Happy Friday fellow Linux geeks! This week, important updates have been issued for OpenSSL, LibreOffice and Firefox. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
OpenSSLThe DiscoveryIt was discovered that the BN_mod_sqrt() function of OpenSSL could be tricked into an infinite loop (CVE-2019-1551 and CVE-2022-0778). |
LibreOfficeThe DiscoveryAn incorrect validation of digitally signed documents was discovered in the LibreOffice free and open-source office suite (CVE-2021-25636). The ImpactThis flaw could allow an attacker to create a digitally signed ODF document which, when opened, would cause LibreOffice to verify using the "KeyValue", but to report verification with the unrelated "X509Data" value. The FixAn update for LibreOffice that mitigates this vulnerability is now available. Update as soon as possible to prevent attacks and protect your sensitive information. Your Related Advisories:Register to Customize Your Advisories |
FirefoxThe DiscoveryMultiple security issues have been discovered in the open-source Firefox web browser (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385 and CVE-2022-26387). It was found that Firefox could be made to crash or run programs as your login if it opened a malicious website. The Impact
|
