Download
| Alert*
oval:org.secpod.oval:def:706149
linux: Linux kernel - linux-hwe-5.11: Linux hardware enablement kernel - linux-hwe-5.4: Linux hardware enablement kernel - linux-hwe: Linux hardware enablement kernel IBM s390x systems could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:706180 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-5.11: Linux kernel for Microsoft Azure cloud systems Details: USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. Unfortunately, for Linux kernels intended for use within Microsoft Azure environments, that update int ... oval:org.secpod.oval:def:705983 Ubuntu 21.04 is installed oval:org.secpod.oval:def:706000 mariadb-10.5: MariaDB database development files - mariadb-10.3: MariaDB database - mariadb-10.1: MariaDB database Several security issues were fixed in MariaDB. oval:org.secpod.oval:def:706024 apport: automatically generate crash reports for debugging Several security issues were fixed in Apport. oval:org.secpod.oval:def:706112 firefox: Mozilla Open Source web browser Details: USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a regression that caused Firefox to repeatedly prompt for a password. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5037-1 caused a regressi ... oval:org.secpod.oval:def:706016 python-babel: tools for internationalizing Python applications Babel code be made to execute arbitrary code if it received a specially crafted input. oval:org.secpod.oval:def:706152 ca-certificates: Common CA certificates A certificate about to expire was removed from ca-certificates. oval:org.secpod.oval:def:705987 exim4: Exim is a mail transport agent Several security issues were fixed in Exim. oval:org.secpod.oval:def:706261 firefox: Mozilla Open Source web browser Details: USN-5186-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5186-1 caused some minor regressions in Firefox. oval:org.secpod.oval:def:706273 exiv2: EXIF/IPTC/XMP metadata manipulation tool Details: USN-5043-1 fixed vulnerabilities in Exiv2. The update introduced a new regression that could cause a crash in applications using libexiv2. This update fixes the problem. We apologize for the inconvenience. Original advisory Introduced regressi ... oval:org.secpod.oval:def:706098 gpsd: Global Positioning System GPSd could return the wrong time. oval:org.secpod.oval:def:71923 libxstream-java: Java library to serialize objects to XML and back again Several security issues were fixed in XStream library. oval:org.secpod.oval:def:706280 systemd: system and service manager systemd-tmpfiles could be made to crash or have other unspecified impacts. oval:org.secpod.oval:def:706276 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:77374 apache-log4j2: Apache Log4j - Logging Framework for Java Several security issues were fixed in Apache Log4j 2. oval:org.secpod.oval:def:706185 strongswan: IPsec VPN solution Several security issues were fixed in strongSwan. oval:org.secpod.oval:def:706111 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:706153 edk2: UEFI firmware for virtual machines Several security issues were fixed in EDK II. oval:org.secpod.oval:def:706023 nginx: small, powerful, scalable web/proxy server nginx could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:706025 libx11: X11 client-side library libx11 could allow unintended access to services. oval:org.secpod.oval:def:706019 runc: Open Container Project runC could be made to overwrite files as the administrator. oval:org.secpod.oval:def:706026 isc-dhcp: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:706047 libimage-exiftool-perl: library and program to read and write meta information in multime libimage-exiftool-perl could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:705996 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:706100 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:706203 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:706281 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:706226 freerdp2: RDP client for Windows Terminal Services Several security issues were fixed in FreeRDP. oval:org.secpod.oval:def:706118 grilo: Framework for discovering and browsing media - GObject introspect grilo could be made to allow MITM attacks. oval:org.secpod.oval:def:706277 apache-log4j1.2: Java-based open-source logging tool Apache Log4j 1.2 could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:706114 libssh: A tiny C SSH library libssh could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:706017 pillow: Python Imaging Library Pillow could be made to crash or hang if it opened a specially crafted file. oval:org.secpod.oval:def:706225 bluez: Bluetooth tools and daemons Several security issues were fixed in BlueZ. oval:org.secpod.oval:def:706099 c-ares: library for asynchronous name resolution c-ares could be made to return wrong domains. oval:org.secpod.oval:def:706262 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:706275 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could be made to execute arbitrary code if it received a specially crafted XML or HTML file. oval:org.secpod.oval:def:706150 sqlparse: documentation for non-validating SQL parser in Python SQL parse could be made to denial of service if it received a specially crafted regular expression. oval:org.secpod.oval:def:706101 postgresql-13: Object-relational SQL database - postgresql-12: Object-relational SQL database - postgresql-10: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:706117 apr: Apache Portable Runtime Library APR could be made to expose sensitive information if it received a specially crafted input. oval:org.secpod.oval:def:705995 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:706200 ceph: distributed storage and file system Several security issues were fixed in Ceph. oval:org.secpod.oval:def:72636 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:706278 pillow: Python Imaging Library Several security issues were fixed in Pillow. oval:org.secpod.oval:def:706021 lz4: Extremely fast compression algorithm LZ4 could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:706190 libcaca: text mode graphics utilities libcaca could be made to crash if it received a specially crafted image. oval:org.secpod.oval:def:706007 mysql-8.0: MySQL database - mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:706147 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:706202 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:706189 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-raspi: Linux kernel for Raspberry Pi syst ... oval:org.secpod.oval:def:706131 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:706161 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - li ... oval:org.secpod.oval:def:706206 linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud sys ... oval:org.secpod.oval:def:706159 linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-signed-azure: Signed kernel image azure - linux-azure-5.11: Linux kernel for Microsoft Azure cloud systems - linux-hwe-5.11: Linux hardware enablement kernel - linux-oracle-5.11: Linux kernel for Oracle Cloud systems Several securi ... oval:org.secpod.oval:def:706045 intel-microcode: Processor microcode for Intel CPUs Several security issues were fixed in Intel Microcode. |