Synopsis: Moderate: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2022:7002-1 Issue Date: 2022-10-20 CVE Numbers: CVE-2022-21619 CVE-2022-21626 CVE-2022-21624 CVE-2022-21628 — Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2022:7069-1 Issue Date: 2022-10-21 CVE Numbers: CVE-2022-42927 CVE-2022-42928 CVE-2022-42929 CVE-2022-42932 — This update upgrades Firefox to version 102.4.0 ESR. Security Fix(es): * Mozilla: Same-origin policy violation could have leaked cross-origin URLs (CVE-2022-42927) * … Read More
Synopsis: Moderate: java-11-openjdk security and bug fix update Advisory ID: SLSA-2022:7008-1 Issue Date: 2022-10-20 CVE Numbers: CVE-2022-21619 CVE-2022-21626 CVE-2022-21624 CVE-2022-21628 CVE-2022-39399 CVE-2022-21618 — Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2022:6997-1 Issue Date: 2022-10-19 CVE Numbers: CVE-2022-40674 — This update upgrades Firefox to version 102.3.0 ESR. Security Fix(es): * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:6998-1 Issue Date: 2022-10-19 CVE Numbers: CVE-2022-40674 — This update upgrades Thunderbird to version 102.3.0. Security Fix(es): * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the … Read More
Synopsis: Important: expat security update Advisory ID: SLSA-2022:6834-1 Issue Date: 2022-10-06 CVE Numbers: CVE-2022-40674 — Security Fix(es): * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS … Read More
Synopsis: Important: squid security update Advisory ID: SLSA-2022:6815-1 Issue Date: 2022-10-06 CVE Numbers: CVE-2022-41318 — Security Fix(es): * squid: buffer-over-read in SSPI and SMB authentication (CVE-2022-41318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More
Synopsis: Important: bind security update Advisory ID: SLSA-2022:6765-1 Issue Date: 2022-10-04 CVE Numbers: CVE-2022-38177 CVE-2022-38178 — Security Fix(es): * bind: memory leak in ECDSA DNSSEC verification code (CVE-2022-38177) * bind: memory leaks in EdDSA DNSSEC verification code (CVE-2022-38178) For more … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:6710-1 Issue Date: 2022-09-26 CVE Numbers: CVE-2022-3032 CVE-2022-3033 CVE-2022-3034 CVE-2022-36059 CVE-2022-40959 CVE-2022-40960 CVE-2022-40958 CVE-2022-40956 CVE-2022-40957 CVE-2022-40962 — This update upgrades Thunderbird to version 102.3.0. Security Fix(es): * Mozilla: Leaking of sensitive information when … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2022:6711-1 Issue Date: 2022-09-26 CVE Numbers: CVE-2022-40959 CVE-2022-40960 CVE-2022-40958 CVE-2022-40956 CVE-2022-40957 CVE-2022-40962 — This update upgrades Firefox to version 102.3.0 ESR. Security Fix(es): * Mozilla: Bypassing FeaturePolicy restrictions on transient pages (CVE-2022-40959) * … Read More
