Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
203
security advisorycode executioncupsMageia 9: 2024-0327 moderate: CUPS remote code execution risks
The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. (CVE-2024-47076) . MGASA-2024-0327 - Updated cups & cups-filters packages fix security vulnerabilities Publication date: 07 Oct 2024 URL: https://advisories.mageia.org/MGASA-2024-0327.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177 The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. (CVE-2024-47076) The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with other functions such as `cfGetPrinterAttributes5`, can result in user controlled input and ultimately code execution via Foomatic. This vulnerability can be part of an exploit chain leading to remote code execution (RCE), as described in CVE-2024-47176. (CVE-2024-47175) `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. (CVE-2024-47176) Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution. (CVE-2024-47177) References: - https://bugs.mageia.org/show_bug.cgi?id=33596 -https://www.openwall.com/lists/oss-security/2024/09/26/5 - https://ubuntu.com/security/notices/USN-7041-1 - https://ubuntu.com/security/notices/USN-7043-1 - https://www.cve.org/CVERecord?id=CVE-2024-47076 - https://www.cve.org/CVERecord?id=CVE-2024-47175 - https://www.cve.org/CVERecord?id=CVE-2024-47176 - https://www.cve.org/CVERecord?id=CVE-2024-47177 SRPMS: - 9/core/cups-2.4.6-1.3.mga9 - 9/core/cups-filters-1.28.16-6.1.mga9 . Debian's most recent patches address critical libc and libcurl flaws that could permit unauthorized remote code execution. Update promptly.. Mageia cups CUPS security update remote code execution. . LinuxSecurity.com Team
Oct 07, 2024
Mageia
89
security advisorycriticalsoftware updateFedora 38: FEDORA-2024-8dc64f8f59 Critical: Engrampa Remote Command Risk
update to 1.26.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-8dc64f8f59 2024-02-15 01:41:57.775593 -------------------------------------------------------------------------------- Name : engrampa Product : Fedora 38 Version : 1.26.2 Release : 1.fc38 URL : https://mate-desktop.org/ Summary : MATE Desktop file archiver Description : Mate File Archiver is an application for creating and viewing archives files, such as zip, xv, bzip2, cab, rar and other compress formats. -------------------------------------------------------------------------------- Update Information: update to 1.26.2 -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 6 2024 Wolfgang Ulbrich - 1.26.2-1 - update to 1.26.2 * Wed Jan 24 2024 Fedora Release Engineering - 1.26.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering - 1.26.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jul 19 2023 Fedora Release Engineering - 1.26.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild > > > > > > > c3bab3b (update to 1.26.1) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2262840 - TRIAGE CVE-2023-52138 engrampa: remote command execution via path traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2262840 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-8dc64f8f59' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used bythe Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 15, 2024
•Critical
Fedora
87
security advisorydebianaccess controlDebian 11 DSA-5399-1 Moderate: Odoo Access Control Threats
Several vulnerabilities were discovered in odoo, a suite of web based open source business apps. CVE-2021-44775, CVE-2021-26947, CVE-2021-45071, CVE-2021-26263: . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5399-1
May 05, 2023
•Important
Debian
198
security advisorycriticalarbitrary code executionArch Linux 202104-1 Critical Advisory: GitLab Code Execution Risk
The package gitlab before version 13.10.3-1 is vulnerable to multiple issues including arbitrary code execution and incorrect calculation. . Arch Linux Security Advisory ASA-202104-1 ======================================== Severity: Critical Date : 2021-04-29 CVE-ID : CVE-2021-22205 CVE-2021-28965 Package : gitlab Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1822 Summary ====== The package gitlab before version 13.10.3-1 is vulnerable to multiple issues including arbitrary code execution and incorrect calculation. Resolution ========= Upgrade to 13.10.3-1. # pacman -Syu "gitlab> =13.10.3-1" The problems have been fixed upstream in version 13.10.3. Workaround ========= None. Description ========== - CVE-2021-22205 (arbitrary code execution) An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that is passed to a file parser which resulted in a remote command execution. The issue is fixed in GitLab versions 13.10.3, 13.9.6 and 13.8.8. - CVE-2021-28965 (incorrect calculation) When parsing and serializing a crafted XML document, the REXML gem (including the one bundled with Ruby) can create a wrong XML document whose structure is different from the original one. The impact of this issue highly depends on context, but it may lead to a vulnerability in some programs that are using REXML. The issue is fixed in version 3.2.5 of the REXML gem. Impact ===== An attacker can crash or execute arbitrary code on the affected server by providing a maliciously crafted XML or imagefile. References ========= https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/ https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/#Remote-code-execution-when-uploading-specially-crafted-image-files https://gitlab.com/gitlab-org/gitlab/-/issues/327121 https://hackerone.com/reports/1154542 https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ https://hackerone.com/reports/1104077 https://github.com/ruby/rexml/commit/a659c63e37414506dfb0d4655e031bb7a2e73fc8 https://github.com/ruby/rexml/commit/2fe62e29094d95921d7e19abbd2e26b23d78dc5b https://github.com/ruby/rexml/commit/6a250d2cd1194c2be72becbdd9c3e770aa16e752 https://github.com/ruby/rexml/commit/f7bab8937513b1403cea5aff874cbf32fd5e8551 https://github.com/ruby/rexml/commit/f9d88e4948b4a43294c25dc0edb16815bd9d8618 https://github.com/ruby/rexml/commit/9b311e59ae05749e082eb6bbefa1cb620d1a786e https://github.com/ruby/rexml/commit/3c137eb119550874b2b3e27d12b733ca67033377 https://security.archlinux.org/CVE-2021-22205 https://security.archlinux.org/CVE-2021-28965 . Severe flaws identified in GitLab prior to 13.10.3-1 pose risks; upgrading is advised for safeguarding.. GitLab Vulnerability, Arch Linux Advisory, Code Execution Risks. . Severity: Critical. LinuxSecurity.com Team
Apr 29, 2021
•Critical
ArchLinux
203
security advisorymoderatebuffer overflowMageia 7 MGASA-2021-0041 Moderate: p11-kit Integer Overflows
Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc (CVE-2020-29361). A heap-based buffer over-read has been discovered in the RPC protocol used by . MGASA-2021-0041 - Updated p11-kit packages fix security vulnerabilities Publication date: 17 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0041.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-29361, CVE-2020-29362, CVE-2020-29363 Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc (CVE-2020-29361). A heap-based buffer over-read has been discovered in the RPC protocol used by the p11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation (CVE-2020-29362). A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value (CVE-2020-29363). References: - https://bugs.mageia.org/show_bug.cgi?id=27853 - https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2 - https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc - https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x - https://github.com/p11-glue/p11-kit/releases/tag/0.23.22 - https://lists.fedoraproject.org/archives/list/
Jan 17, 2021
Mageia
89
security advisorymoderateFedoraFedora: 2018-05-15 Moderate: MySQL MMM Command Injection Threat
# Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager (MMM) mmm_agentd daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not require authentication by. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-ca5321b5ff 2018-05-15 20:03:56.912735 --------------------------------------------------------------------------------Name : mysql-mmm Product : Fedora 28 Version : 2.2.1 Release : 20.fc28 URL : https://mysql-mmm.org/ Summary : Multi-Master Replication Manager for MySQL Description : MMM (MySQL Master-Master Replication Manager) is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations (with only one node writable at any time). The toolset also has the ability to read balance standard master/slave configurations with any number of slaves, so you can use it to move virtual IP addresses around a group of servers depending on whether they are behind in replication. In addition to that, it also has scripts for data backups, resynchronization between nodes etc. --------------------------------------------------------------------------------Update Information: # Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager (MMM) mmm_agentd daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not require authentication by default. A specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privilegesof the mmm_agentd process. An attacker that can initiate a TCP session with mmm_agentd can trigger these vulnerabilities. The impact of these vulnerabilities can be lessened by configuring mmm_agentd to require TLS mutual authentication and by using network ACLs to prevent hosts other than legitimate mmm_mond hosts from accessing mmm_agentd. For example on Linux iptables rules can be used to block access to the port mmm_agent is listening on from all hosts except the mmm_monitor. The configuration of ssl can be used where firewall rules are not practical. See Socket Documentation https://mysql-mmm.org/mysql-mmm.html Add to mmm_common.conf type ssl cert_file /etc/ssl/certs/www..bundle.crt key_file /etc/ssl/certs/www..key ca_file /etc/ssl/certs/ca-bundle.crt # or ca-certificates.crt Now only those with access to the private key can send commands. Whilst your web server certificate will do the job, you may consider registering a dedicated certificate just for this task. NOTE: By now there are a some good alternatives to MySQL-MMM. Maybe you want to check out Galera Cluster which is part of MariaDB Galera Cluster and Percona XtraDB Cluster. - https://mysql-mmm.org/ - https://galeracluster.com/ - https://mariadb.com/kb/en/what-is-mariadb-galera-cluster/ ---------------------------------------------------------------------------------ChangeLog: * Wed May 2 2018 David Beveridge 2.2.1-20 - Patch for mmm_agentd Remote Command Injection Vulnerabilities - TALOS-2017-0501, CVE-2017-14474 - CVE-2017-14481 * Thu Feb 8 2018 Fedora Release Engineering - 2.2.1-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1575161 https://bugzilla.redhat.com/show_bug.cgi?id=1575161 --------------------------------------------------------------------------------This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2018-ca5321b5ff' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 15, 2018
•Important
Fedora
89
security advisoryfedoracriticalDebian 10: 2020-75d04c7h64 Severe: Security Flaw in PostgreSQL Admin Area
# Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager (MMM) mmm_agentd daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not require authentication by. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-92f04c6b61 2018-05-15 19:59:59.036932 --------------------------------------------------------------------------------Name : mysql-mmm Product : Fedora 26 Version : 2.2.1 Release : 20.fc26 URL : https://mysql-mmm.org/ Summary : Multi-Master Replication Manager for MySQL Description : MMM (MySQL Master-Master Replication Manager) is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations (with only one node writable at any time). The toolset also has the ability to read balance standard master/slave configurations with any number of slaves, so you can use it to move virtual IP addresses around a group of servers depending on whether they are behind in replication. In addition to that, it also has scripts for data backups, resynchronization between nodes etc. --------------------------------------------------------------------------------Update Information: # Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager (MMM) mmm_agentd daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not require authentication by default. A specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privilegesof the mmm_agentd process. An attacker that can initiate a TCP session with mmm_agentd can trigger these vulnerabilities. The impact of these vulnerabilities can be lessened by configuring mmm_agentd to require TLS mutual authentication and by using network ACLs to prevent hosts other than legitimate mmm_mond hosts from accessing mmm_agentd. For example on Linux iptables rules can be used to block access to the port mmm_agent is listening on from all hosts except the mmm_monitor. The configuration of ssl can be used where firewall rules are not practical. See Socket Documentation https://mysql-mmm.org/mysql-mmm.html Add to mmm_common.conf type ssl cert_file /etc/ssl/certs/www..bundle.crt key_file /etc/ssl/certs/www..key ca_file /etc/ssl/certs/ca-bundle.crt # or ca-certificates.crt Now only those with access to the private key can send commands. Whilst your web server certificate will do the job, you may consider registering a dedicated certificate just for this task. NOTE: By now there are a some good alternatives to MySQL-MMM. Maybe you want to check out Galera Cluster which is part of MariaDB Galera Cluster and Percona XtraDB Cluster. - https://mysql-mmm.org/ - https://galeracluster.com/ - https://mariadb.com/kb/en/what-is-mariadb-galera-cluster/ ---------------------------------------------------------------------------------ChangeLog: * Wed May 2 2018 David Beveridge 2.2.1-20 - Patch for mmm_agentd Remote Command Injection Vulnerabilities - TALOS-2017-0501, CVE-2017-14474 - CVE-2017-14481 * Thu Feb 8 2018 Fedora Release Engineering - 2.2.1-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Dec 20 2017 Ruben Kerkhof - 2.2.1-18 - Correct permissions for systemd units (#1527992) * Wed Jul 26 2017 Fedora Release Engineering - 2.2.1-17 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1575161 https://bugzilla.redhat.com/show_bug.cgi?id=1575161 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-92f04c6b61' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 15, 2018
•Important
Fedora
89
security advisorysecurity issuefedoraFedora 27: 2018-e31f52c5ee Moderate: MySQL MMM Remote Command Injection
# Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager (MMM) mmm_agentd daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not require authentication by. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-e31f52c5ee 2018-05-15 19:52:12.739386 --------------------------------------------------------------------------------Name : mysql-mmm Product : Fedora 27 Version : 2.2.1 Release : 20.fc27 URL : https://mysql-mmm.org/ Summary : Multi-Master Replication Manager for MySQL Description : MMM (MySQL Master-Master Replication Manager) is a set of flexible scripts to perform monitoring/failover and management of MySQL Master-Master replication configurations (with only one node writable at any time). The toolset also has the ability to read balance standard master/slave configurations with any number of slaves, so you can use it to move virtual IP addresses around a group of servers depending on whether they are behind in replication. In addition to that, it also has scripts for data backups, resynchronization between nodes etc. --------------------------------------------------------------------------------Update Information: # Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities This update adds data sanitization to inputs for the mmm agent. Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager (MMM) mmm_agentd daemon 2.2.1. mmm_agentd commonly runs with root privileges and does not require authentication by default. A specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privilegesof the mmm_agentd process. An attacker that can initiate a TCP session with mmm_agentd can trigger these vulnerabilities. The impact of these vulnerabilities can be lessened by configuring mmm_agentd to require TLS mutual authentication and by using network ACLs to prevent hosts other than legitimate mmm_mond hosts from accessing mmm_agentd. For example on Linux iptables rules can be used to block access to the port mmm_agent is listening on from all hosts except the mmm_monitor. The configuration of ssl can be used where firewall rules are not practical. See Socket Documentation https://mysql-mmm.org/mysql-mmm.html Add to mmm_common.conf type ssl cert_file /etc/ssl/certs/www..bundle.crt key_file /etc/ssl/certs/www..key ca_file /etc/ssl/certs/ca-bundle.crt # or ca-certificates.crt Now only those with access to the private key can send commands. Whilst your web server certificate will do the job, you may consider registering a dedicated certificate just for this task. NOTE: By now there are a some good alternatives to MySQL-MMM. Maybe you want to check out Galera Cluster which is part of MariaDB Galera Cluster and Percona XtraDB Cluster. - https://mysql-mmm.org/ - https://galeracluster.com/ - https://mariadb.com/kb/en/what-is-mariadb-galera-cluster/ ---------------------------------------------------------------------------------ChangeLog: * Wed May 2 2018 David Beveridge 2.2.1-20 - Patch for mmm_agentd Remote Command Injection Vulnerabilities - TALOS-2017-0501, CVE-2017-14474 - CVE-2017-14481 * Thu Feb 8 2018 Fedora Release Engineering - 2.2.1-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Dec 20 2017 Ruben Kerkhof - 2.2.1-18 - Correct permissions for systemd units (#1527992) --------------------------------------------------------------------------------References: [ 1 ] Bug #1575161 https://bugzilla.redhat.com/show_bug.cgi?id=1575161 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-e31f52c5ee' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 15, 2018
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!