Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
202

openSUSE: 2024:0106-1 Moderate sngrep Buffer Overflow Fix

An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for sngrep ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0106-1 Rating: moderate References: Cross-References: CVE-2024-3119 CVE-2024-3120 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for sngrep fixes the following issues: - Update to version 1.8.1 * Fix CVE-2024-3119: sngrep: buffer overflow due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. * Fix CVE-2024-3120: sngrep: stack-buffer overflow due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers. - Update to versino 1.8.0 * fix typo in message, thanks to lintian. * fix compiler warnings about unused variables. * Fixed a typo in comment line in filter.c * Redefine usage of POSIX signals. * Support for building sngrep using CMake added. - Update to version 1.7.0 * save: add option --text to save captured data to plain text * capture: fix memory overflows while parsing IP headers * hep: fix hep listener enabled in offline mode * core: stop sngrep when parent process has ended * ssl: fix decrypt with AES256 GCM SHA384 cipher Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-106=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): sngrep-1.8.1-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-3119.html https://www.suse.com/security/cve/CVE-2024-3120.html . An update for sngrep resolves two significant security vulnerabilities and enhances performance for users on openSUSE platforms.. sngrep Update, moderate security, openSUSE Backports, buffer overflow fix, security patch. . LinuxSecurity.com Team

Calendar%202 Apr 10, 2024 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200