Happy Friday fellow Linux geeks! This week, important updates have been issued for OpenJDK, log4j12 and OpenSSH. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
OpenJDKThe DiscoverySeveral important vulnerabilities have been discovered in the OpenJDK Java runtime (CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586 and CVE-2021-35603).
|
log4j12The DiscoveryIt was discovered that the JMSAppender class from log4j must be disabled to protect against the log4jshell vulnerability (CVE-2021-4104). The ImpactThis vulnerability allows attackers to execute malicious software by causing Log4j to write a specially-crafted log entry, enabling malicious actors to steal data, deploy ransomware, install back doors, create botnets, mine cryptocurrencies and conduct other illegal activities. The FixAn important update for log4j12 mitigates this issue. Update now! Your Related Advisories:Register to Customize Your Advisories |
OpenSSHThe DiscoveryA double free has been found in the OpenSSH ssh-agent (CVE-2021-28041). The Impact
|
