Download
| Alert*
oval:org.secpod.oval:def:55060
curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:51011 Linux Mint 19.x is installed oval:org.secpod.oval:def:51172 openjdk-lts: Open Source Java implementation - openjdk-8: Open Source Java implementation USN-3804-1 introduced a regression in OpenJDK. oval:org.secpod.oval:def:51122 openjdk-lts: Open Source Java implementation Details: USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Linux Mint 19.x LTS. Unfortunately, that update introduced a regression around accessability support that prevented some Java applications from starting. This update fixes the problem. We apologi ... oval:org.secpod.oval:def:54513 ntfs-3g: read/write NTFS driver for FUSE Details: USN-3914-1 fixed vulnerabilities in NTFS-3G. As an additional hardening measure, this update removes the setuid bit from the ntfs-3g binary. Original advisory A hardening measure was added to NTFS-3G. oval:org.secpod.oval:def:59614 apport: automatically generate crash reports for debugging Details: USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4171-1 introduced a regression in Appo ... oval:org.secpod.oval:def:55315 samba: SMB/CIFS file, print, and login server for Unix Details: USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3976-1 introduced a regression i ... oval:org.secpod.oval:def:55513 firefox: Mozilla Open Source web browser Details: USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3991-1 caused a regr ... oval:org.secpod.oval:def:55514 firefox: Mozilla Open Source web browser Details: USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. W ... oval:org.secpod.oval:def:58862 apache2: Apache HTTP server Details: USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory ... oval:org.secpod.oval:def:58859 dovecot: IMAP and POP3 email server Details: USN-4110-1 fixed a vulnerability in Dovecot. The update introduced a regression causing a wrong check. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4110-1 introduced a regression in Dovecot. oval:org.secpod.oval:def:58883 ibus: Intelligent Input Bus - core Details: USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Original advisory USN 4134-1 introduced a regression in IBus. oval:org.secpod.oval:def:59616 firefox: Mozilla Open Source web browser Details: USN-4165-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory USN-4165-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:51178 ghostscript: PostScript and PDF interpreter Details: USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem. Original advisory USN-3831-1 introduced a regression in Ghostscript. oval:org.secpod.oval:def:51225 ghostscript: PostScript and PDF interpreter Details: USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Original advisory USN-3866-2 introduced a regressi ... oval:org.secpod.oval:def:51183 poppler: PDF rendering library Details: USN-3837-1 fixed vulnerabilities in poppler. A regression was reported regarding the previous update. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3837-1 introduced a regression in poppler. oval:org.secpod.oval:def:51140 webkit2gtk: Web content engine library for GTK+ Details: USN-3781-1 fixed vulnerabilities in WebKitGTK+. The updated package was missing some header files, preventing certain applications from building. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3781-1 i ... oval:org.secpod.oval:def:51126 clamav: Anti-virus utility for Unix Details: USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3722-1 introduced a regressio ... oval:org.secpod.oval:def:51097 clamav: Anti-virus utility for Unix Details: USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. We a ... oval:org.secpod.oval:def:51139 apparmor: Linux security system Use a more restrictive blacklist in several policy abstractions. oval:org.secpod.oval:def:51169 firefox: Mozilla Open Source web browser Details: USN-3801-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory USN-3801-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:51123 firefox: Mozilla Open Source web browser Details: USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines. This update fixes the problems. We apologize for the inconvenience. Original advisory USN-3761-1 caused several ... oval:org.secpod.oval:def:51124 firefox: Mozilla Open Source web browser Details: USN-3761-1 fixed vulnerabilities in Firefox. The update caused several regressions affecting spellchecker dictionaries and search engines, which were partially fixed by USN-3761-2. This update contains the remaining fix. We apologize for the inconven ... oval:org.secpod.oval:def:51042 firefox: Mozilla Open Source web browser Details: USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumsances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3645-1 caused a regression i ... oval:org.secpod.oval:def:51224 ghostscript: PostScript and PDF interpreter Details: USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Original advisory USN-3866-1 introduced a regression in Ghostscript. oval:org.secpod.oval:def:54512 firefox: Mozilla Open Source web browser Details: USN-3918-1 fixed vulnerabilities in Firefox. The update caused web compatibility and performance issues with some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3918-1 caused a regression in Firefox ... oval:org.secpod.oval:def:51071 firefox: Mozilla Open Source web browser Details: USN-3705-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory USN-3705-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:54104 firefox: Mozilla Open Source web browser Details: USN-3918-1 fixed vulnerabilities in Firefox. The update caused web compatibility issues with some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3918-1 caused a regression in Firefox. oval:org.secpod.oval:def:53012 nvidia-graphics-drivers-390: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to expose sensitive information. oval:org.secpod.oval:def:58865 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:51211 linux: Linux kernel Details: USN-3871-1 fixed vulnerabilities in the Linux kernel for Linux Mint 19.x LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the meta_bg option enabled. This update fixes the problems. We apologize for ... oval:org.secpod.oval:def:51075 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors Deta ... oval:org.secpod.oval:def:73432 gnome-autoar: Archive integration support for GNOME Details: USN-4937-1 fixed a vulnerability in GNOME Autoar. The update caused a regression when extracting certain archives. This update fixes the problem. Original advisory USN-4937-1 introduced a regression in GNOME Autoar. oval:org.secpod.oval:def:73446 rpcbind: converts RPC program numbers into universal addresses Details: USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4986-1 c ... oval:org.secpod.oval:def:55321 libseccomp: library for working with the Linux seccomp filter libseccomp could allow unintended access to system calls. oval:org.secpod.oval:def:51173 libssh: A tiny C SSH library Details: USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem. Original advisory USN-3795-1 and USN-3795-2 introduced a regression in libssh. oval:org.secpod.oval:def:58869 systemd: system and service manager Details: USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4120-1 cause ... oval:org.secpod.oval:def:59610 whoopsie: Ubuntu error tracker submission Details: USN-4170-1 fixed a vulnerability in Whoopsie. The update caused Whoopsie to crash when sending reports. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4170-1 caused a regression in Whoopsie. oval:org.secpod.oval:def:59615 whoopsie: Ubuntu error tracker submission Details: USN-4170-1 fixed a vulnerability in Whoopsie and USN-4170-2 fixed a subsequent regression. That update was incomplete and could still result in Whoopsie potentially crashing when uploading crash reports on some architectures. This update fixes the p ... oval:org.secpod.oval:def:54409 rssh: Restricted shell allowing scp, sftp, cvs, svn, rsync or rdist rssh could be made to run arbitrary commands if it received specially crafted input. oval:org.secpod.oval:def:55014 tcpflow: TCP flow recorder tcpflow could be made to crash or expose sensitive information over the network if it opened a specially crafted file or received specially crafted network traffic. oval:org.secpod.oval:def:54105 libapache2-mod-auth-mellon: SAML 2.0 authentication module for Apache Several security issues were fixed in mod_auth_mellon. oval:org.secpod.oval:def:54588 memcached: high-performance memory object caching system Memcached could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:54107 gpac: GPAC Project on Advanced Content GPAC could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:55314 gnome-desktop3: Introspection data for GnomeDesktop gnome-desktop could be made to escape the thumbnailer sandbox. oval:org.secpod.oval:def:51220 gvfs: userspace virtual filesystem - GIO module GVfs could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:55056 libmediainfo: library reading metadata from media files MediaInfo could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:55316 keepalived: Failover and monitoring daemon for LVS clusters Keepalived could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:54586 freeradius: high-performance and highly configurable RADIUS server FreeRADIUS could be made to bypass authentication if it received a specially crafted input. oval:org.secpod.oval:def:75923 firefox: Mozilla Open Source web browser Details: USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a regression that caused Firefox to repeatedly prompt for a password. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5037-1 caused a regressi ... oval:org.secpod.oval:def:75927 openssl1.0: Secure Socket Layer cryptographic library and tools Details: USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Linux Mint 19.x LTS. Original advisory OpenSSL could be made to crash or expose sensitive information if ... oval:org.secpod.oval:def:75934 ntfs-3g: read/write NTFS driver for FUSE NTFS-3G could be made to execute arbitrary code if it received a specially crafted image file. oval:org.secpod.oval:def:75955 curl: HTTP, HTTPS, and FTP client and client libraries Details: USN-5079-1 fixed vulnerabilities in curl. One of the fixes introduced a regression on Linux Mint 19.x LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5079-1 introduced a regression in curl. oval:org.secpod.oval:def:75960 linux: Linux kernel - linux-hwe-5.11: Linux hardware enablement kernel - linux-hwe-5.4: Linux hardware enablement kernel - linux-hwe: Linux hardware enablement kernel IBM s390x systems could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:75963 ca-certificates: Common CA certificates A certificate about to expire was removed from ca-certificates. oval:org.secpod.oval:def:75964 apache2: Apache HTTP server Details: USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. Original advisory USN-5090-1 introduced a regression in Apache HTTP Server. oval:org.secpod.oval:def:75967 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems Details: USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update intro ... oval:org.secpod.oval:def:75996 apport: automatically generate crash reports for debugging Apport could be made to create files as the administrator. oval:org.secpod.oval:def:55057 libraw: raw image decoder library Several security issues were fixed in LibRaw. oval:org.secpod.oval:def:54402 advancecomp: collection of recompression utilities AdvanceCOMP could be made to run arbitrary code if it opened a specially crafted file. oval:org.secpod.oval:def:54589 python-gnupg: Python wrapper for the GNU Privacy Guard Several security issues were fixed in python-gnupg oval:org.secpod.oval:def:79879 firefox: Mozilla Open Source web browser Details: USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5321-1 introduced minor regressions in Firefox. oval:org.secpod.oval:def:79884 tar: GNU version of the tar archiving utility tar could be made to crash if it received specially crafted file. oval:org.secpod.oval:def:80407 cron: process scheduling daemon Details: USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in Cron. oval:org.secpod.oval:def:80422 git: fast, scalable, distributed revision control system Details: USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix the issue. This update fixes the problem. Original advisory UNS-5376-1 was missing patches to properly fix the addressed issues. oval:org.secpod.oval:def:75938 python-pysaml2: Pure python implementation of SAML2 PySAML2 could be made to accept invalid SAML documents. oval:org.secpod.oval:def:55312 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:54397 wget: retrieves files from the web Several security issues were fixed in Wget. oval:org.secpod.oval:def:51103 lxc: Linux Containers userspace tools LXC would allow unintended access to files. oval:org.secpod.oval:def:51142 texlive-bin: TeX Live: path search library for TeX Several security issues were fixed in Tex Live. oval:org.secpod.oval:def:55317 freerdp: RDP client for Windows Terminal Services Details: USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Linux Mint 19.x LTS and Ubuntu 18.10. Original advisory Several security issues were fixed in FreeRDP. oval:org.secpod.oval:def:54408 ruby2.5: Interpreter of object-oriented scripting language Ruby - ruby2.3: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby2.0: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:54109 dovecot: IMAP and POP3 email server Dovecot could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:54587 bind9: Internet Domain Name Server Bind could be made to consume resources if it received specially crafted network traffic. oval:org.secpod.oval:def:71251 python-django: High-level Python web development framework Django could be made to overwrite files. oval:org.secpod.oval:def:54404 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to create files in unexpected locations. oval:org.secpod.oval:def:79867 ckeditor: text editor which can be embedded into web pages Several security issues were fixed in CKEditor. oval:org.secpod.oval:def:55320 evolution-data-server: Evolution suite data server Evolution Data Server would sometimes display email content as encrypted when it was not. oval:org.secpod.oval:def:55015 gnome-shell: graphical shell for the GNOME desktop GNOME Shell could be made to execute keyboard shortcuts and other actions while the workstation was locked. oval:org.secpod.oval:def:72099 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:72088 intel-microcode: Processor microcode for Intel CPUs Details: USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Original advisory Several security issues were fixed in Intel Microcode. oval:org.secpod.oval:def:72090 clamav: Anti-virus utility for Unix Details: USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory USN-4918-1 introduced a regression in ClamAV that could cause it to fail to scan. oval:org.secpod.oval:def:62251 apache2: Apache HTTP server TLSv1.3 support has been enabled in Apache HTTP Server in Linux Mint 19.x LTS. oval:org.secpod.oval:def:62250 dino-im: modern XMPP client Several security issues were fixed in dino-im. oval:org.secpod.oval:def:62249 icu: International Components for Unicode library ICU could be made to execute arbitrary code if it received a specially crafted string. oval:org.secpod.oval:def:70299 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:70296 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it processed specially crafted input. oval:org.secpod.oval:def:70297 aptdaemon: transaction based package management service Several security issues were fixed in Aptdaemon. oval:org.secpod.oval:def:53952 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:53953 xmltooling: C++ XML parsing library with encryption support xmltooling could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:70288 xorg-server: X.Org X11 server - xorg-server-hwe-18.04: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server Several security issues were fixed in X.Org X Server. oval:org.secpod.oval:def:70286 containerd: daemon to control runC containerd could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:70291 php-pear: PHP Extension and Application Repository PEAR could be made to run programs as an administrator. oval:org.secpod.oval:def:70294 snapcraft: easily craft snaps An intended access restriction could be bypassed in snaps built with Snapcraft oval:org.secpod.oval:def:62693 bluez: Bluetooth tools and daemons Several security issues were fixed in BlueZ. oval:org.secpod.oval:def:70256 libexif: library to parse EXIF files libexif could be made to execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:70258 intel-microcode: Processor microcode for Intel CPUs Several security issues were fixed in Intel Microcode. oval:org.secpod.oval:def:70251 phpldapadmin: A web-based LDAP client phpLDAPadmin could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:70247 spice-vdagent: Spice agent for Linux Several security issues were fixed in SPICE vdagent. oval:org.secpod.oval:def:70241 netty-3.9: Asynchronous event-driven network application framework Several security issues were fixed in Netty. oval:org.secpod.oval:def:70277 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Mutt could be made to expose sensitive information. oval:org.secpod.oval:def:70279 igraph: None igraph could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:70273 pulseaudio: PulseAudio sound server PulseAudio could be made to expose sensitive information. oval:org.secpod.oval:def:70280 poppler: PDF rendering library Details: USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871 introduced a regression causing certain applications linked against poppler to fail. This update backs out the fix pending further investigation. We apologize for the inconvenience. Origin ... oval:org.secpod.oval:def:70281 xdg-utils: desktop integration utilities from freedesktop.org xdg-utils could be made to expose sensitive information. oval:org.secpod.oval:def:70266 intel-microcode: Processor microcode for Intel CPUs Details: USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor ... oval:org.secpod.oval:def:70267 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Details: USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cause TLS connections with client certificate authentication to fail in som ... oval:org.secpod.oval:def:70268 slirp: SLIP/PPP emulator using a dial up shell account slirp could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:70269 krb5: MIT Kerberos Network Authentication Protocol Kerberos could be made to consume unlimited resources if it received specially crafted ASN.1. oval:org.secpod.oval:def:70264 apport: automatically generate crash reports for debugging Details: USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory USN-4171-1 introduced a r ... oval:org.secpod.oval:def:70336 xdg-utils: desktop integration utilities from freedesktop.org Details: USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original adviso ... oval:org.secpod.oval:def:70337 coturn: TURN and STUN server for VoIP coTURN could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:70334 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:62704 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:62700 libpam-krb5: PAM module for MIT Kerberos pam-krb5 could be made to execute arbitrary code if it received a specially crafted response. oval:org.secpod.oval:def:70329 edk2: UEFI firmware for virtual machines Several security issues were fixed in EDK II. oval:org.secpod.oval:def:70325 wavpack: audio codec - encoder and decoder WavPack could be made to execute arbitrary code or crash if it received a specially crafted WAV file. oval:org.secpod.oval:def:70321 horizon: Web interface for OpenStack cloud infrastructure OpenStack Horizon could be made to redirect to a malicious URL. oval:org.secpod.oval:def:70322 p11-kit: p11-glue utilities Several security issues were fixed in p11-kit. oval:org.secpod.oval:def:70320 python-apt: Python interface to libapt-pkg Details: USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4668-1 introduced a regression in py ... oval:org.secpod.oval:def:70112 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:70351 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Mutt could be made to denial of service if it received a specially crafted email message. oval:org.secpod.oval:def:62966 file-roller: archive manager for GNOME File Roller could be made to expose sensitive information. oval:org.secpod.oval:def:62964 git: fast, scalable, distributed revision control system Git could be made to expose sensitive information. oval:org.secpod.oval:def:62960 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:70348 pyxdg: python library to access freedesktop.org standards PyXDG could be made to run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:70340 tar: GNU version of the tar archiving utility Several security issues were fixed in tar. oval:org.secpod.oval:def:70319 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:70312 gst-plugins-base1.0: GStreamer plugins - gst-plugins-base0.10: GStreamer plugins GStreamer Base Plugins could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:70303 lxml: pythonic binding for the libxml2 and libxslt librarie Details: USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides the corresponding additional patch in order to properly fix the vulnerability. Original advisory lxml could allow cross-si ... oval:org.secpod.oval:def:70304 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux k ... oval:org.secpod.oval:def:70305 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:70301 python-apt: Python interface to libapt-pkg python-apt could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:72110 python-babel: tools for internationalizing Python applications Babel code be made to execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:70182 apport: automatically generate crash reports for debugging Details: USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4171-1 introduced a regression i ... oval:org.secpod.oval:def:70168 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:72103 awstats: powerful and featureful web server log analyzer Several security issues were fixed in AWStats. oval:org.secpod.oval:def:72100 mariadb-10.5: MariaDB database development files - mariadb-10.3: MariaDB database - mariadb-10.1: MariaDB database Several security issues were fixed in MariaDB. oval:org.secpod.oval:def:70164 ntfs-3g: read/write NTFS driver for FUSE NTFS-3G could be made to crash or potentially run programs as an administrator if executed with specially crafted arguments. oval:org.secpod.oval:def:70166 snapd: Daemon and tooling that enable snap packages An intended access restriction in snapd could be bypassed by strict mode snaps on 64 bit architectures. oval:org.secpod.oval:def:70186 ibus: Intelligent Input Bus - core Details: USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize f ... oval:org.secpod.oval:def:70194 git: fast, scalable, distributed revision control system Git could be made to expose sensitive information. oval:org.secpod.oval:def:70136 freerdp2: RDP client for Windows Terminal Services - freerdp: RDP client for Windows Terminal Services Several security issues were fixed in FreeRDP. oval:org.secpod.oval:def:70378 snapd: Daemon and tooling that enable snap packages An intended access restriction in snapd could be bypassed by container management snaps. oval:org.secpod.oval:def:70137 isc-dhcp: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:70372 php-pear: PHP Extension and Application Repository PEAR could be made to overwrite files as the administrator. oval:org.secpod.oval:def:70373 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation OpenJDK could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:70132 unzip: De-archiver for .zip files Several security issues were fixed in unzip. oval:org.secpod.oval:def:70374 firefox: Mozilla Open Source web browser Details: USN-4717-1 fixed vulnerabilities in Firefox. The update caused a startup hang in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4717-1 introduced a regression in Firefox. oval:org.secpod.oval:def:70133 spice: SPICE protocol client and server library - spice-protocol: SPICE protocol headers Spice could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:70380 postsrsd: Sender Rewriting Scheme via TCP-based lookup tables for Postfix PostSRSd could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:70381 junit4: Simple framework to write repeatable tests The system could be made to expose sensitive information. oval:org.secpod.oval:def:70365 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:70366 ca-certificates: Common CA certificates The CA certificates in the ca-certificates package were updated. oval:org.secpod.oval:def:70367 fastd: Fast and Secure Tunneling Daemon fastd could be made to denial of service it if received a specially crafted input. oval:org.secpod.oval:def:70126 accountsservice: query and manipulate user account information Several security issues were fixed in AccountsService. oval:org.secpod.oval:def:70368 apport: automatically generate crash reports for debugging Several security issues were fixed in Apport. oval:org.secpod.oval:def:70363 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:70364 python-django: High-level Python web development framework Django could be made to overwrite files. oval:org.secpod.oval:def:70371 openldap: Lightweight Directory Access Protocol Several security issues were fixed in OpenLDAP. oval:org.secpod.oval:def:70157 firefox - Mozilla Open Source web browser. USN-4122-1 fixed vulnerabilities in Firefox. The update caused a regression that resulted in a crash when changing YouTube playback speed in some circumstances. This update fixes the problem. Original advisory USN-4122-1 caused a regression in Firefox. oval:org.secpod.oval:def:70158 firefox - Mozilla Open Source web browser. USN-4234-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Original advisory USN-4234-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:70159 firefox - Mozilla Open Source web browser. USN-4278-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. Original advisory USN-4278-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:70394 screen: terminal multiplexer with VT100/ANSI terminal emulation GNU Screen could be made to crash or run programs if it processed specially crafted character sequences. oval:org.secpod.oval:def:70395 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Details: USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Original advisory USN-4698-1 introdu ... oval:org.secpod.oval:def:70155 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:70160 containerd - daemon to control runC. containerd packages from USN-4653-1 were reverted in order to fix a dependency issue with the docker package. This new update fixes the same issues as the previous one. Containerd could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:70387 shiro: Powerful and easy-to-use Java security framework Apache Shiro could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:70142 openjdk-lts: Open Source Java implementation - openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:70384 bind9: Internet Domain Name Server Bind could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:70143 cimg - C++ template image processing toolkit. Several security issues were fixed in CImg. oval:org.secpod.oval:def:70391 openldap: Lightweight Directory Access Protocol OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:70392 qemu: Machine emulator and virtualizer Details: USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-4467-1 introduced a regression in QEMU. oval:org.secpod.oval:def:70393 xterm: X terminal emulator xterm could be made to crash or run programs if it handled specially crafted character sequences. oval:org.secpod.oval:def:70215 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems Details: USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately, that update introduced a regression in overlayfs. This update corrects the problem. ... oval:org.secpod.oval:def:70208 file: Tool to determine file types Details: USN-3911-1 fixed vulnerabilities in file. One of the backported security fixes introduced a regression that caused the interpreter string to be truncated. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3911-1 intro ... oval:org.secpod.oval:def:78179 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:70236 busybox: Tiny utilities for small and embedded systems Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:78190 strongswan: IPsec VPN solution strongSwan could crash or allow unintended access to network services. oval:org.secpod.oval:def:78192 shadow: system login tools Several security issues were fixed in shadow. oval:org.secpod.oval:def:70227 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-aws-5.3: Linux kernel for Amazon Web ... oval:org.secpod.oval:def:70225 nfs-utils: None nfs-utils could be made to overwrite files as the administrator. oval:org.secpod.oval:def:57445 gvfs: Userspace virtual filesystem Several security issues were fixed in GVfs. oval:org.secpod.oval:def:57444 irssi: terminal based IRC client Several security issues were fixed in Irssi. oval:org.secpod.oval:def:70406 wpa: client support for WPA and WPA2 wpa_supplicant could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:70402 python2.7: An interactive high-level object-oriented language Details: USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisor ... oval:org.secpod.oval:def:70404 tiff: Tag Image File Format library Several security issues were fixed in LibTIFF. oval:org.secpod.oval:def:57453 bzip2: high-quality block-sorting file compressor - utilities Details: USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. We apologize for the inconvenience. Original advisory USN-4038-1 introduced a regression i ... oval:org.secpod.oval:def:57451 policykit-desktop-privileges: run common desktop actions without password A security improvement has been made to policykit-desktop-privileges. oval:org.secpod.oval:def:57454 expat: XML parsing C library Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file. oval:org.secpod.oval:def:57448 libmysofa: library to read HRTFs stored in the AES69-2015 SOFA format libmysofa could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:57447 firefox: Mozilla Open Source web browser A sandbox escape was discovered in Firefox. oval:org.secpod.oval:def:78169 firefox: Mozilla Open Source web browser Details: USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5186-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:57458 znc: advanced modular IRC bouncer znc could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:71636 exim4: Exim is a mail transport agent Several security issues were fixed in Exim. oval:org.secpod.oval:def:78194 ldns: ldns library for DNS programming ldns could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:62701 apport: automatically generate crash reports for debugging Several security issues were fixed in Apport. oval:org.secpod.oval:def:62703 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to execute arbitrary code if it received a specially crafted HTTP/2 request. oval:org.secpod.oval:def:55019 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:70314 wavpack: audio codec - encoder and decoder WavPack could be made to crash if it received a specially crafted file. oval:org.secpod.oval:def:55016 ffmpeg: Tools for transcoding, streaming and playing of multimedia files FFmpeg could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:70253 openldap: Lightweight Directory Access Protocol OpenLDAP could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:70257 moin: Collaborative hypertext environment Several security issues were fixed in MoinMoin. oval:org.secpod.oval:def:71245 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:71249 spamassassin: Perl-based spam filter using text analysis SpamAssassin could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:71236 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:70262 postgresql-12: Object-relational SQL database - postgresql-10: Object-relational SQL database - postgresql-9.5: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:55301 postgresql-10: Object-relational SQL database - postgresql-9.5: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:75951 apport: automatically generate crash reports for debugging Several security issues were fixed in Apport. oval:org.secpod.oval:def:70300 apt: Advanced front-end for dpkg APT could be made to crash or stop responding if it opened a specially crafted file. oval:org.secpod.oval:def:70263 vino: VNC server for GNOME - libvncserver: vnc server library LibVNCServer and Vino could be made to crash. oval:org.secpod.oval:def:70357 libxstream-java: Java library to serialize objects to XML and back again Several security issues were fixed in libxstream-java. oval:org.secpod.oval:def:70347 log4net: Highly configurable logging API for the CLI log4net Apache Log4net could made to expose sensitive information if it received a specially crafted configuration file. oval:org.secpod.oval:def:70169 busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:70116 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:70141 openjdk-lts: Open Source Java implementation - openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:55524 exim4: Exim is a mail transport agent Exim could be made to run commands if it received specially crafted network traffic. oval:org.secpod.oval:def:62962 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51089 python-cryptography: Cryptography Python library python-cryptography could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:70260 raptor2: RDF syntax library raptor2 could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:55054 samba: SMB/CIFS file, print, and login server for Unix Samba could allow unintended access to network services. oval:org.secpod.oval:def:70118 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:55018 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:54399 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:54403 systemd: system and service manager The systemd PAM module could be used to gain additional PolicyKit privileges. oval:org.secpod.oval:def:71247 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:70111 sysstat: system performance tools for Linux Several security issues were fixed in Sysstat. oval:org.secpod.oval:def:72105 djvulibre: DjVu image format library and tools Several security issues were fixed in DjVuLibre. oval:org.secpod.oval:def:70238 debian-lan-config: FAI config space for the Debian-LAN system Debian-LAN could be made to change Kerberos user passwords or run programs as an administrator. oval:org.secpod.oval:def:79878 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:79892 openvpn: virtual private network software OpenVPN could allow unintended access to network services. oval:org.secpod.oval:def:62968 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:70317 libemail-address-list-perl: RFC close address list parsing Email-Address-List could be made to remotely exhaust resources if it received specially crafted email data. oval:org.secpod.oval:def:51109 base-files: Debian base system miscellaneous files base-files could be made to hang or overwrite files as the administrator. oval:org.secpod.oval:def:51167 postgresql-10: Object-relational SQL database PostgreSQL could be made to run SQL statements as the administrator. oval:org.secpod.oval:def:70121 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89383 lrzip: compression program with a very high compression ratio Several security issues were fixed in Long Range ZIP. oval:org.secpod.oval:def:71250 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:70323 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:70271 phpmyadmin: MySQL web administration tool Several security issues were fixed in phpMyAdmin. oval:org.secpod.oval:def:70318 libproxy: automatic proxy configuration management library libproxy could be made to crash or execute arbitrary code if it received a specially crafted file. oval:org.secpod.oval:def:62242 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. oval:org.secpod.oval:def:70343 htmldoc: HTML processor that generates indexed HTML, PS, and PDF HTMLDOC could be made to denial of service if it received a specially crafted HTML file. oval:org.secpod.oval:def:57459 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:70311 mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:55319 corosync: cluster engine daemon and utilities Corosync could be made to crash or execute arbitrary code if it received a specially crafted request. oval:org.secpod.oval:def:78162 apache-log4j2: Apache Log4j - Logging Framework for Java Several security issues were fixed in Apache Log4j 2. oval:org.secpod.oval:def:80432 networkd-dispatcher: Dispatcher service for systemd-networkd connection status changes Several security issues were fixed in networkd-dispatcher. oval:org.secpod.oval:def:79883 netkit-rsh: client programs for remote shell connections rsh would allow unintended modification of target directory permissions. oval:org.secpod.oval:def:75987 ardour: the digital audio workstation Ardour could be made to crash or possibly arbitrary code execute if it received a specially crafted XML file. oval:org.secpod.oval:def:75976 node-bl: A Node.js Buffer list collector node-bl could be made to expose sensitive information if it received specially crafted input. oval:org.secpod.oval:def:80408 openjdk-lts: Open Source Java implementation Details: USN-5313-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression in OpenJDK 11 that could impact interoperability with some popular HTTP/2 servers making it unable to connect to said servers. This ... oval:org.secpod.oval:def:80429 barbican: OpenStack Key Management Service - API Server Several security issues were fixed in barbican. oval:org.secpod.oval:def:70346 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Several security issues were fixed in Dnsmasq. oval:org.secpod.oval:def:55303 gnutls28: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:70187 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:55055 wireshark: network traffic analyzer Wireshark could be made to crash if it received specially crafted network traffic or input files. oval:org.secpod.oval:def:89472 mplayer: movie player for Unix-like systems Several security issues were fixed in MPlayer. oval:org.secpod.oval:def:70224 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Several security issues were fixed in Mutt. oval:org.secpod.oval:def:70292 python-werkzeug: collection of utilities for WSGI applications Several security issues were fixed in Werkzeug. oval:org.secpod.oval:def:70278 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:70313 evince: Document viewer Evince could be made to expose sensitive information if it received a specially crafted file. oval:org.secpod.oval:def:54405 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:57456 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:72087 libxstream-java: Java library to serialize objects to XML and back again Several security issues were fixed in XStream library. oval:org.secpod.oval:def:54108 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89506 node-object-path: Access deep object properties using a path Several security issues were fixed in object-path. oval:org.secpod.oval:def:89507 gif2apng: tool for converting animated GIF images to APNG format Several security issues were fixed in gif2apng. oval:org.secpod.oval:def:88484 spip: website engine for publishing Several security issues were fixed in SPIP. oval:org.secpod.oval:def:88532 htmldoc: HTML processor that generates indexed HTML, PS, and PDF HTMLDOC could be made to crash or run programs if it received specially crafted HTML files. oval:org.secpod.oval:def:88534 influxdb: Scalable datastore for metrics, events, and real-time analytics An InfluxDB vulnerability allowed attackers to login as any known database user. oval:org.secpod.oval:def:88538 ca-certificates: Common CA certificates The CA certificates in the ca-certificates package were updated. oval:org.secpod.oval:def:88545 bluez: Bluetooth tools and daemons Several security issues were fixed in BlueZ. oval:org.secpod.oval:def:88566 phpliteadmin: web-based SQLite database admin tool phpLiteAdmin could allow cross-site scripting attacks. oval:org.secpod.oval:def:88580 exim4: Exim is a mail transport agent Exim could be made to crash of execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:88619 barbican: OpenStack Key Management Service - API Server Barbican could be made to expose sensitive information over the network. oval:org.secpod.oval:def:88624 firefox: Mozilla Open Source web browser Details: USN-5709-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5709-1 introduced minor regressions in Firefox oval:org.secpod.oval:def:88638 firefox: Mozilla Open Source web browser Details: USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5782-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:88639 firefox: Mozilla Open Source web browser Details: USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5782-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:88640 usbredir: usbredir libraries and utilities usbredir could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:79885 libreoffice: Office productivity suite LibreOffice could incorrectly validate document signatures. oval:org.secpod.oval:def:54509 libxslt: XSLT processing library Libxslt could be made to expose sensitive information if it received a specially crafted file. oval:org.secpod.oval:def:72108 runc: Open Container Project runC could be made to overwrite files as the administrator. oval:org.secpod.oval:def:89419 git: fast, scalable, distributed revision control system Details: USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Original advisory USN-5810-1 introduced a regression in Git. oval:org.secpod.oval:def:89422 firefox: Mozilla Open Source web browser Details: USN-5816-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5816-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:89429 python-pip: Python package installer Details: USN-5821-3 fixed a vulnerability in pip. The update introduced a minor regression in Linux Mint 17.x ESM, Linux Mint 18.x ESM and Linux Mint 19.x LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5821-3 caused ... oval:org.secpod.oval:def:89505 amanda: Advanced Maryland Automatic Network Disk Archiver Details: USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in amanda until a better fix is provided. We apologize for the inconvenience. Origi ... oval:org.secpod.oval:def:51038 dpdk: set of libraries for fast packet processing DPDK could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51093 xapian-core: Development files for Xapian search engine library Xapian-core could be made to execute arbitrary code if it received a specially crafted file. oval:org.secpod.oval:def:51104 gdm3: GNOME Display Manager GDM could be made to crash or run programs as the administrator. oval:org.secpod.oval:def:51111 pango1.0: Layout and rendering of internationalized text - gir bindings Pango could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:51095 devscripts: scripts to make the life of a Debian Package maintainer easier devscripts could be made to run arbitrary code if it received a specially crafted YAML file. oval:org.secpod.oval:def:88549 cloud-init: initialization and customization tool for cloud instances cloud-init could be made to expose sensitive information. oval:org.secpod.oval:def:89399 nova: OpenStack Compute cloud infrastructure Several security issues were fixed in Nova. oval:org.secpod.oval:def:70106 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:70123 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. oval:org.secpod.oval:def:70193 python3.7: An interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object- ... oval:org.secpod.oval:def:51072 curl: HTTP, HTTPS, and FTP client and client libraries curl could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51131 udisks2: service to access and manipulate storage devices Udisks could be made to crash or expose sensitive information. oval:org.secpod.oval:def:75936 cpio: a tool to manage archives of files GNU cpio could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:75939 libapache2-mod-auth-mellon: SAML 2.0 authentication module for Apache mod-auth-mellon could be made to redirect to arbitrary sites. oval:org.secpod.oval:def:57463 whoopsie: Ubuntu error tracker submission Whoopsie could be made to crash or expose sensitive information if it processed a specially crafted crash report. oval:org.secpod.oval:def:57462 apport: automatically generate crash reports for debugging Apport could be made to expose sensitive information in crash reports. oval:org.secpod.oval:def:54406 lua5.3: Simple, extensible, embeddable programming language Lua could be made to crash if it received a specially crafted script. oval:org.secpod.oval:def:80434 libsdl2: Cross-platform multimedia library with low access to hardware - libsdl1.2: Simple DirectMedia Layer SDL could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:62247 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:70405 python2.7: An interactive high-level object-oriented language Details: USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177. We apologize for the inconvenience. Original a ... oval:org.secpod.oval:def:88650 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51057 bind9: Internet Domain Name Server Bind could incorrectly enable recursion. oval:org.secpod.oval:def:51026 git: fast, scalable, distributed revision control system Several security issues were fixed in Git. oval:org.secpod.oval:def:51190 gnupg2: GNU privacy guard - a free PGP replacement GnuPG could allow unintended access to network services. oval:org.secpod.oval:def:80418 python-oslo.utils: Oslo Utility library - doc oslo.utils could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:91457 firefox: Mozilla Open Source web browser Details: USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5954-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:91468 firefox: Mozilla Open Source web browser Details: USN-6010-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6010-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:91474 firefox: Mozilla Open Source web browser Details: USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6010-2 caused some minor reg ... oval:org.secpod.oval:def:91484 firefox: Mozilla Open Source web browser Details: USN-6074-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6074-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:91490 ca-certificates: Common CA certificates The CA certificates in the ca-certificates package were updated. oval:org.secpod.oval:def:89476 tar: GNU version of the tar archiving utility tar could be made to crash or expose sensitive information if it received a specially crafted file. oval:org.secpod.oval:def:89468 intel-microcode: Processor microcode for Intel CPUs Several security issues were fixed in Intel Microcode. oval:org.secpod.oval:def:88531 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:79890 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:78183 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:89434 pam: Pluggable Authentication Modules PAM would allow unintended access to the machine over network. oval:org.secpod.oval:def:89435 pam: Pluggable Authentication Modules Details: USN-5825-1 fixed vulnerabilities in PAM. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5825-1 caused some minor regressions in PAM. oval:org.secpod.oval:def:88599 mako: documentation for the Mako Python library Mako could be made to denial of service if it received a specially crafted regular expression. oval:org.secpod.oval:def:88594 intel-microcode: Processor microcode for Intel CPUs A security issue was fixed in Intel Microcode. oval:org.secpod.oval:def:71248 pygments: Generic syntax highlighter Pygments could be made to hang if it opened a specially crafted file. oval:org.secpod.oval:def:78186 qtsvg-opensource-src: Qt 5 SVG module Several security issues were fixed in QtSvg. oval:org.secpod.oval:def:70196 binutils: GNU assembler, linker and binary utilities Several security issues were fixed in GNU binutils. oval:org.secpod.oval:def:62961 libiberty: library of utility functions used by GNU programs Several security issues were fixed in libiberty. oval:org.secpod.oval:def:78196 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to crash or run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:80417 fribidi: Free Implementation of the Unicode BiDi algorithm Several security issues were fixed in fribidi. oval:org.secpod.oval:def:79864 python3.8: An interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object- ... oval:org.secpod.oval:def:70390 python-django: High-level Python web development framework Django could allow unintended access to network services. oval:org.secpod.oval:def:75983 python-bottle: fast and simple WSGI-framework for Python - documentation Bottle could be made to cache malicious requests if it received a specially crafted input. oval:org.secpod.oval:def:75950 git: fast, scalable, distributed revision control system Git incorrectly handled certain repository paths. oval:org.secpod.oval:def:70254 pacemaker: Cluster resource manager Pacemaker could be made to run programs as an administrator. oval:org.secpod.oval:def:54585 pacemaker: Cluster resource manager Several security issues were fixed in Pacemaker. oval:org.secpod.oval:def:78184 clamav: Anti-virus utility for Unix ClamAV could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:59611 freetds: libraries for connecting to MS SQL and Sybase SQL servers FreeTDS could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:73701 bluez: Bluetooth tools and daemons Several security issues were fixed in BlueZ. oval:org.secpod.oval:def:88528 openldap: Lightweight Directory Access Protocol OpenLDAP could be made to perform arbitrary modifications to the database. oval:org.secpod.oval:def:72092 nvidia-graphics-drivers-390: NVIDIA binary X.Org driver - nvidia-graphics-drivers-418-server: NVIDIA Server Driver - nvidia-graphics-drivers-450: NVIDIA binary X.Org driver - nvidia-graphics-drivers-450-server: NVIDIA Server Driver - nvidia-graphics-drivers-460: NVIDIA binary X.Org driver - nvidia-g ... oval:org.secpod.oval:def:70338 nvidia-graphics-drivers-390: NVIDIA binary X.Org driver - nvidia-graphics-drivers-450: NVIDIA binary X.Org driver - nvidia-graphics-drivers-460: NVIDIA binary X.Org driver Several security issues were fixed in NVIDIA graphics drivers. oval:org.secpod.oval:def:70335 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-hwe-5.8: Linux hardware enablement ... oval:org.secpod.oval:def:70350 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-hwe-5.8: Linux hardware enablement ... oval:org.secpod.oval:def:70349 nvidia-graphics-drivers-418-server: NVIDIA Server Driver - nvidia-graphics-drivers-450-server: NVIDIA Server Driver Several security issues were fixed in NVIDIA graphics drivers. oval:org.secpod.oval:def:88563 nvidia-graphics-drivers-390: NVIDIA binary X.Org driver - nvidia-graphics-drivers-450-server: NVIDIA server driver - nvidia-graphics-drivers-470: NVIDIA binary X.Org driver - nvidia-graphics-drivers-470-server: NVIDIA server driver - nvidia-graphics-drivers-510: NVIDIA binary X.Org driver - nvidia-g ... oval:org.secpod.oval:def:70290 freerdp: RDP client for Windows Terminal Services Several security issues were fixed in FreeRDP. oval:org.secpod.oval:def:70233 ceph: distributed storage and file system Several security issues were fixed in Ceph. oval:org.secpod.oval:def:62248 ceph: distributed storage and file system Ceph could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:88565 mod-wsgi: Python WSGI adapter module for Apache mod-wsgi could allow unintended access to network services. oval:org.secpod.oval:def:58861 ceph: distributed storage and file system Ceph could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:89446 tmux: terminal multiplexer tmux could be made to crash if it received a specially crafted input. oval:org.secpod.oval:def:70134 libapache2-mod-perl2: Integration of perl with the Apache2 web server mod_perl could be made to run programs contrary to expectations. oval:org.secpod.oval:def:89417 libxpm: X11 pixmap library Several security issues were fixed in libXpm. oval:org.secpod.oval:def:73434 libwebp: Lossy compression of digital photographic images. libwebp could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:80403 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Several security issues were fixed in Mutt. oval:org.secpod.oval:def:51034 bind9: Internet Domain Name Server Several security issues were fixed in Bind. oval:org.secpod.oval:def:51018 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:51099 python-django: High-level Python web development framework Django could be used as an open redirect. oval:org.secpod.oval:def:89495 python-werkzeug: documentation for the werkzeug Python library Several security issues were fixed in Werkzeug. oval:org.secpod.oval:def:91466 apport: automatically generate crash reports for debugging Apport could be used to escalate privilege on specially configured systems. oval:org.secpod.oval:def:89457 haproxy: fast and reliable load balancing reverse proxy HAProxy could allow unintended access to network services. oval:org.secpod.oval:def:89423 python-setuptools: Python Distutils Enhancements - setuptools: Python Distutils Enhancements Setuptools could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:89475 awstats: powerful and featureful web server log analyzer AWStats could allow cross-site scripting attacks. oval:org.secpod.oval:def:89405 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:88607 strongswan: IPsec VPN solution strongSwan could be made do denial of service if it received a specially crafted certificate. oval:org.secpod.oval:def:88625 nginx: small, powerful, scalable web/proxy server Several security issues were fixed in nginx. oval:org.secpod.oval:def:88608 isc-dhcp: DHCP server and client Several security issues were fixed in DHCP. oval:org.secpod.oval:def:89407 protobuf: protocol buffers C++ library Several security issues were fixed in Protocol Buffers. oval:org.secpod.oval:def:88592 dpdk: set of libraries for fast packet processing DPDK could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:80425 xz-utils: XZ-format compression utilities XZ Utils could be made to overwrite arbitrary files. oval:org.secpod.oval:def:80424 gzip: GNU compression utilities Gzip could be made to overwrite arbitrary files. oval:org.secpod.oval:def:88590 poppler: PDF rendering library poppler could be made to crash or execute arbitrary code if received a specially crafted PDF. oval:org.secpod.oval:def:89444 advancecomp: collection of recompression utilities Several security issues were fixed in AdvanceCOMP. oval:org.secpod.oval:def:88581 open-vm-tools: Open VMware Tools for virtual machines hosted on VMware open-vm-tools could be made to run programs as an administrator. oval:org.secpod.oval:def:88576 unbound: validating, recursive, caching DNS resolver Unbound could be made to cache rogue domain names. oval:org.secpod.oval:def:88550 gnupg2: GNU privacy guard - a free PGP replacement GnuPG could allow forged signatures. oval:org.secpod.oval:def:88556 python-bottle: fast and simple WSGI-framework for Python Bottle could be made to leak sensitive information if it received a specially crafted request. oval:org.secpod.oval:def:80433 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:88570 node-moment: Work with dates in JavaScript Several security issues were fixed in Moment.js. oval:org.secpod.oval:def:88508 paramiko: Python SSH2 library Paramiko would allow unintended access to private key files. oval:org.secpod.oval:def:89502 abcm2ps: Translates ABC music description files to PostScript Several security issues were fixed in abcm2ps. oval:org.secpod.oval:def:80412 twisted: Event-based framework for internet applications Several security issues were fixed in Twisted. oval:org.secpod.oval:def:88539 varnish: state of the art, high-performance web accelerator Several security issues were fixed in Varnish Cache. oval:org.secpod.oval:def:80410 smarty3: The compiling PHP template engine Several security issues were fixed in Smarty. oval:org.secpod.oval:def:89436 privoxy: Privacy enhancing HTTP Proxy Several security issues were fixed in Privoxy. oval:org.secpod.oval:def:75995 mailman: Web-based mailing list manager Several security issues were fixed in Mailman. oval:org.secpod.oval:def:75988 strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:88555 libxml-security-java: Apache XML Security for Java Apache XML Security for Java could be made to expose sensitive information. oval:org.secpod.oval:def:73711 openexr: tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:75926 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89392 libxstream-java: Java library to serialize objects to XML and back again Several security issues were fixed in XStream. oval:org.secpod.oval:def:89500 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:73694 djvulibre: DjVu image format library and tools DjVuLibre could be made to crash or execute arbitrary code if it opened a specially crafted file. oval:org.secpod.oval:def:75956 libgcrypt20: LGPL Crypto library Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:73436 lasso: Liberty Alliance and SAML protocol Library Applications using Lasso could be made to allow unintended access. oval:org.secpod.oval:def:73429 postgresql-10: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:73447 libimage-exiftool-perl: library and program to read and write meta information in multime libimage-exiftool-perl could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:75973 commons-io: Common useful IO related classes Apache Commons IO could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:73708 grub2-signed: GRand Unified Bootloader - grub2-unsigned: GRand Unified Bootloader Several security issues were fixed in GRUB 2. oval:org.secpod.oval:def:75998 binutils: GNU assembler, linker and binary utilities Several security issues were fixed in GNU binutils. oval:org.secpod.oval:def:88522 nss: Network Security Service library NSS could be made to stop responding if it received a specially crafted message. oval:org.secpod.oval:def:75924 inetutils: GNU network utilities Inetutils could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:88518 bash: GNU Bourne Again SHell Bash could be used to escalate privileges. oval:org.secpod.oval:def:73699 rabbitmq-server: AMQP server written in Erlang Several security issues were fixed in rabbitmq-server. oval:org.secpod.oval:def:59607 libidn2: Internationalized domain names command line tool Several security issues were fixed in Libidn2. oval:org.secpod.oval:def:75986 libntlm: NTLM authentication library libntlm could be made to crash or possibly execute arbitrary code. oval:org.secpod.oval:def:59591 libsoup2.4: HTTP client/server library for GNOME libsoup could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:58868 systemd: system and service manager systemd-resolved would allow unprivileged users to change DNS settings. oval:org.secpod.oval:def:88511 dosbox: An Open Source DOS emulator to run old DOS games. Several security issues were fixed in DOSBox. oval:org.secpod.oval:def:88529 gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to stop responding. oval:org.secpod.oval:def:88612 advancecomp: collection of recompression utilities Several security issues were fixed in AdvanceCOMP. oval:org.secpod.oval:def:51136 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:51135 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received a specially crafted request. oval:org.secpod.oval:def:51090 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51077 wavpack: audio codec - encoder and decoder Several security issues were fixed in WavPackXXX-APP-XXX. oval:org.secpod.oval:def:88517 klibc: small utilities built with klibc for early boot Several security issues were fixed in klibc. oval:org.secpod.oval:def:88519 libinput: Input device management and event handling library libinput could be made to crash or expose sensitive information. oval:org.secpod.oval:def:78189 usbview: USB device viewer USBView could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:88637 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:51171 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:51189 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:51221 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:73438 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:75948 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:75985 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88507 firefox: Mozilla Open Source web browser Details: USN-5321-1 fixed vulnerabilities in Firefox. The update didn"t include arm64 because of a regression. This update provides the corresponding update for arm64. This update also removes Yandex and Mail.ru as optional search providers in the drop-down s ... oval:org.secpod.oval:def:88515 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88523 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88530 firefox: Mozilla Open Source web browser Firefox could be made to execute JavaScript in a privileged context if it opened a malicious website. oval:org.secpod.oval:def:88557 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88582 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88623 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:75931 grilo: Framework for discovering and browsing media - GObject introspect grilo could be made to allow MITM attacks. oval:org.secpod.oval:def:88641 nautilus: file manager and graphical shell for GNOME GNOME Files could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:89426 exuberant-ctags: build tag file indexes of source code definitions Exuberant ctags could be make to perform arbitary command execution if run with maliciously crafted user input oval:org.secpod.oval:def:75981 docker.io: Linux container runtime Docker could be made to adjust the permissions of files. oval:org.secpod.oval:def:88461 nginx: small, powerful, scalable web/proxy server Several security issues were fixed in nginx. oval:org.secpod.oval:def:88464 cifs-utils: Common Internet File System utilities Several security issues were fixed in cifs-utils. oval:org.secpod.oval:def:78187 aide: Advanced Intrusion Detection Environment AIDE could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:58879 vlc: multimedia player and streamer Several security issues were fixed in VLC. oval:org.secpod.oval:def:73437 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Dnsmasq could be exposed to cache poisoning. oval:org.secpod.oval:def:88618 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:88620 openvswitch: Ethernet virtual switch Open vSwitch could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:89470 openvswitch: Ethernet virtual switch Several security issues were fixed in Open vSwitch. oval:org.secpod.oval:def:70339 openvswitch: Ethernet virtual switch Several security issues were fixed in Open vSwitch. oval:org.secpod.oval:def:70377 openvswitch: Ethernet virtual switch Open vSwitch could be made to crash or perform unexpectedly if it received specially crafted network traffic. oval:org.secpod.oval:def:89424 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter PHP could be made do crash or execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:88514 rsync: fast, versatile, remote file-copying tool rsync could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:80413 zlib: Lossless data-compression library zlib could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:89489 rsync: fast, versatile, remote file-copying tool rsync could be made to overwrite files. oval:org.secpod.oval:def:79881 libxml2: GNOME XML library libxml2 could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:79882 zsh: shell with lots of features Several security issues were fixed in Zsh. oval:org.secpod.oval:def:88463 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:88568 gst-plugins-good1.0: GStreamer plugins Several security issues were fixed in GStreamer Plugins Good. oval:org.secpod.oval:def:89386 golang-golang-x-text: Supplementary Go text-related libraries - golang-x-text: Supplementary Go text-related libraries Several security issues were fixed in Go Text. oval:org.secpod.oval:def:89504 amanda: Advanced Maryland Automatic Network Disk Archiver Several security issues were fixed in amanda. oval:org.secpod.oval:def:73430 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:72091 python-django: High-level Python web development framework Django could be made to overwrite files. oval:org.secpod.oval:def:89428 python-pip: Python package installer Details: USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We apologize for the inconvenience. Original advisory USN-5821-1 caused a regression in pip. oval:org.secpod.oval:def:89427 wheel: built-package format for Python wheel could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:88505 uriparser: Strictly RFC 3986 compliant URI parsing library uriparser could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:88642 libksba: X.509 and CMS support library Libksba could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:51223 gdm3: GNOME Display Manager GDM could give unauthorized access to a different user. oval:org.secpod.oval:def:89382 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:51192 gnome-bluetooth: GNOME Bluetooth tools GNOME Bluetooth could allow unintended access to devices. oval:org.secpod.oval:def:75980 mercurial: easy-to-use, scalable distributed version control system Several security issues were fixed in Mercurial. oval:org.secpod.oval:def:51040 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:51009 php7.2: HTML-embedded scripting language interpreter - php7.1: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:51159 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:51176 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:55530 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:69260 The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). oval:org.secpod.oval:def:59573 openexr: command-line tools for the OpenEXR image format Several security issues were fixed in OpenEXR. oval:org.secpod.oval:def:51021 strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:51015 policykit-1: framework for managing administrative policies and privileges Several security issues were fixed in PolicyKit. oval:org.secpod.oval:def:51017 postgresql-10: object-relational SQL database - postgresql-9.5: Object-relational SQL database - postgresql-9.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:51030 irssi: terminal based IRC client Irssi could be made to crash or execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:51031 policykit-1: framework for managing administrative policies and privileges PolicyKit could allow unintended access. oval:org.secpod.oval:def:51024 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:51028 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:51112 mozjs52: SpiderMonkey JavaScript library Several security issues were fixed in Spidermonkey. oval:org.secpod.oval:def:51013 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:51044 procps: /proc file system utilities Several security issues were fixed in procps-ng. oval:org.secpod.oval:def:51035 mysql-5.7: MySQL database Details: USN-3629-1 fixed vulnerabilities in MySQL. This update provides the corresponding updates for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in MySQL. oval:org.secpod.oval:def:51037 webkit2gtk: Web content engine library for GTK+ A security issue was fixed in WebKitGTK+. oval:org.secpod.oval:def:51050 gnupg2: GNU privacy guard - a free PGP replacement - gnupg: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:51053 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51046 apport: automatically generate crash reports for debugging Apport could be tricked into causing a denial of service or escalate privileges. oval:org.secpod.oval:def:51049 unbound: validating, recursive, caching DNS resolver A security issue was fixed in Unbound. oval:org.secpod.oval:def:51060 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:51066 zziplib: library providing read access on ZIP-archives - library zziplib could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51074 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:51076 clamav: Anti-virus utility for Unix ClamAV could be made to hang if it opened a specially crafted file. oval:org.secpod.oval:def:51068 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51081 poppler: PDF rendering library poppler could be made to crash if it opened a specially crafted PDF. oval:org.secpod.oval:def:51083 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:51084 libraw: raw image decoder library Several security issues were fixed in LibRaw. oval:org.secpod.oval:def:51085 liblouis: Braille translation library - utilities Several security issues were fixed in Liblouis. oval:org.secpod.oval:def:51086 xdg-utils: desktop integration utilities from freedesktop.org xdg-utils could be made to run arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:51088 perl: Practical Extraction and Report Language Perl could be made to overwrite arbitrary files if it received a specially crafted archive file. oval:org.secpod.oval:def:51078 libarchive-zip-perl: Perl module for manipulation of ZIP archives Archive Zip module could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:51143 clamav: Anti-virus utility for Unix ClamAV could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:51137 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51150 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:51151 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51154 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:51145 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51144 requests: elegant and simple HTTP library for Python Requests could be made to expose sensitive information if it received a specially crafted HTTP header. oval:org.secpod.oval:def:51147 moin: Collaborative hypertext environment MoinMoin could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:51146 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:51149 paramiko: Python SSH2 library Paramiko could allow unintended access to network services. oval:org.secpod.oval:def:51148 libssh: A tiny C SSH library libssh could allow unintended access to network services. oval:org.secpod.oval:def:51161 ppp: Point-to-Point Protocol ppp could be made to crash or bypass authentication if it received specially crafted network traffic. oval:org.secpod.oval:def:51160 spamassassin: Perl-based spam filter using text analysis Several security issues were fixed in SpamAssassin. oval:org.secpod.oval:def:51163 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:51162 nginx: small, powerful, scalable web/proxy server Several security issues were fixed in nginx. oval:org.secpod.oval:def:51164 gettext: GNU Internationalization utilities gettext could be made to execute arbitrary code if it received a specially crafted message. oval:org.secpod.oval:def:51156 ruby2.5: Interpreter of object-oriented scripting language Ruby - ruby2.3: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby2.0: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:51155 network-manager: Network connection manager NetworkManager could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51158 libxkbcommon: library interface to the XKB compiler - development files Details: USN-3786-1 fixed several vulnerabilities in libxkbcommon. This update provides the corresponding update for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in libxkbcommon. oval:org.secpod.oval:def:51157 systemd: system and service manager systemd-networkd could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51170 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:51174 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:51168 systemd: system and service manager Details: USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory systemd-tmpfiles could be made to change ownership ... oval:org.secpod.oval:def:51100 libmspack: library for Microsoft compression formats Several security issues were fixed in libmspack. oval:org.secpod.oval:def:51102 lftp: Sophisticated command-line FTP/HTTP/BitTorrent client programs LFTP could be made to crash if it received specially crafted file. oval:org.secpod.oval:def:51107 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to expose sensitive information if it received a crafted message. oval:org.secpod.oval:def:51106 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:51120 zsh: shell with lots of features Zsh could be made to execute arbitrary code if it received a specially crafted script. oval:org.secpod.oval:def:51116 poppler: PDF rendering library poppler could be made to crash if it received specially crafted PDF file. oval:org.secpod.oval:def:51117 libx11: X11 client-side library Several security issues were fixed in libx11. oval:org.secpod.oval:def:51119 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51130 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51132 strongswan: IPsec VPN solution strongSwan could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51125 curl: HTTP, HTTPS, and FTP client and client libraries curl could be made to run arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:51128 glib2.0: GLib Input, Output and Streaming Library Several security issues were fixed in GLib. oval:org.secpod.oval:def:51181 cups: Common UNIX Printing System CUPS could be made to expose sensitive information. oval:org.secpod.oval:def:51180 wavpack: audio codec - encoder and decoder Several security issues were fixed in WavPack. oval:org.secpod.oval:def:51182 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:51184 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51187 python-django: High-level Python web development framework Django could be made to expose spoofed information over the network. oval:org.secpod.oval:def:51186 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:51177 libraw: raw image decoder library LibRaw could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51191 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:51193 php-pear: PHP Extension and Application Repository XXX FILL ME IN: Summary for regular users XXX XXX LOCAL TEMPLATES XXX PEAR could be made to run programs if it processed a specially crafted file. oval:org.secpod.oval:def:51022 liblouis: Braille translation library - utilities Several security issues were fixed in Liblouis. oval:org.secpod.oval:def:51016 libarchive: Library to read/write archive files Several security issues were fixed in libarchive. oval:org.secpod.oval:def:51025 systemd: system and service manager Several security issues were fixed in systemd. oval:org.secpod.oval:def:51062 libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:51079 mutt: text-based mailreader supporting MIME, GPG, PGP and threading Several security issues were fixed in Mutt. oval:org.secpod.oval:def:51091 spice: SPICE protocol client and server library - spice-protocol: SPICE protocol headers Spice could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51092 wget: retrieves files from the web Wget could be made to inject arbitrary cookie values. oval:org.secpod.oval:def:51094 libsoup2.4: HTTP client/server library for GNOME libsoup could be made to crash if it received a specially crafted input. oval:org.secpod.oval:def:51096 liblouis: Braille translation library - utilities Several security issues were fixed in Liblouis. oval:org.secpod.oval:def:51098 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:51175 linux-aws: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51101 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:51194 libcaca: text mode graphics utilities Several security issues were fixed in libcaca. oval:org.secpod.oval:def:51196 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51195 libarchive: Library to read/write archive files Several security issues were fixed in libarchive. oval:org.secpod.oval:def:51198 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:51197 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:51199 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:51033 openvswitch: Ethernet virtual switch Several security issues were fixed in Open vSwitch. oval:org.secpod.oval:def:51029 linux: Linux kernel - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51213 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:51212 dovecot: IMAP and POP3 email server Dovecot could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51215 libarchive: Library to read/write archive files Several security issues were fixed in libarchive. oval:org.secpod.oval:def:51214 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:51217 poppler: PDF rendering library Several security issues were fixed in poppler. oval:org.secpod.oval:def:51219 snapd: Daemon and tooling that enable snap packages snapd could be made to run programs as an administrator. oval:org.secpod.oval:def:51218 python-django: High-level Python web development framework Django could be made to consume resources if it received specially crafted network traffic. oval:org.secpod.oval:def:51230 nss: Network Security Service library NSS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51222 systemd: system and service manager systemd could be made to crash if it received specially a crafted D-Bus message. oval:org.secpod.oval:def:51226 ldb: LDAP-like embedded database - tools LDB could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51228 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51227 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:51229 openssl1.0: Secure Socket Layer cryptographic library and tools - openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51200 mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:51201 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:51204 spice: SPICE protocol client and server library Spice could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51208 libvncserver: vnc server library Several security issues were fixed in LibVNCServer. oval:org.secpod.oval:def:51207 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51209 avahi: Avahi IPv4LL network address configuration daemon Several security issues were fixed in Avahi. oval:org.secpod.oval:def:52968 openssh: secure shell for secure access to remote machines Details: USN-3885-1 fixed vulnerabilities in OpenSSH. It was discovered that the fix for CVE-2019-6111 turned out to be incomplete. This update fixes the problem. Original advisory One of the fixes in USN-3885-1 was incomplete. oval:org.secpod.oval:def:52967 libgd2: GD Graphics Library Several security issues were fixed in GD. oval:org.secpod.oval:def:53017 libvirt: Libvirt virtualization toolkit libvirt could be made to crash under certain conditions. oval:org.secpod.oval:def:53016 walinuxagent: Windows Azure Linux Agent WALinuxAgent could be made to expose sensitive information. oval:org.secpod.oval:def:53018 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:55517 db5.3: Berkeley DB Utilities Berkeley DB could be made to expose sensitive information. oval:org.secpod.oval:def:55516 qtbase-opensource-src: Qt 5 libraries Several security issues were fixed in Qt. oval:org.secpod.oval:def:55528 glib2.0: GLib library of C routines GLib could be made to expose sensitive information if it received a specially crafted file. oval:org.secpod.oval:def:55529 dbus: simple interprocess messaging system DBus could allow unintended access to services. oval:org.secpod.oval:def:55526 elfutils: collection of utilities to handle ELF objects Several security issues were fixed in elfutils. oval:org.secpod.oval:def:52970 poppler: PDF rendering library poppler could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:53013 poppler: PDF rendering library poppler could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:59574 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:58890 libsdl2: Simple DirectMedia Layer: cross-platform development library providing access to low level media interfaces SDL 2.0 could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:58888 firefox: Mozilla Open Source web browser Firefox could be made to hijack the mouse pointer it if opened a malicious website. oval:org.secpod.oval:def:58889 e2fsprogs: ext2/ext3/ext4 file system utilities e2fsprogs could be made to execute arbitrary code if it is running in a crafted ext4 partition. oval:org.secpod.oval:def:58860 ghostscript: PostScript and PDF interpreter Ghostscript could be made to access arbitrary files if it opened a specially crafted file. oval:org.secpod.oval:def:58858 dovecot: IMAP and POP3 email server Dovecot could be made to crash or execute arbitrary code if it received a specially crafted data. oval:org.secpod.oval:def:58873 memcached: high-performance memory object caching system Memcached could be made to expose sensitive information if it received a specially crafted UNIX socket. oval:org.secpod.oval:def:58875 tomcat8: Servlet and JSP engine Several security issues were fixed in Tomcat 8. oval:org.secpod.oval:def:58876 tomcat9: Servlet and JSP engine Several security issues were fixed in Tomcat 9. oval:org.secpod.oval:def:58872 exim4: Exim is a mail transport agent Exim could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:58885 wpa: client support for WPA and WPA2 wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame. oval:org.secpod.oval:def:58886 libreoffice: Office productivity suite LibreOffice could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:58887 file-roller: archive manager for GNOME File Roller could be made to overwrite sensitive files if it received a specially crafted TAR file. oval:org.secpod.oval:def:58881 wireshark: network traffic analyzer Wireshark could be made to crash if it received specially crafted network traffic or input files. oval:org.secpod.oval:def:58877 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:59592 sudo: Provide limited super user privileges to specific users Sudo could be made to run commands as root if it called with a specially crafted user ID. oval:org.secpod.oval:def:59593 libsdl1.2: Simple DirectMedia Layer Several security issues were fixed in SDL. oval:org.secpod.oval:def:59594 aspell: GNU Aspell spell-checker Aspell could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:59599 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:59595 tiff: Tag Image File Format library Several security issues were fixed in LibTIFF. oval:org.secpod.oval:def:59596 uw-imap: c-client library for mail protocols - library files UW IMAP could be made to execute programs if it received specially crafted input. oval:org.secpod.oval:def:59617 cpio: a tool to manage archives of files GNU cpio could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:59612 ruby-nokogiri: HTML, XML, SAX, and Reader parser for Ruby Nokogiri could be made to execute programs if it received specially crafted input. oval:org.secpod.oval:def:59613 haproxy: fast and reliable load balancing reverse proxy HAproxy would allow unintended access if ii received specially crafted HTTP request. oval:org.secpod.oval:def:59608 libarchive: Library to read/write archive files libarchive could be made to execute arbitrary code if it received specially crafted archive file. oval:org.secpod.oval:def:59609 file: Tool to determine file types file could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:59603 whoopsie: Ubuntu error tracker submission Whoopsie could be made to crash, expose sensitive information or run programs if it processed a specially crafted crash report. oval:org.secpod.oval:def:59604 apport: automatically generate crash reports for debugging Several security issues were fixed in Apport. oval:org.secpod.oval:def:59605 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:58882 ibus: Intelligent Input Bus - core IBus would allow local users to capture key strokes of other locally logged in users. oval:org.secpod.oval:def:55512 mariadb-10.1: MariaDB database Details: USN-3957-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2614 and CVE-2019-2627 in MariaDB 10.1. Linux Mint 19.x LTS has been updated to MariaDB 10.1.40. In addition to security fixes, the updated package co ... oval:org.secpod.oval:def:73710 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-4995-1 fixed vulnerabilities in Thunderbird. This update provides the corresponding updates for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:88635 xorg-server: X.Org X11 server - xwayland: X server for running X clients under Wayland - xorg-server-hwe-18.04: X.Org X11 server Several security issues were fixed in X.Org X Server. oval:org.secpod.oval:def:88626 tiff: Tag Image File Format library Details: USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Linux Mint 19.x LTS, Linux Mint 20.x LTS, Linux Mint 21.x LTS and Ubuntu 22.10. Original advisory LibTIFF could be made to crash or run programs as your login ... oval:org.secpod.oval:def:88541 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88542 liblouis: Braille translation library - utilities Several security issues were fixed in liblouis. oval:org.secpod.oval:def:70370 flatpak: Application deployment framework for desktop apps Flatpak could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:78178 apache-log4j1.2: Java-based open-source logging tool Apache Log4j 1.2 could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:70344 pillow: Python Imaging Library Pillow could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:72111 pillow: Python Imaging Library Pillow could be made to crash or hang if it opened a specially crafted file. oval:org.secpod.oval:def:72101 flatpak: Application deployment framework for desktop apps A Flatpak application could access files that it would not normally be permitted to access. oval:org.secpod.oval:def:53014 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51032 haproxy: fast and reliable load balancing reverse proxy Several security issues were fixed in HAProxy. oval:org.secpod.oval:def:91463 liblouis: Braille translation library - utilities Several security issues were fixed in liblouis. oval:org.secpod.oval:def:88613 gmp: Multiprecision arithmetic library developers tools GMP could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:91467 libreoffice: Office productivity suite LibreOffice could be made to run arbitrary code if an empty entry to the java class path is configured. oval:org.secpod.oval:def:89418 git: fast, scalable, distributed revision control system Several security issues were fixed in Git. oval:org.secpod.oval:def:88621 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:80421 git: fast, scalable, distributed revision control system Git could be made to run arbitrary commands in platforms with multiple users support. oval:org.secpod.oval:def:80406 dbus: simple interprocess messaging system Details: USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Linux Mint 19.x LTS and Linux Mint 20.x LTS. Original advisory DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:89388 sox: Swiss army knife of sound processing Several security issues were fixed in SoX. oval:org.secpod.oval:def:89480 sox: Swiss army knife of sound processing Details: USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Original advisory USN-5904-1 caused a minor regression in SoX. oval:org.secpod.oval:def:72107 gst-plugins-base1.0: GStreamer plugins GStreamer Base Plugins could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:75932 squashfs-tools: Tools to create and modify squashfs filesystems squashfs-tools could be made to overwrite files. oval:org.secpod.oval:def:75952 squashfs-tools: Tools to create and modify squashfs filesystems Squashfs-Tools could be made to overwrite files. oval:org.secpod.oval:def:73693 avahi: IPv4LL network address configuration daemon Several security issues were fixed in Avahi. oval:org.secpod.oval:def:91461 xorg-server: X.Org X11 server - xwayland: X server for running X clients under Wayland - xorg-server-hwe-18.04: X.Org X11 server X.Org X Server could be made to crash or run programs as the administrator if it received specially crafted input. oval:org.secpod.oval:def:96308 node-url-parse: Small footprint URL parser that works across Node.js and browsers Several security issues were fixed in url-parse. oval:org.secpod.oval:def:96312 php-nette: Nette Framework Nette could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:96313 xcftools: command-line tools for extracting data for XCF files Xcftools could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:96315 ipmitool: utility for IPMI control with kernel driver or LAN interface oval:org.secpod.oval:def:96316 apache-log4j1.2: Java-based open-source logging tool Several security issues were fixed in Apache Log4j. oval:org.secpod.oval:def:96317 node-trim-newlines: Trim newlines from the start and/or end of a string A security issue was fixed in trim-newlines. oval:org.secpod.oval:def:96318 node-thenify: Promisify a callback-based function A security issue weas fixed in thenify. oval:org.secpod.oval:def:96319 chromium-browser: Chromium web browser, open-source version of Chrome Several security issues were fixed in Chromium. oval:org.secpod.oval:def:96330 heat: OpenStack Orchestration Service OpenStack Heat could be made to expose sensitive information. oval:org.secpod.oval:def:96336 node-minimatch: A glob matcher in javascript minimatch could be made to crash if it opened a specially crafted input file. oval:org.secpod.oval:def:96340 firefox: Mozilla Open Source web browser Details: USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-6074-2 caused some minor reg ... oval:org.secpod.oval:def:96341 node-json-schema: A vocabulary that allows you to validate, annotate, and manipulate JSON files JSON Schema could be made to crash or run programs if it opened specially crafted input. oval:org.secpod.oval:def:96343 linuxptp: Precision Time Protocol implementation for Linux Linux PTP could be made to crash, run arbitrary code, or expose sensitive information if it received specially crafted input. oval:org.secpod.oval:def:96344 perl: Practical Extraction and Report Language Perl could be made to install modules from untrusted sources. oval:org.secpod.oval:def:96345 node-nth-check: Parses and compiles CSS nth-checks to highly optimized functions. nth-check could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:96355 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:96387 opendmarc: Open Source implementation of the DMARC specification Several security issues were fixed in OpenDMARC. oval:org.secpod.oval:def:96391 libssh2: Client-side C library implementing the SSH2 protocol libssh2 could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:91747 texlive-bin: Binaries for TeX Live LuaTeX could be made to run programs as your login if it compiled a specially crafted TeX file. oval:org.secpod.oval:def:89482 c-ares: library for asynchronous name resolution c-ares could be made to crash or run programs if it processed specially crafted input. oval:org.secpod.oval:def:88471 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:91486 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:88627 snapd: Daemon and tooling that enable snap packages snapd could be made to run programs as an administrator. oval:org.secpod.oval:def:88601 expat: XML parsing C library Details: USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Linux Mint 19.x LTS, Linux Mint 20.x LTS and Linux Mint 21.x LTS. Original advisory Expat could be made to crash or execute arbitrary code. oval:org.secpod.oval:def:88602 expat: XML parsing C library Details: USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Linux Mint 18.x ESM, Linux Mint 19.x LTS, Linux Mint 20.x LTS, Linux Mint 21.x LTS and Ubuntu 22.10. This update also fixes a minor regression introduced in Linux Mint ... oval:org.secpod.oval:def:79877 expat: XML parsing C library Details: USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain fil ... oval:org.secpod.oval:def:89456 python-django: High-level Python web development framework Django could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:89443 python-django: High-level Python web development framework Django could be made to consume memory if it received specially crafted network traffic. oval:org.secpod.oval:def:88489 bind9: Internet Domain Name Server Several security issues were fixed in Bind. oval:org.secpod.oval:def:76000 bind9: Internet Domain Name Server Bind could be made to consume resources if it received specially crafted network traffic. oval:org.secpod.oval:def:78180 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could be made to execute arbitrary code if it received a specially crafted XML or HTML file. oval:org.secpod.oval:def:78170 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:79865 bind9: Internet Domain Name Server Several security issues were fixed in Bind. oval:org.secpod.oval:def:73697 nettle: low level cryptographic library Several security issues were fixed in Nettle. oval:org.secpod.oval:def:51036 apache2: Apache HTTP server Details: USN-3627-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:78176 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:75920 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:73705 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:89445 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:91744 python-django: High-level Python web development framework A Django hardening measure could be bypassed. oval:org.secpod.oval:def:79886 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:89439 python-future: Clean single-source support for Python 3 and 2 python-future could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:70246 python-cryptography: Cryptography Python library python-cryptography could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51138 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:51152 xorg-server: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server X.Org X server could be made to overwrite files as the administrator. oval:org.secpod.oval:def:51153 openjdk-lts: Open Source Java implementation - openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:51110 openjdk-lts: Java runtime based on OpenJDK Several security issues were fixed in OpenJDK 10. oval:org.secpod.oval:def:51129 lcms2: Little CMS color management library Several security issues were fixed in Little CMS. oval:org.secpod.oval:def:70109 sqlite3: C library that implements an SQL database engine Several security issues were fixed in SQLite. oval:org.secpod.oval:def:51012 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:51027 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:54510 openjdk-lts: Open Source Java implementation Java applets or applications could be made to expose sensitive information. oval:org.secpod.oval:def:70170 openldap: OpenLDAP utilities Several security issues were fixed in OpenLDAP. oval:org.secpod.oval:def:57460 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:55053 openjdk-lts: Open Source Java implementation - openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:51070 libjpeg-turbo: library for handling JPEG files libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:51082 libpng1.6: PNG library - development - libpng: PNG file library Several security issues were fixed in libpng. oval:org.secpod.oval:def:54117 policykit-1: framework for managing administrative policies and privileges PolicyKit could allow unintended access. oval:org.secpod.oval:def:88535 imagemagick: Image manipulation programs and library ImageMagick could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:96329 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Details: USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to f ... oval:org.secpod.oval:def:96327 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:78166 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:89415 ruby3.0: Interpreter of object-oriented scripting language Ruby - ruby2.5: Object-oriented scripting language Details: USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Linux Mint 19.x LTS, Linux Mint 20.x LTS, and Ubuntu 22.10. Original advisory Ruby could allow for intern ... oval:org.secpod.oval:def:88586 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine sy ... oval:org.secpod.oval:def:88587 linux-aws-5.4: Linux kernel for Amazon Web Services systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88584 linux: Linux kernel - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-snapdragon: Linux kernel for Qualco ... oval:org.secpod.oval:def:88585 linux-aws: Linux kernel for Amazon Web Services systems The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:88588 linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75979 mongodb: object/document-oriented database MongoDB could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:75928 mongodb: Document-oriented database MongoDB could provide unintended access. oval:org.secpod.oval:def:51179 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89469 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:89385 fig2dev: Utilities for converting XFig figure files Several security issues were fixed in Fig2dev. oval:org.secpod.oval:def:88503 sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo. oval:org.secpod.oval:def:51041 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89460 git: fast, scalable, distributed revision control system Details: USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Linux Mint 19.x LTS. Original advisory USN-5871-1 caused a regression. oval:org.secpod.oval:def:89459 git: fast, scalable, distributed revision control system Several security issues were fixed in Git. oval:org.secpod.oval:def:70397 python3.8: Interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-or ... oval:org.secpod.oval:def:88551 xorg-server: X.Org X11 server - xwayland: Xwayland X server - xorg-server-hwe-18.04: X.Org X11 server Several security issues were fixed in X.Org X Server. oval:org.secpod.oval:def:88475 containerd: daemon to control runC Several security issues were fixed in containerd. oval:org.secpod.oval:def:79880 nbd: Network Block Device protocol Several security issues were fixed in NBD. oval:org.secpod.oval:def:78188 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:75978 containerd: daemon to control runC containerd would allow unintended access to files. oval:org.secpod.oval:def:75957 qtbase-opensource-src: Qt 5 libraries Several security issues were fixed in Qt. oval:org.secpod.oval:def:62702 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:62963 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:91476 git: fast, scalable, distributed revision control system Several security issues were fixed in Git. oval:org.secpod.oval:def:70167 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:70252 netqmail: a secure, reliable, efficient, simple message transfer agent netqmail could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:75982 squid: Web proxy cache server - squid3: Web proxy cache server Squid could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:70119 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:70110 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:89490 tiff: Tag Image File Format library Several security issues were fixed in LibTIFF. oval:org.secpod.oval:def:91494 cups: Common UNIX Printing System CUPS could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:91483 openjdk-17: Open Source Java implementation - openjdk-20: Open Source Java implementation - openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:51047 tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:70113 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:89409 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:88502 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:75921 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:78167 vim: Vi IMproved - enhanced vi editor Several security issues were fixed in Vim. oval:org.secpod.oval:def:75933 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:80411 chromium-browser: Chromium web browser, open-source version of Chrome Chromium could be made to execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:73696 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:72098 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:51188 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:59597 exiv2: EXIF/IPTC/XMP metadata manipulation tool Exiv2 could be made to crash if it received a specially crafted file. oval:org.secpod.oval:def:51080 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:70255 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:70270 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:70307 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:70207 linux-firmware: Firmware for Linux kernel drivers The system could be made to expose sensitive information. oval:org.secpod.oval:def:57457 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:51108 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:51141 git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it recursively opened a malicious git repository. oval:org.secpod.oval:def:51048 git: fast, scalable, distributed revision control system Several security issues were fixed in Git. oval:org.secpod.oval:def:89389 sofia-sip: Sofia-SIP library development files Several security issues were fixed in Sofia-SIP. oval:org.secpod.oval:def:70240 freeimage: Support library for graphics image formats Several security issues were fixed in FreeImage. oval:org.secpod.oval:def:88521 openjdk-17: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:80430 openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:75915 sssd: System Security Services Daemon Several security issues were fixed in sssd. oval:org.secpod.oval:def:91465 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash or run programs as your login if it received a specially crafted input. oval:org.secpod.oval:def:89458 apr-util: Apache Portable Runtime Utility Library APR-util could be made to crash or run programs as an administrator if it received specially crafted input. oval:org.secpod.oval:def:89494 snakeyaml: YAML parser and emitter for the Java programming language Several security issues were fixed in SnakeYAML. oval:org.secpod.oval:def:89473 openjdk-17: Open Source Java implementation - openjdk-19: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:89474 openjdk-8: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:91491 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database - postgresql-10: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:89402 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:89466 firefox: Mozilla Open Source web browser Details: USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5880-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:89465 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:89493 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89433 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89421 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:91480 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:91482 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:91485 libwebp: Lossy compression of digital photographic images libwebp could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:91458 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:91464 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:89498 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:88504 pillow: Python Imaging Library Details: USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. Original advisory An incomplete fix was discovered in Pillow. oval:org.secpod.oval:def:78182 pillow: Python Imaging Library Several security issues were fixed in Pillow. oval:org.secpod.oval:def:89467 chromium-browser: Chromium web browser, open-source version of Chrome Several security issues were fixed in Chromium. oval:org.secpod.oval:def:89496 chromium-browser: Chromium web browser, open-source version of Chrome Several security issues were fixed in Chromium. oval:org.secpod.oval:def:88501 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:88494 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:88492 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:88651 w3m: WWW browsable pager with excellent tables/frames support w3m could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:88480 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:80402 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:75954 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:71239 curl: HTTP, HTTPS, and FTP client and client libraries curl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:70125 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:62694 libgd2: Open source code library for the dynamic creation of images Several security issues were fixed in GD Graphics Library. oval:org.secpod.oval:def:75994 libcaca: text mode graphics utilities libcaca could be made to crash if it received a specially crafted image. oval:org.secpod.oval:def:70382 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:70369 minidlna: lightweight DLNA/UPnP-AV server targeted at embedded systems ReadyMedia could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:88561 net-snmp: SNMP server and applications Several security issues were fixed in Net-SNMP. oval:org.secpod.oval:def:88564 libxml2: GNOME XML library libxml2 could be made to execute arbitrary code if it received a specially crafted file. oval:org.secpod.oval:def:91492 binutils: GNU assembler, linker and binary utilities Several security issues were fixed in GNU binutils. oval:org.secpod.oval:def:79876 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:89503 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:91478 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:89401 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:70139 zeromq3: lightweight messaging kernel ZeroMQ could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:88468 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:73431 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:91475 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:96328 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems The system could be made to run programs as an administrator. oval:org.secpod.oval:def:96325 linux-ibm-5.4: Linux kernel for IBM cloud systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors The system could be made to run programs as an administrator. oval:org.secpod.oval:def:96331 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems - linux-raspi2: Linux kernel for Raspberry Pi systems The system could be made to run programs as an administrator. oval:org.secpod.oval:def:96335 linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96334 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-aws-hwe: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96338 linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96337 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89406 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:59588 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:57452 bzip2: high-quality block-sorting file compressor - utilities Several security issues were fixed in bzip2. oval:org.secpod.oval:def:70332 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:89497 openjpeg2: JPEG 2000 image compression/decompression library Several security issues were fixed in OpenJPEG. oval:org.secpod.oval:def:75930 uwsgi: fast, self-healing application container server uWSGI could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:54395 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:80405 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:91745 sqlparse: documentation for non-validating SQL parser in Python SQL parse could be made to denial of service if it received a specially crafted regular expression. oval:org.secpod.oval:def:88558 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:70195 openjdk-8: Open Source Java implementation - openjdk-lts: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:91488 ruby2.7: Object-oriented scripting language - ruby2.5: Object-oriented scripting language - ruby2.3: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:96326 libzen: ZenLib C++ utility library -- development files ZenLib could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:88616 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Googl ... oval:org.secpod.oval:def:88615 linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88611 linux: Linux kernel - linux-dell300x: Linux kernel for Dell 300x platforms - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors ... oval:org.secpod.oval:def:88634 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88632 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88633 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud syste ... oval:org.secpod.oval:def:88630 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environment ... oval:org.secpod.oval:def:91471 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:91489 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:88560 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-gke-5.4: Linux kernel for Google Container Engine systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88552 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel fo ... oval:org.secpod.oval:def:96346 linux-oracle: Linux kernel for Oracle Cloud systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96348 linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-aws-5.4: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96321 linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96342 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96310 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems Several s ... oval:org.secpod.oval:def:96314 linux-gcp-4.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96320 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:78175 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:88571 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:88659 linux-gkeop: Linux kernel for Google Container Engine systems - linux-aws-5.4: Linux kernel for Amazon Web Services systems - linux-hwe-5.4: Linux hardware enablement kernel - linux-oracle: Linux kernel for Oracle Cloud systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors S ... oval:org.secpod.oval:def:88656 linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88657 linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88655 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-a ... oval:org.secpod.oval:def:88647 linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88645 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for IB ... oval:org.secpod.oval:def:88644 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:88614 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-oracle-5.4: Linux kernel for Oracle Cloud systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88610 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for ... oval:org.secpod.oval:def:96307 linux-ibm: Linux kernel for IBM cloud systems - linux-ibm-5.4: Linux kernel for IBM cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96306 linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96305 linux-gcp-5.4: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96304 linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:96303 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89488 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linu ... oval:org.secpod.oval:def:89486 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:89453 linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89454 linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89452 linux-dell300x: Linux kernel for Dell 300x platforms Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89448 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud ... oval:org.secpod.oval:def:89449 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi system ... oval:org.secpod.oval:def:89437 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89438 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:89501 python3.10: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object ... oval:org.secpod.oval:def:88554 python2.7: An interactive high-level object-oriented language - python3.10: Interactive high-level object-oriented language - python3.9: Interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language - python3.6: An interactive high-level object-ori ... oval:org.secpod.oval:def:89414 python3.6: An interactive high-level object-oriented language Details: USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in Python. oval:org.secpod.oval:def:88497 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:88485 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:70128 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:75997 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:72102 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:91493 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:88533 linux-gkeop: Linux kernel for Google Container Engine systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-gkeop-5.4: Linux kernel for Google Container Engine syst ... oval:org.secpod.oval:def:88527 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:88524 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Go ... oval:org.secpod.oval:def:88553 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:88547 linux: Linux kernel - linux-hwe: Linux hardware enablement kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:96347 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:96311 linux-aws-5.4: Linux kernel for Amazon Web Services systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-hwe-5.4: Linux hardware enablement kernel - linux-ibm-5.4: Linux kernel for IBM cloud systems - lin ... oval:org.secpod.oval:def:71241 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspbe ... oval:org.secpod.oval:def:71244 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:71243 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:78185 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:78191 policykit-1: framework for managing administrative policies and privileges policykit-1 could be made to run programs as an administrator. oval:org.secpod.oval:def:80414 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-kvm: Linux kernel for cloud environments - linux-snapdragon: Linux kernel for Qualcomm Snap ... oval:org.secpod.oval:def:80415 linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:80427 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Go ... oval:org.secpod.oval:def:80428 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:79870 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engin ... oval:org.secpod.oval:def:79873 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:79875 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for ... oval:org.secpod.oval:def:88572 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Googl ... oval:org.secpod.oval:def:79888 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:79889 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:88595 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:88596 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gkeop: Linux kernel for Google Container Engine systems - linux-ibm: Linux kernel for I ... oval:org.secpod.oval:def:72094 gnome-autoar: Archive integration support for GNOME GNOME Autoar could be made to overwrite files. oval:org.secpod.oval:def:70379 gnome-autoar: Archive integration support for GNOME GNOME Autoar could be made to overwrite files. oval:org.secpod.oval:def:72096 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:62699 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:70245 gdm3: GNOME Display Manager GDM could be made to create privileged users. oval:org.secpod.oval:def:75961 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:70282 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:62967 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:58878 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:55313 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:54511 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:70138 glib2.0: GLib Input, Output and Streaming Library GLib did not properly restrict directory and file permissions. oval:org.secpod.oval:def:70130 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:71246 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:70385 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:55048 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:80409 tcpdump: command-line network traffic analyzer Details: USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Linux Mint 19.x LTS and Linux Mint 20.x LTS. Original advisory Several security issues were fixed in tcpdump. oval:org.secpod.oval:def:91512 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:89431 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:91510 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:88653 heimdal: Heimdal Kerberos Network Authentication Protocol Several security issues were fixed in Heimdal. oval:org.secpod.oval:def:88486 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:75916 libgd2: GD Graphics Library Several security issues were fixed in GD library. oval:org.secpod.oval:def:80435 sqlite3: C library that implements an SQL database engine SQLite could be made to crash or run programs if it processed a specially crafted query. oval:org.secpod.oval:def:88579 rsync: fast, versatile, remote file-copying tool rsync could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:88577 zlib: Lossless data-compression library zlib could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:70295 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux k ... oval:org.secpod.oval:def:75992 linux: Linux kernel - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-kvm: Linux kernel for cloud environments - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kern ... oval:org.secpod.oval:def:75990 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:75947 linux-raspi2: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75946 linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75945 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud syst ... oval:org.secpod.oval:def:75966 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75965 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:51210 linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in th ... oval:org.secpod.oval:def:51216 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:73441 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:73440 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle ... oval:org.secpod.oval:def:51206 linux: Linux kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51205 linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:78174 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:72095 unbound: validating, recursive, caching DNS resolver Several security issues were fixed in Unbound. oval:org.secpod.oval:def:70265 openldap: Lightweight Directory Access Protocol OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:70386 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:72089 linux-oem-5.6: Linux kernel for OEM systems - linux-gke-5.3: Linux kernel for Google Container Engine systems - linux-hwe: Linux hardware enablement kernel - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - ... oval:org.secpod.oval:def:70359 linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Several security ... oval:org.secpod.oval:def:70342 linux: Linux kernel - linux-hwe-5.8: Linux hardware enablement kernel - linux-hwe-5.4: Linux hardware enablement kernel - linux-hwe: Linux hardware enablement kernel - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty The system could allow unintended access to data in som ... oval:org.secpod.oval:def:70375 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-gke-5.3: Linux kernel for Google Container Engine systems - linux-hwe: Linux hardware enablement kernel - linux-raspi2-5.3: Linux kernel for Raspberry Pi systems - linux: Linux kernel The system could allow unintended access ... oval:org.secpod.oval:def:70361 linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp: Linux kerne ... oval:org.secpod.oval:def:70398 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gkeop: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:70403 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel fo ... oval:org.secpod.oval:def:70218 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:70222 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70293 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:70176 linux-hwe: Linux hardware enablement kernel he Linux kernel could be made to expose sensitive information. oval:org.secpod.oval:def:70172 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-oem: Linux kernel for OEM processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70191 linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kerne ... oval:org.secpod.oval:def:70219 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM sys ... oval:org.secpod.oval:def:70231 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70228 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gcp-5.3: Linux kernel for Google Cloud Platfor ... oval:org.secpod.oval:def:62969 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:70259 linux: Linux kernel - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for ... oval:org.secpod.oval:def:70327 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux k ... oval:org.secpod.oval:def:70328 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:70354 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:70189 linux: Linux kernel - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70213 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-oem: Linux kernel for OEM systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon ... oval:org.secpod.oval:def:70214 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi systems - ... oval:org.secpod.oval:def:70210 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70204 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:70201 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - lin ... oval:org.secpod.oval:def:58884 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:70178 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-a ... oval:org.secpod.oval:def:70179 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:70174 linux-aws-5.0: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oracle-5.0: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kerne ... oval:org.secpod.oval:def:70181 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processo ... oval:org.secpod.oval:def:70184 linux-aws-5.0: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oracle-5.0: Linux kernel for Oracle Cloud systems Several security issues were fixed in the Linux kerne ... oval:org.secpod.oval:def:70180 linux-aws-5.0: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oracle-5.0: Linux kernel for Oracle Cloud ... oval:org.secpod.oval:def:70185 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-g ... oval:org.secpod.oval:def:70192 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM processors - linux-oracle-5.0: Linux kernel for Oracle Cloud systems Seve ... oval:org.secpod.oval:def:70190 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-g ... oval:org.secpod.oval:def:59589 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:59587 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux ... oval:org.secpod.oval:def:59598 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70203 linux-gke-5.0: Linux kernel for Google Container Engine systems - linux-oem-osp1: Linux kernel for OEM processors Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70232 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-oem: Linux k ... oval:org.secpod.oval:def:57446 linux: Linux kernel - linux-hwe: Linux hardware enablement kernel 64-Bit PowerPC systems could be made to expose sensitive information. oval:org.secpod.oval:def:59601 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - lin ... oval:org.secpod.oval:def:54112 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-rasp ... oval:org.secpod.oval:def:58863 linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - ... oval:org.secpod.oval:def:58864 linux: Linux kernel - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-azure: Linux kernel for Microsoft Azure Cloud systems ... oval:org.secpod.oval:def:58867 linux-aws: Linux kernel for Amazon Web Services systems - linux-aws-hwe: Linux kernel for Amazon Web Services systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:70229 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-gke-4.15: Linux kernel for Google Container Engine systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM syst ... oval:org.secpod.oval:def:55311 intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry ... oval:org.secpod.oval:def:70161 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud systems - linux-rasp ... oval:org.secpod.oval:def:70162 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:55021 qemu: Machine emulator and virtualizer Several issues were addressed in QEMU. oval:org.secpod.oval:def:55022 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:55020 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:55025 libvirt: Libvirt virtualization toolkit Several issues were addressed in libvirt. oval:org.secpod.oval:def:57455 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - ... oval:org.secpod.oval:def:55047 intel-microcode: Processor microcode for Intel CPUs Details: USN-3977-1 provided mitigations for Microarchitectural Data Sampling vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry ... oval:org.secpod.oval:def:54111 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-hwe: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:88499 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:55518 linux-hwe: Linux hardware enablement kernel A system hardening measure could be bypassed. oval:org.secpod.oval:def:55519 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-meta: - linux-oem: Linux kernel for OEM processors - linux-oracle: Linux kernel for Oracle Cloud system ... oval:org.secpod.oval:def:55523 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:51114 libgd2: GD Graphics Library Several security issues were fixed in GD. oval:org.secpod.oval:def:53954 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:75999 php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter PHP-PFM in PHP could be made ... oval:org.secpod.oval:def:62965 php7.3: server-side, HTML-embedded scripting language - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:88543 php8.1: HTML-embedded scripting language interpreter - php8.0: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:51020 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:88544 php7.2: HTML-embedded scripting language interpreter Details: USN-5479-1 fixed vulnerabilities in PHP. Unfortunately that update for CVE-2022-31625 was incomplete for Linux Mint 19.x LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5479-1 was incomplete a ... oval:org.secpod.oval:def:54515 php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:73692 php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:59606 php7.3: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter - php7.0: HTML-embedded scripting language interpreter PHP could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:51067 php7.2: HTML-embedded scripting language interpreter PHP could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:51069 php7.2: HTML-embedded scripting language interpreter Details: USN-3702-1 fixed a vulnerability in PHP. PHP 7.2.7 did not actually include the fix for CVE-2018-12882. This update adds a backported patch to correct the issue. We apologize for the inconvenience. Original advisory PHP could be made to c ... oval:org.secpod.oval:def:55525 jinja2: small but fast and easy to use stand-alone template engine Several security issues were fixed in Jinja2. oval:org.secpod.oval:def:55058 python-urllib3: HTTP library with thread-safe connection pooling for Python Several security issues were fixed in urllib3. oval:org.secpod.oval:def:55318 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:55059 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:54590 libpng1.6: PNG file library libpng be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:51133 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:51127 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:55527 libsndfile: Library for reading/writing audio files Several security issues were fixed in libsndfile. oval:org.secpod.oval:def:51134 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security i ... oval:org.secpod.oval:def:51105 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:51121 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 S ... oval:org.secpod.oval:def:51113 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51115 intel-microcode: Processor microcode for Intel CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:51043 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors The ... oval:org.secpod.oval:def:51051 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51052 libvirt: Libvirt virtualization toolkit Side channel execution mitigations were added to libvirt. oval:org.secpod.oval:def:51054 qemu: Machine emulator and virtualizer Side channel execution mitigations were added to QEMU. oval:org.secpod.oval:def:51055 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:73444 intel-microcode: Processor microcode for Intel CPUs Several security issues were fixed in Intel Microcode. oval:org.secpod.oval:def:51202 linux-azure: Linux kernel for Microsoft Azure Cloud systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51203 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-oem: Linux kernel for OEM processors - linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51063 amd64-microcode: Processor microcode firmware for AMD CPUs The system could be made to expose sensitive information. oval:org.secpod.oval:def:51065 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:51059 linux-raspi2: Linux kernel for Raspberry Pi 2 Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:53006 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-oem: Linux kernel for OEM processors - linux-gcp: Linux kernel for Google Cloud Platform systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:51087 qemu: Machine emulator and virtualizer Side channel execution mitigations were added to QEMU. oval:org.secpod.oval:def:51039 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51045 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:51061 mozjs52: SpiderMonkey JavaScript library Several security issues were fixed in Spidermonkey. oval:org.secpod.oval:def:72086 openvpn: virtual private network software everal security issues were fixed in OpenVPN. oval:org.secpod.oval:def:51166 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:51185 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oem: Linux kernel for OEM processors - li ... oval:org.secpod.oval:def:51165 python2.7: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:62244 twisted: Event-based framework for internet applications Several security issues were fixed in Twisted. oval:org.secpod.oval:def:58855 apache2: Apache HTTP server Several security issues were fixed in Apache. oval:org.secpod.oval:def:58857 python2.7: An interactive high-level object-oriented language - python3.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:58870 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:58871 node-fstream: Advanced filesystem streaming tools for Node.js npm/fstream could be made to overwrite files. oval:org.secpod.oval:def:59590 python2.7: An interactive high-level object-oriented language - python3.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:70145 thunderbird - Mozilla Open Source mail and newsgroup client. Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:70144 thunderbird - Mozilla Open Source mail and newsgroup client. Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:59602 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:51064 openssl: Secure Socket Layer cryptographic library and tools - openssl1.0: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:51118 libtirpc: transport-independent RPC library - development files Several security issues were fixed in libtirpc. oval:org.secpod.oval:def:73445 rpcbind: converts RPC program numbers into universal addresses rpcbind could be made to consume resources and crash if it received specially crafted network traffic. oval:org.secpod.oval:def:51019 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:51058 file: Tool to determine file types Several security issues were fixed in file. oval:org.secpod.oval:def:70306 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:51023 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:57449 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:51056 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:51073 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:73707 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:91472 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:89478 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:88513 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gcp-5.13: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Google Container E ... oval:org.secpod.oval:def:88512 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud sys ... oval:org.secpod.oval:def:57461 docker.io: Linux container runtime Docker could be made to overwrite files as the administrator. oval:org.secpod.oval:def:75972 linux-raspi2: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75971 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for clo ... oval:org.secpod.oval:def:75943 linux-raspi: Linux kernel for Raspberry Pi systems - linux-raspi-5.4: Linux kernel for Raspberry Pi systems Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75942 linux-hwe-5.4: Linux hardware enablement kernel Several security issues were fixed in the Linux kernel. oval:org.secpod.oval:def:75941 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-gke: Linux kernel for Google Container Engine systems - linux-gkeop: Linux kernel for Goo ... oval:org.secpod.oval:def:89461 linux-gcp: Linux kernel for Google Cloud Platform systems - linux-ibm: Linux kernel for IBM cloud systems - linux-aws-5.4: Linux kernel for Amazon Web Services systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform systems - linux-hwe-5.4: Linux hardware enablement kernel - linux-ibm-5. ... |