Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
89
security advisoryfedoraupdate informationFedora 39: FEDORA-2023-9f7b2631a9 Moderate: DotNet 7.0 Update
This is the October 24, 2023 release for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.13/7.0.13.md. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-9f7b2631a9 2023-11-18 01:37:22.839850 -------------------------------------------------------------------------------- Name : dotnet7.0 Product : Fedora 39 Version : 7.0.113 Release : 1.fc39 URL : https://github.com/dotnet/ Summary : .NET Runtime and SDK Description : .NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework libraries, an SDK containing compilers and a 'dotnet' application to drive everything. -------------------------------------------------------------------------------- Update Information: This is the October 24, 2023 release for .NET 7. Release Notes: https://github.com/dotnet/core/blob/main/release-notes/7.0/7.0.13/7.0.13.md -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 24 2023 Omair Majid - 7.0.113-1 - Update to .NET SDK 7.0.113 and Runtime 7.0.13 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-9f7b2631a9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Nov 18, 2023
Fedora
202
security advisorybuffer overflowpatch instructionopenSUSE: 2023:3833-1 Moderate: Exempi Buffer Overflow Issue
This update for exempi fixes the following issues: CVE-2020-18651: Fixed a buffer overflow in ID3 support (bsc#1214486).. # Security update for exempi Announcement ID: SUSE-SU-2023:3833-1 Rating: moderate References: * #1214486 Cross-References: * CVE-2020-18651 CVSS scores: * CVE-2020-18651 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-18651 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Desktop Applications Module 15-SP4 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for exempi fixes the following issues: * CVE-2020-18651: Fixed a buffer overflow in ID3 support (bsc#1214486). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3833=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3833=1 * Desktop Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3833=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-3833=1 ## Package List: * openSUSELeap 15.4 (aarch64 ppc64le s390x x86_64) * libexempi-devel-2.4.5-150000.3.9.1 * libexempi3-debuginfo-2.4.5-150000.3.9.1 * exempi-tools-debuginfo-2.4.5-150000.3.9.1 * exempi-debugsource-2.4.5-150000.3.9.1 * exempi-tools-2.4.5-150000.3.9.1 * libexempi3-2.4.5-150000.3.9.1 * openSUSE Leap 15.4 (x86_64) * libexempi3-32bit-2.4.5-150000.3.9.1 * libexempi3-32bit-debuginfo-2.4.5-150000.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libexempi-devel-2.4.5-150000.3.9.1 * libexempi3-debuginfo-2.4.5-150000.3.9.1 * exempi-tools-debuginfo-2.4.5-150000.3.9.1 * exempi-debugsource-2.4.5-150000.3.9.1 * exempi-tools-2.4.5-150000.3.9.1 * libexempi3-2.4.5-150000.3.9.1 * openSUSE Leap 15.5 (x86_64) * libexempi3-32bit-2.4.5-150000.3.9.1 * libexempi3-32bit-debuginfo-2.4.5-150000.3.9.1 * Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libexempi-devel-2.4.5-150000.3.9.1 * exempi-debugsource-2.4.5-150000.3.9.1 * libexempi3-2.4.5-150000.3.9.1 * libexempi3-debuginfo-2.4.5-150000.3.9.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libexempi-devel-2.4.5-150000.3.9.1 * exempi-debugsource-2.4.5-150000.3.9.1 * libexempi3-2.4.5-150000.3.9.1 * libexempi3-debuginfo-2.4.5-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2020-18651.html * https://bugzilla.suse.com/show_bug.cgi?id=1214486 . Patch for exempi resolves buffer overflow vulnerabilities in ID3 handling, improving security measures for openSUSE clients.. openSUSE Security, Exempi Update, Buffer Overflow Protection, Software Patch. . LinuxSecurity.com Team
Sep 27, 2023
OpenSUSE
217
security advisorysecurity updatemoderate levelOracle Linux 7 ELSA-2023-5218: Addressing Open-Vm-Tools Auth Vulnerability
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-5217 https://linux.oracle.com/errata/ELSA-2023-5217.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: open-vm-tools-11.0.5-3.0.1.el7_9.7.x86_64.rpm open-vm-tools-desktop-11.0.5-3.0.1.el7_9.7.x86_64.rpm open-vm-tools-devel-11.0.5-3.0.1.el7_9.7.x86_64.rpm open-vm-tools-test-11.0.5-3.0.1.el7_9.7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//open-vm-tools-11.0.5-3.0.1.el7_9.7.src.rpm Related CVEs: CVE-2023-20900 Description of changes: [11.0.5-3.0.1] - fix spaces in vmware udev rule for scsi devices [Orabug: 24461968] - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. [Orabug: 22815019] - Increase timeout for scsi devices on VMWare guests by adding a udev rule. - Created a new file 99-vmware-scsi-timeout.rules - Modified spec file to install this new file. [Orabug: 21819156] [11.0.5-3.el7_9.7] - ovt-VGAuth-Allow-only-X509-certs-to-verify-the-SAML-toke.patch [RHEL-2413] - Resolves: RHEL-2413 (CVE-2023-20900 open-vm-tools: SAML token signature bypass [rhel-7.9.z]) _______________________________________________ El-errata mailing list
Sep 20, 2023
•Important
Oracle
202
security advisorysecurity updatesoftware updateopenSUSE 15.4 15.5 SUSE-SU-2023:3252-1 moderate: wireshark fixes
This update for wireshark fixes the following issues: Update to Wireshark 3.6.15: \- Further features, bug fixes and updated protocol support as listed in:. # Security update for wireshark Announcement ID: SUSE-SU-2023:3252-1 Rating: moderate References: * #1211703 * #1211705 * #1211706 * #1211707 * #1211710 * #1211793 * #1211844 * #1212084 * #1213319 Cross-References: * CVE-2023-0667 * CVE-2023-0668 * CVE-2023-2855 * CVE-2023-2856 * CVE-2023-2857 * CVE-2023-2858 * CVE-2023-2879 * CVE-2023-2952 * CVE-2023-3648 CVSS scores: * CVE-2023-0667 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0667 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0668 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0668 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-2855 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2856 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2856 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2857 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2857 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2858 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2858 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2879 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2879 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2952 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2952 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-3648 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-3648 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP4 * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP4 * Desktop ApplicationsModule 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves nine vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: Update to Wireshark 3.6.15: \- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.15.html Security fixes: \- CVE-2023-0667: Fixed failure to validate MS-MMS packet length (bsc#1212084). \- CVE-2023-0668: Fixed IEEE C37.118 Synchrophasor dissector crash (bsc#1211710). \- CVE-2023-2855: Fixed Candump log file parser crash (bsc#1211703). \- CVE-2023-2856: Fixed VMS TCPIPtrace file parser crash (bsc#1211707). \- CVE-2023-2857: Fixed BLF file parser crash (bsc#1211705). \- CVE-2023-2858: Fixed NetScaler file parser crash (bsc#1211706). \- CVE-2023-2879: Fixed GDSDB dissector infinite loop (bsc#1211793). \- CVE-2023-2952: Fixed XRA dissector infinite loop (bsc#1211844). \- CVE-2023-3648: Fixed Kafka dissector crash (bsc#1213319). ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3252=1 *openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3252=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3252=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3252=1 * Desktop Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3252=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-3252=1 * SUSE Linux Enterprise Real Time 15 SP3 zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-3252=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3252=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-3252=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3252=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * SUSE Linux Enterprise Real Time 15 SP3 (x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 *wireshark-devel-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * SUSE Manager Proxy 4.2 (x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * SUSE Manager Retail Branch Server 4.2 (x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * SUSE Manager Server 4.2 (ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 ## References: * https://www.suse.com/security/cve/CVE-2023-0667.html * https://www.suse.com/security/cve/CVE-2023-0668.html * https://www.suse.com/security/cve/CVE-2023-2855.html * https://www.suse.com/security/cve/CVE-2023-2856.html * https://www.suse.com/security/cve/CVE-2023-2857.html * https://www.suse.com/security/cve/CVE-2023-2858.html * https://www.suse.com/security/cve/CVE-2023-2879.html *https://www.suse.com/security/cve/CVE-2023-2952.html * https://www.suse.com/security/cve/CVE-2023-3648.html * https://bugzilla.suse.com/show_bug.cgi?id=1211703 * https://bugzilla.suse.com/show_bug.cgi?id=1211705 * https://bugzilla.suse.com/show_bug.cgi?id=1211706 * https://bugzilla.suse.com/show_bug.cgi?id=1211707 * https://bugzilla.suse.com/show_bug.cgi?id=1211710 * https://bugzilla.suse.com/show_bug.cgi?id=1211793 * https://bugzilla.suse.com/show_bug.cgi?id=1211844 * https://bugzilla.suse.com/show_bug.cgi?id=1212084 * https://bugzilla.suse.com/show_bug.cgi?id=1213319 . This release addresses various bugs in Wireshark, improving security with significant patches and revised protocol compatibility.. Wireshark Update, Security Advisory, OpenSUSE, Software Fix, Update Patch. . LinuxSecurity.com Team
Aug 09, 2023
OpenSUSE
89
security advisoryFedorasystem updateFedora 38: FEDORA-2023-51593ce398 Important D-BUS 1.14.9 Upgrade
Update to 1.14.8. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-51593ce398 2023-06-11 01:58:02.674471 --------------------------------------------------------------------------------Name : dbus Product : Fedora 37 Version : 1.14.8 Release : 1.fc37 URL : https://https:// Summary : D-BUS message bus Description : D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. --------------------------------------------------------------------------------Update Information: Update to 1.14.8 --------------------------------------------------------------------------------ChangeLog: * Tue Jun 6 2023 David King - 1:1.14.8-1 - Update to 1.14.8 --------------------------------------------------------------------------------References: [ 1 ] Bug #2213396 - dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2213396 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-51593ce398' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 11, 2023
•Important
Fedora
89
security advisoryFedorasecurity fixFedora 36 FEDORA-2022-5ef0bd9a27 Moderate: Golang Continuity Security Fix
Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --- See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more information about the specific vulnerabilities.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-5ef0bd9a27 2022-07-30 01:52:05.591823 --------------------------------------------------------------------------------Name : golang-github-containerd-continuity Product : Fedora 36 Version : 0.2.2 Release : 4.fc36 URL : https://github.com/containerd/continuity Summary : A transport-agnostic, filesystem metadata manifest system Description : A transport-agnostic, filesystem metadata manifest system. --------------------------------------------------------------------------------Update Information: Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang ---See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more information about the specific vulnerabilities. --------------------------------------------------------------------------------ChangeLog: * Tue Jul 19 2022 Maxwell G 0.2.2-4 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-5ef0bd9a27' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list
Jul 29, 2022
Fedora
203
security advisorydenial of servicesecurity issueMageia: 2021-0108 Moderate OpenSSL Denial of Service Vulnerability
Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2021-23840). Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer . MGASA-2021-0108 - Updated openssl and compat-openssl10 packages fix security vulnerabilities Publication date: 04 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0108.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-23840, CVE-2021-23841 Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2021-23840). Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer fields. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2021-23841). References: - https://bugs.mageia.org/show_bug.cgi?id=28383 - https://openssl-library.org/news/secadv/20210216.txt - https://ubuntu.com/security/notices/USN-4738-1 - https://www.cve.org/CVERecord?id=CVE-2021-23840 - https://www.cve.org/CVERecord?id=CVE-2021-23841 SRPMS: - 8/core/openssl-1.1.1j-1.mga8 - 7/core/openssl-1.1.0l-1.3.mga7 - 7/core/compat-openssl10-1.0.2u-1.2.mga7 . Mageia has published MGASA-2021-0108, which tackles vulnerabilities in OpenSSL that could result in possible denial of service attacks.. OpenSSL Security Update, Mageia Advisories, Denial of Service Fix. . LinuxSecurity.com Team
Mar 04, 2021
Mageia
202
security advisorysecurity updatefixesopenSUSE: 2020:1261-1 Moderate: LibreOffice Security Fixes and Updates
An update that solves two vulnerabilities and has 6 fixes is now available.. openSUSE Security Update: Security update for libreoffice ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1261-1 Rating: moderate References: #1062631 #1146025 #1157627 #1165849 #1172053 #1172189 #1172795 #1172796 Cross-References: CVE-2020-12802 CVE-2020-12803 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has 6 fixes is now available. Description: This update for libreoffice fixes the following issues: - Update to 6.4.5.2: * Various fixes all around - Remove mime-info and application-registry dirs bsc#1062631 - Fix bsc#1172053 - LO-L3: Image disappears during roundtrip 365-> Impress-> 365 * bsc1172053.diff - Fix bsc#1172189 - LO-L3: Impress crashes midway opening a PPTX document * bsc1172189.diff - Fix bsc#1157627 - LO-L3: Some XML-created shapes simply lost upon PPTX import (= earth loses countries) * bsc1157627.diff - Fix bsc#1146025 - LO-L3: Colored textboxes in PPTX look very odd (SmartArt) - Fix bsc#1165849 - LO-L3: Shadow size for rectangle is only a fraction of Office 365 * bsc1165849-1.diff * bsc1165849-2.diff * bsc1165849-3.diff This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1261=1 Package List: - openSUSE Leap 15.2 (noarch): libreoffice-branding-upstream-6.4.5.2-lp152.2.3.1 libreoffice-gdb-pretty-printers-6.4.5.2-lp152.2.3.1 libreoffice-glade-6.4.5.2-lp152.2.3.1 libreoffice-icon-themes-6.4.5.2-lp152.2.3.1 libreoffice-l10n-af-6.4.5.2-lp152.2.3.1 libreoffice-l10n-am-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ar-6.4.5.2-lp152.2.3.1 libreoffice-l10n-as-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ast-6.4.5.2-lp152.2.3.1 libreoffice-l10n-be-6.4.5.2-lp152.2.3.1 libreoffice-l10n-bg-6.4.5.2-lp152.2.3.1 libreoffice-l10n-bn-6.4.5.2-lp152.2.3.1 libreoffice-l10n-bn_IN-6.4.5.2-lp152.2.3.1 libreoffice-l10n-bo-6.4.5.2-lp152.2.3.1 libreoffice-l10n-br-6.4.5.2-lp152.2.3.1 libreoffice-l10n-brx-6.4.5.2-lp152.2.3.1 libreoffice-l10n-bs-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ca-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ca_valencia-6.4.5.2-lp152.2.3.1 libreoffice-l10n-cs-6.4.5.2-lp152.2.3.1 libreoffice-l10n-cy-6.4.5.2-lp152.2.3.1 libreoffice-l10n-da-6.4.5.2-lp152.2.3.1 libreoffice-l10n-de-6.4.5.2-lp152.2.3.1 libreoffice-l10n-dgo-6.4.5.2-lp152.2.3.1 libreoffice-l10n-dsb-6.4.5.2-lp152.2.3.1 libreoffice-l10n-dz-6.4.5.2-lp152.2.3.1 libreoffice-l10n-el-6.4.5.2-lp152.2.3.1 libreoffice-l10n-en-6.4.5.2-lp152.2.3.1 libreoffice-l10n-en_GB-6.4.5.2-lp152.2.3.1 libreoffice-l10n-en_ZA-6.4.5.2-lp152.2.3.1 libreoffice-l10n-eo-6.4.5.2-lp152.2.3.1 libreoffice-l10n-es-6.4.5.2-lp152.2.3.1 libreoffice-l10n-et-6.4.5.2-lp152.2.3.1 libreoffice-l10n-eu-6.4.5.2-lp152.2.3.1 libreoffice-l10n-fa-6.4.5.2-lp152.2.3.1 libreoffice-l10n-fi-6.4.5.2-lp152.2.3.1 libreoffice-l10n-fr-6.4.5.2-lp152.2.3.1 libreoffice-l10n-fy-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ga-6.4.5.2-lp152.2.3.1 libreoffice-l10n-gd-6.4.5.2-lp152.2.3.1 libreoffice-l10n-gl-6.4.5.2-lp152.2.3.1 libreoffice-l10n-gu-6.4.5.2-lp152.2.3.1 libreoffice-l10n-gug-6.4.5.2-lp152.2.3.1 libreoffice-l10n-he-6.4.5.2-lp152.2.3.1 libreoffice-l10n-hi-6.4.5.2-lp152.2.3.1 libreoffice-l10n-hr-6.4.5.2-lp152.2.3.1 libreoffice-l10n-hsb-6.4.5.2-lp152.2.3.1 libreoffice-l10n-hu-6.4.5.2-lp152.2.3.1 libreoffice-l10n-id-6.4.5.2-lp152.2.3.1 libreoffice-l10n-is-6.4.5.2-lp152.2.3.1 libreoffice-l10n-it-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ja-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ka-6.4.5.2-lp152.2.3.1 libreoffice-l10n-kab-6.4.5.2-lp152.2.3.1 libreoffice-l10n-kk-6.4.5.2-lp152.2.3.1 libreoffice-l10n-km-6.4.5.2-lp152.2.3.1 libreoffice-l10n-kmr_Latn-6.4.5.2-lp152.2.3.1 libreoffice-l10n-kn-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ko-6.4.5.2-lp152.2.3.1 libreoffice-l10n-kok-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ks-6.4.5.2-lp152.2.3.1 libreoffice-l10n-lb-6.4.5.2-lp152.2.3.1 libreoffice-l10n-lo-6.4.5.2-lp152.2.3.1 libreoffice-l10n-lt-6.4.5.2-lp152.2.3.1 libreoffice-l10n-lv-6.4.5.2-lp152.2.3.1 libreoffice-l10n-mai-6.4.5.2-lp152.2.3.1 libreoffice-l10n-mk-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ml-6.4.5.2-lp152.2.3.1 libreoffice-l10n-mn-6.4.5.2-lp152.2.3.1 libreoffice-l10n-mni-6.4.5.2-lp152.2.3.1 libreoffice-l10n-mr-6.4.5.2-lp152.2.3.1 libreoffice-l10n-my-6.4.5.2-lp152.2.3.1 libreoffice-l10n-nb-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ne-6.4.5.2-lp152.2.3.1 libreoffice-l10n-nl-6.4.5.2-lp152.2.3.1 libreoffice-l10n-nn-6.4.5.2-lp152.2.3.1 libreoffice-l10n-nr-6.4.5.2-lp152.2.3.1 libreoffice-l10n-nso-6.4.5.2-lp152.2.3.1 libreoffice-l10n-oc-6.4.5.2-lp152.2.3.1 libreoffice-l10n-om-6.4.5.2-lp152.2.3.1 libreoffice-l10n-or-6.4.5.2-lp152.2.3.1 libreoffice-l10n-pa-6.4.5.2-lp152.2.3.1 libreoffice-l10n-pl-6.4.5.2-lp152.2.3.1 libreoffice-l10n-pt_BR-6.4.5.2-lp152.2.3.1 libreoffice-l10n-pt_PT-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ro-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ru-6.4.5.2-lp152.2.3.1 libreoffice-l10n-rw-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sa_IN-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sat-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sd-6.4.5.2-lp152.2.3.1 libreoffice-l10n-si-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sid-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sk-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sl-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sq-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sr-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ss-6.4.5.2-lp152.2.3.1 libreoffice-l10n-st-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sv-6.4.5.2-lp152.2.3.1 libreoffice-l10n-sw_TZ-6.4.5.2-lp152.2.3.1 libreoffice-l10n-szl-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ta-6.4.5.2-lp152.2.3.1 libreoffice-l10n-te-6.4.5.2-lp152.2.3.1 libreoffice-l10n-tg-6.4.5.2-lp152.2.3.1 libreoffice-l10n-th-6.4.5.2-lp152.2.3.1 libreoffice-l10n-tn-6.4.5.2-lp152.2.3.1 libreoffice-l10n-tr-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ts-6.4.5.2-lp152.2.3.1 libreoffice-l10n-tt-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ug-6.4.5.2-lp152.2.3.1 libreoffice-l10n-uk-6.4.5.2-lp152.2.3.1 libreoffice-l10n-uz-6.4.5.2-lp152.2.3.1 libreoffice-l10n-ve-6.4.5.2-lp152.2.3.1 libreoffice-l10n-vec-6.4.5.2-lp152.2.3.1 libreoffice-l10n-vi-6.4.5.2-lp152.2.3.1 libreoffice-l10n-xh-6.4.5.2-lp152.2.3.1 libreoffice-l10n-zh_CN-6.4.5.2-lp152.2.3.1 libreoffice-l10n-zh_TW-6.4.5.2-lp152.2.3.1 libreoffice-l10n-zu-6.4.5.2-lp152.2.3.1 - openSUSE Leap 15.2 (x86_64): libreoffice-6.4.5.2-lp152.2.3.1 libreoffice-base-6.4.5.2-lp152.2.3.1 libreoffice-base-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-base-drivers-firebird-6.4.5.2-lp152.2.3.1 libreoffice-base-drivers-firebird-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-base-drivers-postgresql-6.4.5.2-lp152.2.3.1 libreoffice-base-drivers-postgresql-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-calc-6.4.5.2-lp152.2.3.1 libreoffice-calc-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-calc-extensions-6.4.5.2-lp152.2.3.1 libreoffice-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-debugsource-6.4.5.2-lp152.2.3.1 libreoffice-draw-6.4.5.2-lp152.2.3.1 libreoffice-draw-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-filters-optional-6.4.5.2-lp152.2.3.1 libreoffice-gnome-6.4.5.2-lp152.2.3.1 libreoffice-gnome-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-gtk3-6.4.5.2-lp152.2.3.1 libreoffice-gtk3-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-impress-6.4.5.2-lp152.2.3.1 libreoffice-impress-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-librelogo-6.4.5.2-lp152.2.3.1 libreoffice-mailmerge-6.4.5.2-lp152.2.3.1 libreoffice-math-6.4.5.2-lp152.2.3.1 libreoffice-math-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-officebean-6.4.5.2-lp152.2.3.1 libreoffice-officebean-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-pyuno-6.4.5.2-lp152.2.3.1 libreoffice-pyuno-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-qt5-6.4.5.2-lp152.2.3.1 libreoffice-qt5-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-sdk-6.4.5.2-lp152.2.3.1 libreoffice-sdk-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-sdk-doc-6.4.5.2-lp152.2.3.1 libreoffice-writer-6.4.5.2-lp152.2.3.1 libreoffice-writer-debuginfo-6.4.5.2-lp152.2.3.1 libreoffice-writer-extensions-6.4.5.2-lp152.2.3.1 libreofficekit-6.4.5.2-lp152.2.3.1 libreofficekit-devel-6.4.5.2-lp152.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-12802.html https://www.suse.com/security/cve/CVE-2020-12803.html https://bugzilla.suse.com/1062631 https://bugzilla.suse.com/1146025 https://bugzilla.suse.com/1157627 https://bugzilla.suse.com/1165849 https://bugzilla.suse.com/1172053 https://bugzilla.suse.com/1172189 https://bugzilla.suse.com/1172795 https://bugzilla.suse.com/1172796 -- . An updated version of openSUSE addresses multiple vulnerabilities in LibreOffice, introducing essential security improvements that significantly bolster the software's defenses.. OpenSUSE Security Update, LibreOffice Fixes, Moderate SecurityAdvisory, Threat Mitigation Techniques. . LinuxSecurity.com Team
Aug 26, 2020
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!