Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
200
security advisorymemory corruptionimportantSciLinux SL7: SLSA-2023-1806-1 Critical: Thunderbird Security Fix
This update upgrades Thunderbird to version 102.10.0. * Thunderbird: Revocation status of S/Mime recipient certificates was not checked (CVE-2023-0547) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of- service attack (CVE-2023-28427) * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compactio [More...]. Synopsis: Important: thunderbird security update Advisory ID: SLSA-2023:1806-1 Issue Date: 2023-04-17 CVE Numbers: CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-1945 CVE-2023-29548 CVE-2023-29550 CVE-2023-28427 CVE-2023-0547 CVE-2023-29479 -- This update upgrades Thunderbird to version 102.10.0. Security Fix(es): * Thunderbird: Revocation status of S/Mime recipient certificates was not checked (CVE-2023-0547) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (CVE-2023-28427) * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535) * Mozilla: Invalid free from JavaScript code (CVE-2023-29536) * Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 (CVE-2023-29550) * Mozilla: Memory Corruption in Safe Browsing Code (CVE-2023-1945) * Thunderbird: Hang when processing certain OpenPGP messages (CVE-2023-29479) * Mozilla: Content-Disposition filename truncation leads to Reflected File Download (CVE-2023-29539) * Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux (CVE-2023-29541) * Mozilla: Incorrect optimization result on ARM64 (CVE-2023-29548) * MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp For more details about the security issue(s), including the impact, aCVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 thunderbird-102.10.0-2.el7_9.x86_64.rpm thunderbird-debuginfo-102.10.0-2.el7_9.x86_64.rpm - Scientific Linux Development Team . Important revision for Thunderbird tackles several security flaws and vulnerabilities to guarantee secure operation on SL7 platforms.. Thunderbird Security Update, SL7 Update, Mozilla Vulnerabilities, Denial-of-Service Threat. . Severity: Critical. LinuxSecurity.com Team
Apr 17, 2023
•Critical
Scientific Linux
100
security advisorymoderateissueDEBIAN: 2023:1475-2 Low: Module Path Confusion Correction
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for mokutil ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2638-1 Rating: moderate References: #1198458 Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for mokutil fixes the following issues: - Adds SBAT revocation support to mokutil. (bsc#1198458) New options added (see manpage): - mokutil --sbat List all entries in SBAT. - mokutil --set-sbat-policy (latest | previous | delete) To set the SBAT acceptance policy. - mokutil --list-sbat-revocations To list the current SBAT revocations. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2638=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2638=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2638=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2638=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2638=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2638=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2638=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2638=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2638=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2638=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2638=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2638=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-2638=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Manager Server 4.1 (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Manager Proxy 4.1 (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 - SUSE Enterprise Storage 7 (x86_64): mokutil-0.4.0-150200.4.6.1 mokutil-debuginfo-0.4.0-150200.4.6.1 mokutil-debugsource-0.4.0-150200.4.6.1 References: https://bugzilla.suse.com/1198458 . New patch for mokutil deployed, addressing medium-level vulnerabilities linked to SBAT revocation for SUSE platforms.. SUSE Updates,Mokutil Updates,SUSE Linux Security,Patch Management. . LinuxSecurity.com Team
Aug 03, 2022
SuSE
100
security advisorymoderateupdateSUSE: 2022:2638-2 Moderate: Systemd Journal Log Vulnerability Fix
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for mokutil ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2637-1 Rating: moderate References: #1198458 Affected Products: SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for mokutil fixes the following issues: - Adds SBAT revocation support to mokutil. (bsc#1198458) New options added (see manpage): - mokutil --sbat List all entries in SBAT. - mokutil --set-sbat-policy (latest | previous | delete) To set the SBAT acceptance policy. - mokutil --list-sbat-revocations To list the current SBAT revocations. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2637=1 Package List: - SUSE Linux Enterprise Server 12-SP5 (x86_64): mokutil-0.2.0-23.6.1 mokutil-debuginfo-0.2.0-23.6.1 mokutil-debugsource-0.2.0-23.6.1 References: https://bugzilla.suse.com/1198458 . SUSE Security Advisory: Critical update for mokutil introducing SBAT revocation features along with detailed patching guidelines.. SUSE Linux Update,mokutil Security Fix,SBAT Support,Moderate Update. . LinuxSecurity.com Team
Aug 03, 2022
SuSE
89
security advisorymoderateupdateFedora 34: 2021-cab258a413 Moderate: Shim Bootloader Security Update
- Update to shim 15.4 - Support for revocations via the ".sbat" section and SBAT EFI variable - A new unit test framework and a bunch of unit tests - No external gnu-efi dependency - Better CI Resolves: CVE-2020-14372 Resolves: CVE-2020-25632 Resolves: CVE-2020-25647 Resolves: CVE-2020-27749 Resolves: CVE-2020-27779 Resolves: CVE-2021-20225 Resolves: CVE-2021-20233 - Mark. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-cab258a413 2021-04-23 21:03:15.426820 --------------------------------------------------------------------------------Name : shim Product : Fedora 34 Version : 15.4 Release : 4 URL : https://github.com/rhboot/shim/ Summary : First-stage UEFI bootloader Description : Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. This package contains the version signed by the UEFI signing service. --------------------------------------------------------------------------------Update Information: - Update to shim 15.4 - Support for revocations via the ".sbat" section and SBAT EFI variable - A new unit test framework and a bunch of unit tests - No external gnu-efi dependency - Better CI Resolves: CVE-2020-14372 Resolves: CVE-2020-25632 Resolves: CVE-2020-25647 Resolves: CVE-2020-27749 Resolves: CVE-2020-27779 Resolves: CVE-2021-20225 Resolves: CVE-2021-20233 - Mark signed shim packages as protected in dnf. Resolves: rhbz#1874541 - Conflict with older fwupd, but don't require it. Resolves: rhbz#1877751 --------------------------------------------------------------------------------ChangeLog: * Wed Apr 21 2021 Javier Martinez Canillas - 15.4-4 - Fix handling of ignore_db and user_insecure_mode (pjones) - Fix booting on pre-UEFI Macs (pjones) - Fix mok variable storage allocation region (glin) Resolves: rhbz#1948432 - Fix the package version in the .sbat data (pjones) * Tue Apr 62021 Peter Jones - 15.4-3 - Mark signed shim packages as protected in dnf. Resolves: rhbz#1874541 - Conflict with older fwupd, but don't require it. Resolves: rhbz#1877751 * Tue Apr 6 2021 Peter Jones - 15.4-2 - Update to shim 15.4 - Support for revocations via the ".sbat" section and SBAT EFI variable - A new unit test framework and a bunch of unit tests - No external gnu-efi dependency - Better CI Resolves: CVE-2020-14372 Resolves: CVE-2020-25632 Resolves: CVE-2020-25647 Resolves: CVE-2020-27749 Resolves: CVE-2020-27779 Resolves: CVE-2021-20225 Resolves: CVE-2021-20233 --------------------------------------------------------------------------------References: [ 1 ] Bug #1592148 - pxeboot shim crash using newer edk2 firmware https://bugzilla.redhat.com/show_bug.cgi?id=1592148 [ 2 ] Bug #1651016 - kexec/kdump kernel fails to load with EFI secure boot enabled https://bugzilla.redhat.com/show_bug.cgi?id=1651016 [ 3 ] Bug #1874541 - Please mark shim packages as protected packages with DNF https://bugzilla.redhat.com/show_bug.cgi?id=1874541 [ 4 ] Bug #1877751 - fwupd replacing dbxtool.x86_64 8-13.fc33 https://bugzilla.redhat.com/show_bug.cgi?id=1877751 [ 5 ] Bug #1938630 - include new bootloaders on Fedora 34 install media so UEFI Secure Boot enabled systems can boot from them https://bugzilla.redhat.com/show_bug.cgi?id=1938630 [ 6 ] Bug #1948432 - efi: Failed to lookup EFI memory descriptor for 0x000000003a572000 https://bugzilla.redhat.com/show_bug.cgi?id=1948432 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-cab258a413' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys usedby the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 23, 2021
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!