Linux Advisory Watch: April 1, 2022
Brittany Day
- Application 1: Debian, Debian LTS, Mageia, openSUSE, Slackware, Ubuntu, SuSE
- Application 2: Debian, Debian LTS, Gentoo, Mageia, openSUSE, Red Hat, Scientific Linux, Slackware, SuSE, Ubuntu
- Application 3: Debian LTS, Mageia, Red Hat, Slackware, SuSE, Ubuntu
Happy Friday fellow Linux geeks! This week, important updates have been issued for Bind, Thunderbird and the Apache HTTP server. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
BindThe DiscoveryA DNS cache poisoning vulnerability due to loose caching rules (CVE-2021-25220) has been discovered in the Bind DNS server. |
ThunderbirdThe DiscoveryMultiple security issues have been found in Thunderbird (CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764, CVE-2022-26381, CVE-2022-26383 and CVE-2022-26384). The ImpactIf a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these vulnerabilities to cause a denial of service (DoS), bypass security restrictions, obtain sensitive information, cause undefined behavior, spoof the browser UI, or execute arbitrary code. The FixA security update for Thunderbird mitigates these flaws. We recommend updating promptly to secure sensitive information and protect the security, integrity and availability of your systems. Your Related Advisories:Register to Customize Your Advisories |
Apache HTTP ServerThe DiscoverySeveral important vulnerabilities have been discovered in the Apache HTTP server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721 and CVE-2022-23943). The Impact
|
