Happy Friday fellow Linux geeks! This week, important updates have been issued for OpenJDK, Thunderbird and libwmf. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
OpenJDKThe DiscoverySeveral vulnerabilities have been discovered in the OpenJDK Java runtime (CVE-2022-21496, CVE-2022-21476, CVE-2022-21449, CVE-2022-21443, CVE-2022-21434 and CVE-2022-21426). The ImpactThese issues may result in information disclosure or denial of service (DoS). The FixAn OpenJDK security update fixes these flaws. We recommend that you upgrade your openjdk-11 packages as soon as possible to protect sensitive information and prevent attacks. Your Related Advisories:Register to Customize Your Advisories |
ThunderbirdThe DiscoveryMultiple security issues have been found in Mozilla Thunderbird, including incorrect security status shown after viewing an attached email (CVE-2022-1520), leaking browser history with CSS variables (CVE-2022-29916), iframe sandbox bypass (CVE-2022-29911), and memory safety bugs in Thunderbird 91.9 (CVE-2022-29917). The ImpactThese vulnerabilities could result in the probing of browser history, sandbox bypass, memory corruption and the execution of arbitrary code. The FixUpdated Thunderbird packages mitigate these flaws. Update now to protect the security and integrity of your systems. Your Related Advisories:Register to Customize Your Advisories |
libwmfThe DiscoveryTwo important security bugs have been discovered in libwmf (CVE-2016-9011 and CVE-2019-6978). The ImpactThese issues could allow remote attackers to cause a denial of service (application crash) via a crafted wmf file, which triggers a memory allocation failure. The FixAn update for libwmf that mitigates these flaws is now available. Update immediately to protect against attacks and compromise. Your Related Advisories:Register to Customize Your Advisories |