Happy Friday fellow Linux geeks! This week, important updates have been issued for Thunderbird, the axis SOAP implementation in Java and the NTFS-3G read-write NTFS driver for FUSE. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
ThunderbirdThe DiscoveryMultiple security issues were discovered in the popular Thunderbird open-source mail and newsgroup client (CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507 and CVE-2021-38509).
|
axisThe DiscoveryAn issue has been found in the default servlet/services in axis, a SOAP implementation in Java (CVE-2018-8032). The ImpactThis vulnerability can result in cross-site scripting (XSS) attacks. The FixA security update for axis fixes this flaw. We recommend that you upgrade your axis packages immediately to prevent XSS attacks. Your Related Advisories:Register to Customize Your Advisories |
NTFS-3GThe DiscoverySeveral vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE (CVE-2021-33285, CVE-2021-33286, CVE-2021-33287 and CVE-2021-33289). The ImpactA local user can take advantage of these flaws for local root privilege escalation. The FixA NTFS-3G security update fixes these issues. We recommend that you upgrade your ntfs-3g packages as soon as possible to prevent privilege escalation attacks. Your Related Advisories:Register to Customize Your Advisories |