40.2 *libwebkit2gtk-4_1-0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-debugsource-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150600.12.40.2 * webkit2gtk3-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_1-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP7 (noarch) * WebKitGTK-4.1-lang-2.48.2-150600.12.40.2 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_1-injected-bundles-2.48.2-150600.12.40.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * libjavascriptcoregtk-4_1-0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-4_1-2.48.2-150600.12.40.2 * libwebkit2gtk-4_1-0-debuginfo-2.48.2-150600.12.40.2 * webkit2gtk3-debugsource-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2WebExtension-4_1-2.48.2-150600.12.40.2 * webkit2gtk3-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit2-4_1-2.48.2-150600.12.40.2 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKitWebProcessExtension-6_0-2.48.2-150600.12.40.2 * typelib-1_0-JavaScriptCore-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-devel-2.48.2-150600.12.40.2 * typelib-1_0-WebKit-6_0-2.48.2-150600.12.40.2 * webkit2gtk4-debugsource-2.48.2-150600.12.40.2 ## References: *https://www.suse.com/security/cve/CVE-2023-42875.html * https://www.suse.com/security/cve/CVE-2023-42970.html * https://www.suse.com/security/cve/CVE-2024-23226.html * https://www.suse.com/security/cve/CVE-2025-24223.html * https://www.suse.com/security/cve/CVE-2025-31204.html * https://www.suse.com/security/cve/CVE-2025-31205.html * https://www.suse.com/security/cve/CVE-2025-31206.html * https://www.suse.com/security/cve/CVE-2025-31215.html * https://www.suse.com/security/cve/CVE-2025-31257.html * https://bugzilla.suse.com/show_bug.cgi?id=1222905 * https://bugzilla.suse.com/show_bug.cgi?id=1241158 * https://bugzilla.suse.com/show_bug.cgi?id=1241160 * https://bugzilla.suse.com/show_bug.cgi?id=1243282 * https://bugzilla.suse.com/show_bug.cgi?id=1243286 * https://bugzilla.suse.com/show_bug.cgi?id=1243288 * https://bugzilla.suse.com/show_bug.cgi?id=1243289 * https://bugzilla.suse.com/show_bug.cgi?id=1243424 * https://bugzilla.suse.com/show_bug.cgi?id=1243596 . Important security patch released for Fedora remedying webkitgtk3 concerns with 8 vulnerabilities including unauthorized data access.. openSUSE, webkit2gtk3, security update, critical issue, memory corruption. . Severity: Important. LinuxSecurity.com Team
May 29, 2025
•Important
OpenSUSE
219
security advisoryimportant security issueDNS updateRocky Linux 8 RLSA-2024:1781 Important Bind9.16 Security Update
Important: bind9.16 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:1781", "synopsis": "Important: bind9.16 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for bind9.16.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind9: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408)\n\n* bind9: Querying RFC 1918 reverse zones may cause an assertion failure when \u201cnxdomain-redirect\u201d is enabled (CVE-2023-5517)\n\n* bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution (CVE-2023-5679)\n\n* bind9: Specific recursive query patterns may lead to an out-of-memory condition (CVE-2023-6516)\n\n* bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387)\n\n* bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2263896", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263896", "description": ""}, {"ticket": "2263897", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263897", "description": ""}, {"ticket": "2263909", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263909", "description": ""},{"ticket": "2263911", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263911", "description": ""}, {"ticket": "2263914", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "description": ""}, {"ticket": "2263917", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "description": ""}], "cves": [{"name": "CVE-2023-4408", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-4408", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-50387", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-50387", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-50868", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-50868", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-5517", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-5517", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-5679", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-5679", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-6516", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-6516", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-05-06T13:04:21.002456Z", "rpms": {"Rocky Linux 8": {"nvras": ["bind9.16-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-32:9.16.23-0.16.el8_9.2.src.rpm", "bind9.16-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-chroot-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-chroot-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-debuginfo-32:9.16.23-0.16.el8_9.2.i686.rpm","bind9.16-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-debugsource-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-debugsource-32:9.16.23-0.16.el8_9.2.i686.rpm", "bind9.16-debugsource-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-devel-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-devel-32:9.16.23-0.16.el8_9.2.i686.rpm", "bind9.16-devel-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-dnssec-utils-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-dnssec-utils-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-dnssec-utils-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-dnssec-utils-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-doc-32:9.16.23-0.16.el8_9.2.noarch.rpm", "bind9.16-libs-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-libs-32:9.16.23-0.16.el8_9.2.i686.rpm", "bind9.16-libs-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-libs-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-libs-debuginfo-32:9.16.23-0.16.el8_9.2.i686.rpm", "bind9.16-libs-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-license-32:9.16.23-0.16.el8_9.2.noarch.rpm", "bind9.16-utils-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-utils-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "bind9.16-utils-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm", "bind9.16-utils-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm", "python3-bind9.16-32:9.16.23-0.16.el8_9.2.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Immediate Attention: Important security enhancement for Bind9.16 affecting Rocky Linux 8. Explore the identified risks and resolutions available.. bind9 Security,Rocky Linux Advisory,DNS Security,bind9.16 Update,Security Fixes. . Severity: Important. LinuxSecurity.com Team
May 06, 2024
•Important
Rocky Linux
100
security advisorylocal privilege escalationkernel patchSUSE Linux 15-SP4: 2024:1063-1 Important: Kernel Live Patch Details
* bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: . # Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1063-1 Rating: important References: * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_88 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -tpatch SUSE-2024-1064=1 SUSE-2024-1065=1 SUSE-2024-1066=1 SUSE-2024-1067=1 SUSE-2024-1068=1 SUSE-2024-1069=1 SUSE-2024-1071=1 SUSE-2024-1070=1 SUSE-2024-1063=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1064=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1065=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1066=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1067=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1068=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1069=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1071=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1070=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1063=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-6-150400.2.2 * kernel-livepatch-5_14_21-150400_24_60-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-11-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-5-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-9-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-8-150400.2.3 *kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-7-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-12-150400.2.3 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-6-150400.2.2 * kernel-livepatch-5_14_21-150400_24_60-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-11-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-5-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-9-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-7-150400.2.3 *kernel-livepatch-SLE15-SP4_Update_19-debugsource-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-12-150400.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 . The latest update for the Linux Kernel addresses critical problems such as denial of service vulnerabilities and potential buffer overflow exploits.. Linux Kernel Patch, SUSE Security Update, Privilege Escalation Fix, Use After Free Issue. . Severity: Important. LinuxSecurity.com Team
Mar 29, 2024
•Important
SuSE
98
security advisoryheap overflowred hat enterprise linuxRedHat: 2023-5438-01 Important: Thunderbird Security Flaws
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2023:5438-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5438 Issue date: 2023-10-04 CVE Names: CVE-2023-3600 CVE-2023-5169 CVE-2023-5171 CVE-2023-5176 CVE-2023-5217 ===================================================================== 1. Summary: An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.3.1. Security Fix(es): * firefox: use-after-free in workers (CVE-2023-3600) * Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169) * Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171) * Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176) * libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4.Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Thunderbird must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2222652 - CVE-2023-3600 firefox: use-after-free in workers 2240893 - CVE-2023-5169 Mozilla: Out-of-bounds write in PathOps 2240894 - CVE-2023-5171 Mozilla: Use-after-free in Ion Compiler 2240896 - CVE-2023-5176 Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 2241191 - CVE-2023-5217 libvpx: Heap buffer overflow in vp8 encoding in libvpx 6. Package List: Red Hat Enterprise Linux AppStream E4S (v. 8.1): Source: thunderbird-115.3.1-1.el8_1.src.rpm ppc64le: thunderbird-115.3.1-1.el8_1.ppc64le.rpm thunderbird-debuginfo-115.3.1-1.el8_1.ppc64le.rpm thunderbird-debugsource-115.3.1-1.el8_1.ppc64le.rpm x86_64: thunderbird-115.3.1-1.el8_1.x86_64.rpm thunderbird-debuginfo-115.3.1-1.el8_1.x86_64.rpm thunderbird-debugsource-115.3.1-1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-3600 https://access.redhat.com/security/cve/CVE-2023-5169 https://access.redhat.com/security/cve/CVE-2023-5171 https://access.redhat.com/security/cve/CVE-2023-5176 https://access.redhat.com/security/cve/CVE-2023-5217 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJlHYRmAAoJENzjgjWX9erE0twP/j57U4dEN54dRtgb9DRVkNd9 2tH2nHg/JnuePH1/yjhzEvlQZNHGEnH3zIas2y7fPp4pHm0pSxRPmZXLJ4Zct1iA bBKfx1e5gofvmrsShtCmA0Ty5s1DtKvKkVqiNv8uj1feWClUj+5h4uHXR1lnexmn NNjLR6H37G201lUKs+baq8bxUXZou7nd+jvQTTdYnP2Hq2tL9XrOT77yve43ybv1 N1uiFjbZ57w+/1FVtrJ8UkUDdnesA430bnwt0FTyBwkl0wny6dVNYYHWIg21Y4Ch 3yMoer1gVQfYTvZAAwJksFWCil4WZ3rvjFXYssbCjXgbOT0gLdLxnUFhtBSFXqnN zJq++Kpg6udOusHKdHtO4WL7hWf8PcbhHldLhSSUvAAYI18rZGQhJBjAzZ6JspHo JzS35dBV4logn/JaclaB7AR/zHH/ZNrdl0DgDVkNRLP9pJAk5BHl1n/h5x6A5Y7T XC2UT5FBkR+VLU2Dkfr6E1wHxdbCwQDJxwvhRgtokP3H7eGBPSUsMGYjNq1U1smn TGg0gaEFn3p1wBkfJJdT6THk7ehF8XBW3EzEhHfBnmh13rWoGmNJuUiG0FGVxo5H rrDbp1ADFw9kSWrO5Sk12LkYDR+zm5SMGd9qZKEpHfzP0vvPZHYLG5+iexvoR2Wi 6S8zGrSdbYkfij3yxAew =wHgB -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Oct 04, 2023
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuxmemory safetyRed Hat Enterprise Linux 8.2 RHSA-2023:3578-01 Important: Firefox Update
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: firefox security update Advisory ID: RHSA-2023:3578-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3578 Issue date: 2023-06-14 CVE Names: CVE-2023-34414 CVE-2023-34416 ==================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 3. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.12.0 ESR. Security Fix(es): * Mozilla: Click-jacking certificate exceptions through rendering lag (CVE-2023-34414) * Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 (CVE-2023-34416) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relatedinformation, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2212841 - CVE-2023-34414 Mozilla: Click-jacking certificate exceptions through rendering lag 2212842 - CVE-2023-34416 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 6. Package List: Red Hat Enterprise Linux AppStream AUS (v. 8.2): Source: firefox-102.12.0-1.el8_2.src.rpm aarch64: firefox-102.12.0-1.el8_2.aarch64.rpm firefox-debuginfo-102.12.0-1.el8_2.aarch64.rpm firefox-debugsource-102.12.0-1.el8_2.aarch64.rpm ppc64le: firefox-102.12.0-1.el8_2.ppc64le.rpm firefox-debuginfo-102.12.0-1.el8_2.ppc64le.rpm firefox-debugsource-102.12.0-1.el8_2.ppc64le.rpm s390x: firefox-102.12.0-1.el8_2.s390x.rpm firefox-debuginfo-102.12.0-1.el8_2.s390x.rpm firefox-debugsource-102.12.0-1.el8_2.s390x.rpm x86_64: firefox-102.12.0-1.el8_2.x86_64.rpm firefox-debuginfo-102.12.0-1.el8_2.x86_64.rpm firefox-debugsource-102.12.0-1.el8_2.x86_64.rpm Red Hat Enterprise Linux AppStream E4S (v. 8.2): Source: firefox-102.12.0-1.el8_2.src.rpm aarch64: firefox-102.12.0-1.el8_2.aarch64.rpm firefox-debuginfo-102.12.0-1.el8_2.aarch64.rpm firefox-debugsource-102.12.0-1.el8_2.aarch64.rpm ppc64le: firefox-102.12.0-1.el8_2.ppc64le.rpm firefox-debuginfo-102.12.0-1.el8_2.ppc64le.rpm firefox-debugsource-102.12.0-1.el8_2.ppc64le.rpm s390x: firefox-102.12.0-1.el8_2.s390x.rpm firefox-debuginfo-102.12.0-1.el8_2.s390x.rpm firefox-debugsource-102.12.0-1.el8_2.s390x.rpm x86_64: firefox-102.12.0-1.el8_2.x86_64.rpm firefox-debuginfo-102.12.0-1.el8_2.x86_64.rpm firefox-debugsource-102.12.0-1.el8_2.x86_64.rpm Red Hat Enterprise Linux AppStream TUS (v.8.2): Source: firefox-102.12.0-1.el8_2.src.rpm aarch64: firefox-102.12.0-1.el8_2.aarch64.rpm firefox-debuginfo-102.12.0-1.el8_2.aarch64.rpm firefox-debugsource-102.12.0-1.el8_2.aarch64.rpm ppc64le: firefox-102.12.0-1.el8_2.ppc64le.rpm firefox-debuginfo-102.12.0-1.el8_2.ppc64le.rpm firefox-debugsource-102.12.0-1.el8_2.ppc64le.rpm s390x: firefox-102.12.0-1.el8_2.s390x.rpm firefox-debuginfo-102.12.0-1.el8_2.s390x.rpm firefox-debugsource-102.12.0-1.el8_2.s390x.rpm x86_64: firefox-102.12.0-1.el8_2.x86_64.rpm firefox-debuginfo-102.12.0-1.el8_2.x86_64.rpm firefox-debugsource-102.12.0-1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-34414 https://access.redhat.com/security/cve/CVE-2023-34416 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZIm3GNzjgjWX9erEAQgp+g//bgQNzPdEGpRkOtB6RDzyTAeW7du3IeOR y1Zc+Ma+ztT01EqfL5Nz56Zgnh+HvDuSg4oIHkcqTC02p5sQU/FRwKstPA7Snj2C TZ8kC51CYbRXAFl/FEPTdD7GUwZvFcYZldYxTI61qhi53DNPj4cDLXzQSplsyD47 Vbq1Jlg0a2b2QNBhPe830hQt6RYTkrZlI922VWfBRNy3hEgPqmalV0G9z+zINYcz t0coElsITyb7TCjVKmKXLNVHmZ6awPZicXI7zt+GHAVlDGXihqd6ijUFLuA7KQyY 8oIUfmZkBj8A9/pQX41UuWF1P5fasao0QSJa2VWSQBOfhBB0rJteWqAV8SaMiFdi x/0H/suMIlUstejs2xRgo9Pn76rGN/w04XMbfBmSah0G36+lyhzSErtV73w3i91v 2lVQ8LICkDNLty5flwnitTNBkSF62OstDoSQly3LDeSDiL5OBSkTv9EmxmOgoEOI G0/xfiDmeNCjccbCvC5g5xDhT7pDPaVOivrcCJ6rpPb9rs9ipCApBZ3+ebImglUW PguEf4/MvBS1i5GSLGDUPjSdZKPsWmjM/e9KKsi6mXZx2SZqs1oTTF5zd5V9gG4m zDqm0CvHlees+blqzeoIhPTc5zR8poB3FYWTMyUMQqxMtROw1k1kjFbaSmqA4onF 3RsN7Gx3jzA=RJdu -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 14, 2023
•Important
Red Hat
98
security advisorysecurity updateDoSRed Hat OpenStack 16.1 RHSA-2023-3446 Important: Session Cookie Disclosure
An update for python-flask is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenStack Platform 16.1 (python-flask) security update Advisory ID: RHSA-2023:3446-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2023:3446 Issue date: 2023-06-05 CVE Names: CVE-2023-30861 ==================================================================== 1. Summary: An update for python-flask is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 16.1 - noarch 3. Description: Flask is called a âmicro-frameworkâ because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation or anything else where different libraries already exist that can handle that. However Flask knows the concept of extensions that can add this functionality into your application as if it was implemented in Flask itself. There are currently extensions for object relational mappers, form validation, upload handling, various open authentication technologies and more. Security Fix(es): * Possible disclosure of permanent session cookie due to missing Vary: Cookie header (CVE-2023-30861) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to theCVE page listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2196643 - CVE-2023-30861 flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header 6. Package List: Red Hat OpenStack Platform 16.1: Source: python-flask-1.0.2-8.el8ost.src.rpm noarch: python3-flask-1.0.2-8.el8ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-30861 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZH53pdzjgjWX9erEAQg8lw//b6uYgkWJ7vu0404JVWDmPmw4+UolL/Ne ugFYxIvCEsj7aBcv7hcUT/AzFbKSC+kmG2LPgNmXPxmoyxgvtmX5cmfJ3I2yx62r DleLwfKkmaPYFOQHu2EZEHUu+UrwMqQwOLm5Q+dZbfMuToZYGdG7k8ygKYbONK4l xzvYKHyyOYV6/sjO23qTgZMWl1OUibKJWcK0jmbw0W5uwZrbdLDy78i35Z9Lzmwz cAUF3SofkV3V2DizB2zIQ+WVyajdPtW3awOHu5Ss0Pf50e7rWuieuyWtgxM1OEHc TKFSdphhfUbbkSZDi1Yw66/SuMTa1NumbpHz9zAMwEquRyY00SFbpeEznc17GKoe 9sPgwwZj+BcbdUKZHA9qTlv4pWNPE+IqWtt7aD8KqqQYs3V+zYmdXjzDGvVXE18m SoG13W81uKOWYhn+ZOQetfFpOdIETA5j6tY+hg1cpofqpZ/m+SoqCuVxqRFQsR6H QqFlveWv/FIpfoQJvzpiGPIEUswyG8kAn4fxVU5oqweo20WWplz2foiTxCd6pldm 13DsPXTfqFiYXKfaxBjn7VhZ+3HIR8BZzLMj7E53/+B0fqC8KGGTWgsNDWmKe2sX toncwDU4Og8Qw848+fYZJbs3R3PrmJy8q40UWZHlKkcP1Qj0CEk6kB9K8F02zD7r EVc0Nlt1wsw=1E7v -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 06, 2023
•Important
Red Hat
98
security advisorylocal privilege escalationRed Hat EnterpriseRed Hat: RHSA-2023-1598-01 Critical: Tigervnc Remote Access Fix
An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: tigervnc security update Advisory ID: RHSA-2023:1598-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1598 Issue date: 2023-04-04 CVE Names: CVE-2023-1393 ==================================================================== 1. Summary: An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2180288 - CVE-2023-1393 xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.8.6): Source: tigervnc-1.12.0-6.el8_6.3.src.rpm aarch64: tigervnc-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-debugsource-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-server-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-server-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-server-minimal-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-server-module-1.12.0-6.el8_6.3.aarch64.rpm tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.aarch64.rpm noarch: tigervnc-icons-1.12.0-6.el8_6.3.noarch.rpm tigervnc-license-1.12.0-6.el8_6.3.noarch.rpm tigervnc-selinux-1.12.0-6.el8_6.3.noarch.rpm ppc64le: tigervnc-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-debugsource-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-server-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-server-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-server-minimal-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-server-module-1.12.0-6.el8_6.3.ppc64le.rpm tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.ppc64le.rpm s390x: tigervnc-1.12.0-6.el8_6.3.s390x.rpm tigervnc-debuginfo-1.12.0-6.el8_6.3.s390x.rpm tigervnc-debugsource-1.12.0-6.el8_6.3.s390x.rpm tigervnc-server-1.12.0-6.el8_6.3.s390x.rpm tigervnc-server-debuginfo-1.12.0-6.el8_6.3.s390x.rpm tigervnc-server-minimal-1.12.0-6.el8_6.3.s390x.rpm tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.s390x.rpm tigervnc-server-module-1.12.0-6.el8_6.3.s390x.rpm tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.s390x.rpm x86_64: tigervnc-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-debugsource-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-server-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-server-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-server-minimal-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-server-minimal-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-server-module-1.12.0-6.el8_6.3.x86_64.rpm tigervnc-server-module-debuginfo-1.12.0-6.el8_6.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-1393 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZCw/H9zjgjWX9erEAQjsRhAAgYUngucFdohg3v62+0sl63ZNIrrYalZC AK3Qwe7QufGQCv43GbfrbzXj/nkSxxJh5jiCUDikhfMfiaAkChuDM1feOjyCU6aA Zbp1CJNgiPd3PdO+gOJAx2UsLHN7DxsEFS1+MzvexX+K/FLG/tltaj30+lgpCw9H uY7rtW3wmLa90npUj+/UBDh622c5OO4fBSEeqKPt6MrhcWif6v9vHgPv9DIORJL9 cGhhHCxViKrWRLSU9ZnuDpPElfhvp3AmRzzP4qk2nC5Wp3/mWsx74fAdySHuE0ew FQSaLIS9U+xGaX5bPiRZ6k/P4QstokZamXj/QQ91NFQ7YkugJT6FQMAzqoeva02t MngtULxtQ6krZTYQkmqMYLOTEFz5IUmADr8IPjOcZDDkwYgKEQvDE+sLoLk+805I CxCGJH9cdN1BhEY0i/lIkTQ8WeArViY1Q5Vco9PtwcehLFeK1GQWXn40DKR4dXiT VWBi9TvUh7Oka5EqJ0t+Jwsp+M7HUZBe3uPQZCDpgvTCZhFPuuevb/BR/9qe89hI /EuKA979Wujmkm9ov2mOKOgfwqHjMn+p85+H9RH7ZljrvNcscJB8kIFLwMlg/uT9 Vku2ETHD6UBg2PjpdK3W9dEzlva6rmHUCz0mwo8KeKlFR8ax3MtF67JMLoZSG8s1 bAE1OO5hPWI=NZUE -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 04, 2023
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuxmemory safetyRed Hat: RHSA-2023-1479-01 Important: Firefox Memory Safety Issues
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: firefox security update Advisory ID: RHSA-2023:1479-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1479 Issue date: 2023-03-27 CVE Names: CVE-2023-0767 CVE-2023-25751 CVE-2023-25752 CVE-2023-28162 CVE-2023-28164 CVE-2023-28176 ==================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64 3. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fix(es): * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767) * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164) Formore details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12 2178458 - CVE-2023-25751 Mozilla: Incorrect code generation during JIT compilation 2178460 - CVE-2023-25752 Mozilla: Potential out-of-bounds when accessing throttled streams 2178466 - CVE-2023-28162 Mozilla: Invalid downcast in Worklets 2178470 - CVE-2023-28164 Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation 2178472 - CVE-2023-28176 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 6. Package List: Red Hat Enterprise Linux AppStream E4S (v. 8.1): Source: firefox-102.9.0-4.el8_1.src.rpm ppc64le: firefox-102.9.0-4.el8_1.ppc64le.rpm firefox-debuginfo-102.9.0-4.el8_1.ppc64le.rpm firefox-debugsource-102.9.0-4.el8_1.ppc64le.rpm x86_64: firefox-102.9.0-4.el8_1.x86_64.rpm firefox-debuginfo-102.9.0-4.el8_1.x86_64.rpm firefox-debugsource-102.9.0-4.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-0767 https://access.redhat.com/security/cve/CVE-2023-25751 https://access.redhat.com/security/cve/CVE-2023-25752 https://access.redhat.com/security/cve/CVE-2023-28162 https://access.redhat.com/security/cve/CVE-2023-28164 https://access.redhat.com/security/cve/CVE-2023-28176 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZCIHTtzjgjWX9erEAQg1LA//WydqHlnFtd0J2yjS8LfsRpICtcXwV8Ls ZyIxFkx1PsZI8EcZkOFp+sWv7xpAMbas0ojWUuW2Bbj0OIOE1b4G1Rq16TUrdSiG bkdNJdsWtaz2zMWfSwzWz2aBFKlrMJUyME5imnlyPivCoCOfHf52qpweqr/vh3s4 shE7IUypPY79bzOpt3H9jxnNWRyybOen5G1Q/ExEdMrB3RI7cNn1k6XvAUV60L/3 DQbVAV3z2j+lxfb8orj68C6PMM1b8fE+lMgHy5Rw/JGJUwMkZypF1GbE2e9UTtIV aMaOm+tjS83q2utk+g9n7xuDga6a9SmuQmaotjLtOsp158fJcKspCx5hmAO0eLeT PdvXdFhvfUaRMrBN+IMXIaCj6mtqRxpLl6cHO908KS9lJZQKWnmrggWmt12bnufk eWQFjjgyMaxgxTkajbPpKXt7Msp+T1EzSkWdban10GTfv+kd/mVihHMsdlLK8C+l ToIsKJCMeZkBVgL8Qus5CRq9NBrssbQtWMKXphost7USwkMdw7pKn/CHStdm+7oG UI+sERAJNoAuDLihgGTwYc7zpw3aDU/O6SECpuPEZd8AoY1L5gBbot2pIgRHXK7z 2IQG0fOYX/0AKlBgYP0RAj19NRVCXR89KP7rEdChyrBbF5i7mn0kqiuNJ+6VjWDO GH3c+X2WQwU=P4vx -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 27, 2023
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!