Happy Friday fellow Linux geeks! This week, important updates have been issued for python-numpy, Ark and OpenLDAP. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
python-numpyThe DiscoveryThree important security vulnerabilities have been discovered in python-numpy, including buffer overflows in PyArray_NewFromDescr_int function of ctors.c and array_from_pyobj function of fortranobject.c (CVE-2021-33430 and CVE-2021-41496). The ImpactThese bugs could result in denial of service (DoS) attacks. The FixAn update for python-numpy fixes these issues. We recommend that you update now to protect the security and availability of your systems. Your Related Advisories:Register to Customize Your Advisories |
ArkThe DiscoveryIt was found that the Ark archive manager did not sanitize extraction paths (CVE-2020-16116 and CVE-2020-24654). The ImpactThis could result in maliciously crafted archives with symlinks writing outside the extraction directory. The FixAn Ark security update mitigates these flaws. We recommend that you upgrade your Ark packages as soon as possible to protect against potential directory traversal attacks leading to compromise. Your Related Advisories:Register to Customize Your Advisories |
OpenLDAPThe DiscoverySQL injection in back-sql has been discovered in openldap2 (CVE-2022-29155). The ImpactThis flaw could result in SQL injection attacks. The FixAn important update for openldap2 fixes this bug. Update promptly to protect the security and integrity of your systems. Your Related Advisories:Register to Customize Your Advisories |