Linux Advisory Watch: December 3, 2021 | LinuxSecurity.com

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 138

Linux Advisory Watch: December 3, 2021

Brittany
Brittany Day
Application 1: Debian, Debian LTS, Fedora, openSUSE, Red Hat, Scientific Linux, SuSE
Application 2: Debian, Debian LTS, Mageia, openSUSE, Ubuntu
Application 3: Debian, Fedora, Mageia, openSUSE, Red Hat
1 - 2 min read 318 12/03/2021

Happy Friday fellow Linux geeks! This week, important updates have been issued for OpenJDK, postgresql and redis. Read on to learn about these vulnerabilities and how to secure your system against them. 

Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

Brittany Day Signature

OpenJDK

The Discovery 

Several vulnerabilities have been discovered in the OpenJDK Java runtime (CVE-2021-35567, CVE-2021-35578, CVE-2021-35586 and CVE-2021-35603).

ghostscriptThe Impact 

These flaws could result in denial of service (DoS), incorrect Kerberos ticket use, selection of weak ciphers or information disclosure.

The Fix

An update has been released that fixes these issues. We recommend that you upgrade your openjdk-17 packages immediately to protect sensitive information and the integrity and availability of your systems.

Your Related Advisories:

Register to Customize Your Advisories

postgresql

The Discovery 

It was discovered that the postgresql server processes unencrypted bytes from a man-in-the-middle attacker (CVE-2021-23214 and CVE-2021-23222).
firefox

The Impact

These bugs could result in man-in-the-middle attacks and the compromise of sensitive data.

The Fix

Updated postgresql packages that fix these two flaws have been released. Update now to protect confidential information and prevent attacks.

Your Related Advisories:

Register to Customize Your Advisories

redis

The Discovery

Eight important security vulnerabilities have been found in redis (CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762 and CVE-2021-41099).

The Impactlibsndfile

These flaws could result in heap buffer overflow and Denial of Service (DoS) attacks.

The Fix

Redis has released an update that fixes these issues. We recommend updating as soon as possible to protect the security and availability of your systems.

Your Related Advisories:

Register to Customize Your Advisories

News

Advisories

HOWTOs

Features

Pulling Back the Curtain: About LinuxSecurity.com
Network Intrusion Detection Using Snort
Keeping Your System Secure is Easier than Ever with LinuxSecurity Customized Advisories!
How To Secure the Linux Kernel
Protect Your Privacy & Improve Your Pentesting in 2022 with Predator-OS

About Us

Powered By

Guardian Digital offers threat-ready business email security gateway services accompanied by unparalleled customer support.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy