SUSE SLES15 Security Update : krb5 (SUSE-SU-2023:0198-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0198-1 advisory. - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution...

CLSA-2023-1674816097 grub2: Fix of 2 CVEs

font: Reject glyphs exceeds font-maxglyphwidth or font-maxglyph height - font: Fix size overflow in grubfontgetglyphinternal - CVE-2022-2601: font: Fix several integer overflows in grubfontconstructglyph - CVE-2022-3775: font: Fix an integer underflow in blitcomb...

Debian dla-3282 : git - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3282 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3282-1 [email protected]...

Amazon Linux 2 : krb5 (ALAS-2023-1915)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1915 advisory. Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for...

Amazon Linux AMI : krb5 (ALAS-2023-1667)

It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1667 advisory. Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

RLSA-2023:0338 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...

ALSA-2023:0338 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

Integer overflow

Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this...

CVE-2022-23521

Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this...

GSD-2023-1001056 fs/ntfs3: Harden against integer overflows

fs/ntfs3: Harden against integer overflows This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000640 fs/ntfs3: Harden against integer overflows

fs/ntfs3: Harden against integer overflows This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Git vulnerabilities (USN-5810-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5810-1 advisory. Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use...

RLSA-2023:0173 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

OPENSUSE-SU-2023:0019-1 Security update for libheimdal

This update for libheimdal fixes the following issues: Update to version 7.8.0 - CVE-2022-42898 PAC parse integer overflows - CVE-2022-3437 Overflows and non-constant time leaks in DES,3 and arcfour - CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array - CVE-2021-44758 A nu...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...