No Image

USN-4698-1: Dnsmasq vulnerabilities

2021-01-19 KENNETH 0

USN-4698-1: Dnsmasq vulnerabilities Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25681, CVE-2020-25687) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-25682, CVE-2020-25683) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25684) Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. (CVE-2020-25685) Moshe Kol and Shlomi Oberman discovered [ more… ]

No Image

USN-4697-1: Pillow vulnerabilities

2021-01-19 KENNETH 0

USN-4697-1: Pillow vulnerabilities It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. (CVE-2020-35653) It was discovered that Pillow incorrectly handled certain Tiff image files. If a user or automated system were tricked into opening a specially-crafted Tiff file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2020-35654) It was discovered that Pillow incorrectly handled certain SGI image files. If a user or automated system were tricked into opening a specially-crafted SGI file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. This [ more… ]

No Image

USN-4696-1: HTMLDOC vulnerability

2021-01-18 KENNETH 0

USN-4696-1: HTMLDOC vulnerability It was discovered that HTMLDOC incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a denial of service. Source: USN-4696-1: HTMLDOC vulnerability

No Image

USN-4695-1: icoutils vulnerabilities

2021-01-18 KENNETH 0

USN-4695-1: icoutils vulnerabilities Choongwoo Han discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2017-5208) It was discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2017-5331, CVE-2017-5332, CVE-2017-5333) Jerzy Kramarz discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2017-6009, CVE-2017-6010) Jerzy Kramarz discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information. (CVE-2017-6011) Source: USN-4695-1: icoutils vulnerabilities

No Image

The MySQL 8.0.23 Maintenance Release is Generally Available

2021-01-18 KENNETH 0

The MySQL 8.0.23 Maintenance Release is Generally Available The MySQL Development team is very happy to announce that MySQL 8.0.23 is now available for download at dev.mysql.com. In addition to bug fixes there are a few new features added in this release.  Please download 8.0.23 from dev.mysql.com or from the MySQL  Yum,  APT, or SUSE repositories.… Facebook Twitter LinkedIn Source: The MySQL 8.0.23 Maintenance Release is Generally Available