Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
198
security advisoryhigh severityremote threatArch Linux: ASA-202107-24 High Severity: Ruby2.7 Multiple Issues
The package ruby2.7 before version 2.7.4-1 is vulnerable to multiple issues including silent downgrade and information disclosure. . Arch Linux Security Advisory ASA-202107-24 ========================================= Severity: High Date : 2021-07-14 CVE-ID : CVE-2021-31810 CVE-2021-32066 Package : ruby2.7 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2139 Summary ====== The package ruby2.7 before version 2.7.4-1 is vulnerable to multiple issues including silent downgrade and information disclosure. Resolution ========= Upgrade to 2.7.4-1. # pacman -Syu "ruby2.7> =2.7.4-1" The problems have been fixed upstream in version 2.7.4. Workaround ========= None. Description ========== - CVE-2021-31810 (information disclosure) A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes Net::FTP extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). - CVE-2021-32066 (silent downgrade) A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. Net::IMAP does not raise an exception when StartTLS fails with an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a “StartTLS stripping attack”. Impact ===== A remote man-in-the-middle attacker could strip StartTLS encryption from IMAP connections to disclose authentication credentials and emails. Furthermore, a malicious FTP server could induce connections to an arbitrary IP address and port on a client, leading to potential informationdisclosure. References ========= https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/ https://hackerone.com/reports/1145454 https://github.com/ruby/net-ftp/commit/5709ece67cf57a94655e34532f8a7899b28d496a https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/ https://hackerone.com/reports/1178562 https://github.com/ruby/net-imap/commit/adba6f0c3e5c5607c4822b9120322eb7e9a77891 https://security.archlinux.org/CVE-2021-31810 https://security.archlinux.org/CVE-2021-32066 . Arch Linux Security Notice ASA-202107-25 has reported various security vulnerabilities in the ruby2.7 software package, highlighting significant potential risks.. ruby2.7 security, Arch Linux vulnerabilities, high severity advisory. . LinuxSecurity.com Team
Jul 16, 2021
ArchLinux
198
security advisoryhigh severityinformation disclosureArch Linux: 2021-07-23 Critical Ruby Silent Downgrade and Data Leak
The package ruby before version 3.0.2-1 is vulnerable to multiple issues including silent downgrade and information disclosure. . Arch Linux Security Advisory ASA-202107-23 ========================================= Severity: High Date : 2021-07-14 CVE-ID : CVE-2021-31810 CVE-2021-32066 Package : ruby Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2138 Summary ====== The package ruby before version 3.0.2-1 is vulnerable to multiple issues including silent downgrade and information disclosure. Resolution ========= Upgrade to 3.0.2-1. # pacman -Syu "ruby> =3.0.2-1" The problems have been fixed upstream in version 3.0.2. Workaround ========= None. Description ========== - CVE-2021-31810 (information disclosure) A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes Net::FTP extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). - CVE-2021-32066 (silent downgrade) A security issue has been discovered in Ruby before versions 3.0.2, 2.7.4 and 2.6.8. Net::IMAP does not raise an exception when StartTLS fails with an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a “StartTLS stripping attack”. Impact ===== A remote man-in-the-middle attacker could strip StartTLS encryption from IMAP connections to disclose authentication credentials and emails. Furthermore, a malicious FTP server could induce connections to an arbitrary IP address and port on a client, leading to potential informationdisclosure. References ========= https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/ https://hackerone.com/reports/1145454 https://github.com/ruby/net-ftp/commit/5709ece67cf57a94655e34532f8a7899b28d496a https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/ https://hackerone.com/reports/1178562 https://github.com/ruby/net-imap/commit/adba6f0c3e5c5607c4822b9120322eb7e9a77891 https://security.archlinux.org/CVE-2021-31810 https://security.archlinux.org/CVE-2021-32066 . Critical Arch Linux notice regarding Ruby security flaws posing risks of information leakage and unnoticed version downgrades.. Ruby Security Advisory, Arch Linux Issues, Remote Attack Risks, Information Disclosure. . Severity: Critical. LinuxSecurity.com Team
Jul 16, 2021
•Critical
ArchLinux
198
security advisoryhigh severitysecurity issueArch Linux: ASA-202011-25 High Severity: Mutt Silent Downgrade
The package mutt before version 2.0.2-1 is vulnerable to silent downgrade. . Arch Linux Security Advisory ASA-202011-25 ========================================= Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-28896 Package : mutt Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1288 Summary ====== The package mutt before version 2.0.2-1 is vulnerable to silent downgrade. Resolution ========= Upgrade to 2.0.2-1. # pacman -Syu "mutt> =2.0.2-1" The problem has been fixed upstream in version 2.0.2. Workaround ========= None. Description ========== A security issue has been found in Mutt before version 2.0.2 and NeoMutt before version 20201120 that could result in authentication credentials being sent over an unencrypted connection, without $ssl_force_tls being consulted. During connection, if the server provided an illegal initial response, the application "bailed", but did not actually close the connection. The calling code relied on the connection status to decide to continue with authentication, instead of checking the "bail" return value. Impact ===== An attacker in position of man-in-the-middle might be able to intercept and alter messages between the e-mail client and the server. References ========= http://lists.mutt.org/pipermail/mutt-users/Week-of-Mon-20201116/002134.html https://mailman.neomutt.org/pipermail/neomutt-users-neomutt.org/2020-November/000929.html https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a https://github.com/neomutt/neomutt/commit/9c36717a3e2af1f2c1b7242035455ec8112b4b06 https://security.archlinux.org/CVE-2020-28896 . Critical alert for Arch Linux patrons regarding the mutt silent rollback security flaw, mandating an immediate application patch.. Arch Linux, Mutt Package, Silent Downgrade Issue, Security Fix. . LinuxSecurity.com Team
Dec 05, 2020
ArchLinux
198
security advisoryhigh severityauthentication issueArch Linux ASA-202011-24 High Severity Neomutt Silent Downgrade
The package neomutt before version 20201120-1 is vulnerable to silent downgrade. . Arch Linux Security Advisory ASA-202011-24 ========================================= Severity: High Date : 2020-11-26 CVE-ID : CVE-2020-28896 Package : neomutt Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1289 Summary ====== The package neomutt before version 20201120-1 is vulnerable to silent downgrade. Resolution ========= Upgrade to 20201120-1. # pacman -Syu "neomutt> =20201120-1" The problem has been fixed upstream in version 20201120. Workaround ========= None. Description ========== A security issue has been found in Mutt before version 2.0.2 and NeoMutt before version 20201120 that could result in authentication credentials being sent over an unencrypted connection, without $ssl_force_tls being consulted. During connection, if the server provided an illegal initial response, the application "bailed", but did not actually close the connection. The calling code relied on the connection status to decide to continue with authentication, instead of checking the "bail" return value. Impact ===== An attacker in position of man-in-the-middle might be able to intercept and alter messages between the e-mail client and the server. References ========= http://lists.mutt.org/pipermail/mutt-users/Week-of-Mon-20201116/002134.html https://mailman.neomutt.org/pipermail/neomutt-users-neomutt.org/2020-November/000929.html https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a https://github.com/neomutt/neomutt/commit/9c36717a3e2af1f2c1b7242035455ec8112b4b06 https://security.archlinux.org/CVE-2020-28896 . Critical Alert for Arch Linux: Vulnerability in Neomutt allows for unnoticed downgrades. Immediate upgrade recommended for secure communications.. Arch Linux, Neomutt, Silent Downgrade, Security Advisory. . LinuxSecurity.com Team
Dec 05, 2020
ArchLinux
198
security advisoryhigh severityArch LinuxArch Linux: ASA-201907-3 High Severity: python2-django Silent Downgrade
The package python2-django before version 1.11.22-1 is vulnerable to silent downgrade. . Arch Linux Security Advisory ASA-201907-3 ======================================== Severity: High Date : 2019-07-06 CVE-ID : CVE-2019-12781 Package : python2-django Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1001 Summary ====== The package python2-django before version 1.11.22-1 is vulnerable to silent downgrade. Resolution ========= Upgrade to 1.11.22-1. # pacman -Syu "python2-django> =1.11.22-1" The problem has been fixed upstream in version 1.11.22. Workaround ========= None. Description ========== An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP. Impact ===== A remote attacker is able to perform a man-in-the-middle attack if a HTTP request is not redirected to HTTPS. References ========= https://docs.djangoproject.com/en/2.2/releases/2.2.3/ https://www.openwall.com/lists/oss-security/2019/07/01/3 https://github.com/django/django/commit/77706a3e4766da5d5fb75c4db22a0a59a28e6cd6 https://security.archlinux.org/CVE-2019-12781 . Arch Linux Security Advisory ASA-202110-1 addresses an unnoticed vulnerability in python3-numpy and outlines corrective actions.. Arch Linux Security, Python2-Django Issue, High Severity Advisory. . LinuxSecurity.com Team
Jul 09, 2019
ArchLinux
198
security advisoryhigh severityremote attackArch Linux: ASA-201907-2 High: python-django Silent Downgrade
The package python-django before version 2.2.3-1 is vulnerable to silent downgrade. . Arch Linux Security Advisory ASA-201907-2 ======================================== Severity: High Date : 2019-07-06 CVE-ID : CVE-2019-12781 Package : python-django Type : silent downgrade Remote : Yes Link : https://security.archlinux.org/AVG-1000 Summary ====== The package python-django before version 2.2.3-1 is vulnerable to silent downgrade. Resolution ========= Upgrade to 2.2.3-1. # pacman -Syu "python-django> =2.2.3-1" The problem has been fixed upstream in version 2.2.3. Workaround ========= None. Description ========== An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words, django.http.HttpRequest.scheme has incorrect behavior when a client uses HTTP. Impact ===== A remote attacker is able to perform a man-in-the-middle attack if a HTTP request is not redirected to HTTPS. References ========= https://docs.djangoproject.com/en/2.2/releases/2.2.3/ https://www.openwall.com/lists/oss-security/2019/07/01/3 https://github.com/django/django/commit/77706a3e4766da5d5fb75c4db22a0a59a28e6cd6 https://security.archlinux.org/CVE-2019-12781 . The Debian Security Advisory DSA-2019-045 highlights a critical silent downgrade vulnerability in the python-flask packages.. python-django silent downgrade, Arch Linux security, high severity advisory. . LinuxSecurity.com Team
Jul 09, 2019
ArchLinux
198
security advisorycode executioninformation disclosureArchLinux: ASA-201709-1 Critical: Code Execution and Access Risks
The package chromium before version 61.0.3163.79-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, information disclosure and silent downgrade. . Arch Linux Security Advisory ASA-201709-1 ======================================== Severity: Critical Date : 2017-09-06 CVE-ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114 CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118 CVE-2017-5119 CVE-2017-5120 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-391 Summary ====== The package chromium before version 61.0.3163.79-1 is vulnerable to multiple issues including arbitrary code execution, access restriction bypass, information disclosure and silent downgrade. Resolution ========= Upgrade to 61.0.3163.79-1. # pacman -Syu "chromium> =61.0.3163.79-1" The problems have been fixed upstream in version 61.0.3163.79. Workaround ========= None. Description ========== - CVE-2017-5111 (arbitrary code execution) A use-after-free vulnerability has been found in the PDFium component of the Chromium browser < 61.0.3163.79. - CVE-2017-5112 (arbitrary code execution) A heap-based buffer overflow vulnerability has been found in the WebGL component of the Chromium browser < 61.0.3163.79. - CVE-2017-5113 (arbitrary code execution) A heap-based buffer overflow vulnerability has been found in the Skia component of the Chromium browser < 61.0.3163.79. - CVE-2017-5114 (arbitrary code execution) A memory lifecycle vulnerability has been found in the PDFium component of the Chromium browser < 61.0.3163.79. - CVE-2017-5115 (arbitrary code execution) A type confusion vulnerability has been found in the V8 component of the Chromium browser < 61.0.3163.79. - CVE-2017-5116 (arbitrary code execution) A type confusion vulnerability has been found in the V8 component of the Chromium browser < 61.0.3163.79. - CVE-2017-5117(information disclosure) A use of initialized value issue has been found in the Skia component of the Chromium browser < 61.0.3163.79. - CVE-2017-5118 (access restriction bypass) A content security policy bypass vulnerability has been found in the Blink component of the Chromium browser < 61.0.3163.79. - CVE-2017-5119 (information disclosure) A use of initialized value issue has been found in the Skia component of the Chromium browser < 61.0.3163.79. - CVE-2017-5120 (silent downgrade) A potential issue leading to HTTPS downgrade during redirect navigation has been found in the Chromium browser < 61.0.3163.79. Impact ===== A remote attacker can access sensitive information, bypass the content security policy, force a downgrade from HTTPS to HTTP and execute arbitrary code on the affected host. References ========= https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://bugs.chromium.org/p/chromium/issues/detail?id=737023 https://bugs.chromium.org/p/chromium/issues/detail?id=740603 https://bugs.chromium.org/p/chromium/issues/detail?id=747043 https://bugs.chromium.org/p/chromium/issues/detail?id=752829 https://bugs.chromium.org/p/chromium/issues/detail?id=744584 https://bugs.chromium.org/p/chromium/issues/detail?id=759624 https://bugs.chromium.org/p/chromium/issues/detail?id=739190 https://bugs.chromium.org/p/chromium/issues/detail?id=747847 https://bugs.chromium.org/p/chromium/issues/detail?id=725127 https://bugs.chromium.org/p/chromium/issues/detail?id=718676 https://security.archlinux.org/CVE-2017-5111 https://security.archlinux.org/CVE-2017-5112 https://security.archlinux.org/CVE-2017-5113 https://security.archlinux.org/CVE-2017-5114 https://security.archlinux.org/CVE-2017-5115 https://security.archlinux.org/CVE-2017-5116 https://security.archlinux.org/CVE-2017-5117 https://security.archlinux.org/CVE-2017-5118 https://security.archlinux.org/CVE-2017-5119 https://security.archlinux.org/CVE-2017-5120 . DebianSecurity Advisory DSA-2023-007 identifies severe vulnerabilities in firefox prior to version 93.0-1.. Arch Linux, Chromium Security, Code Execution, Access Restrictions. . Severity: Critical. LinuxSecurity.com Team
Sep 06, 2017
•Critical
ArchLinux
198
security advisoryhigh severitypackage upgradeArch Linux ASA-201507-23 High: Pacman Silent Downgrade Threat
The package pacman before version 4.2.1-2 is vulnerable to silent downgrade via a man-in-the-middle attack. . Arch Linux Security Advisory ASA-201507-23 ========================================= Severity: High Date : 2015-07-29 CVE-ID : None Package : pacman Type : silent downgrade Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package pacman before version 4.2.1-2 is vulnerable to silent downgrade via a man-in-the-middle attack. Resolution ========= Upgrade to 4.2.1-2. # pacman -Syu "pacman> =4.2.1-2" The problem has been fixed upstream but no release is available yet. Workaround ========= None. Description ========== A flaw has been discovered in pacman that is leading to possible silent package downgrade when exploited. While loading each package it was not ensured that the internal version matches the expected database version, leading to the possibility to circumvent the version check. This issue can be used by an attacker to trick the software into installing an older version. This behavior can be exploited by a man-in-the-middle attack through specially crafted database tarball containing a higher version, yet actually delivering an older and vulnerable version, which was previously shipped. Impact ===== A remote attacker able to perform a man-in-the-middle attack is able to make use of a specially crafted database tarball to silently install an older and vulnerable version of a previously shipped package. References ========= https://lists.archlinux.org/pipermail/pacman-dev/2015-July/020238.html https://bugs.archlinux.org/task/45687 . Arch Linux Security Notice ASB-201512-42 highlights a critical flaw in iptables, recommending prompt patches and system reviews.. Arch Linux Security,pacman downgrade,upgrade recommendations. . LinuxSecurity.com Team
Jul 29, 2015
ArchLinux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!