Linux Advisory Watch: April 1, 2022

Advisories

Linux Advisory Watch: April 1, 2022

Happy Friday fellow Linux geeks! This week, important updates have been issued for Bind, Thunderbird and the Apache HTTP server. Read on to learn about these vulnerabilities and how to secure your system against them. 

Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

Brittany Signature 150

Bind

The Discovery 

A DNS cache poisoning vulnerability due to loose caching rules (CVE-2021-25220) has been discovered in the Bind DNS server.

Bind

The Impact

This vulnerability could result in DNS spoofing, which could potentially divert traffic to an attacker’s computer.

The Fix

An important Bind update fixes this issue. Update now to protect your systems and prevent attacks.

Your Related Advisories:

Register to Customize Your Advisories

Thunderbird

The Discovery 

Multiple security issues have been found in Thunderbird (CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764, CVE-2022-26381, CVE-2022-26383 and CVE-2022-26384).
Thunderbird

The Impact

If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these vulnerabilities to cause a denial of service (DoS), bypass security restrictions, obtain sensitive information, cause undefined behavior, spoof the browser UI, or execute arbitrary code.

The Fix

A security update for Thunderbird mitigates these flaws. We recommend updating promptly to secure sensitive information and protect the security, integrity and availability of your systems.

Your Related Advisories:

Register to Customize Your Advisories

Apache HTTP Server

The Discovery

Several important vulnerabilities have been discovered in the Apache HTTP server (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721 and CVE-2022-23943).

The ImpactApache2

Exploitation of these bugs could result in denial of service (DoS), request smuggling or buffer overflows.

The Fix

An apache2 security update fixes these issues. We recommend updating as soon as possible to secure your systems against attacks and compromise.

Your Related Advisories:

Register to Customize Your Advisories

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.