A New Beginning for Election Security JourneysTue, 09 Aug 2022 11:42:00 -0400 Elections offices of any jurisdiction can use our Essential Guide to Election Security to shape their cybersecurity journeys going forward.
Two more malicious Python packages in the PyPI We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI. They were masquerading as one of the most popular open-source packages named “requests“.
Ubuntu Security Notice USN-5569-1Tue, 16 Aug 2022 15:42:04 GMT Ubuntu Security Notice 5569-1 - Xiang Li discovered that Unbound incorrectly handled delegation caching. A remote attacker could use this issue to keep rogue domain names resolvable long after they have been revoked.
Ubuntu Security Notice USN-5568-1Mon, 15 Aug 2022 16:05:06 GMT Ubuntu Security Notice 5568-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Red Hat Security Advisory 2022-6061-01Mon, 15 Aug 2022 16:04:58 GMT Red Hat Security Advisory 2022-6061-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6065-01Mon, 15 Aug 2022 16:04:49 GMT Red Hat Security Advisory 2022-6065-01 - Collectd plugin for gathering resource usage statistics from containers created with the libpod library.
Red Hat Security Advisory 2022-6062-01Mon, 15 Aug 2022 16:04:40 GMT Red Hat Security Advisory 2022-6062-01 - Collectd plugin for gathering resource usage statistics from containers created with the libpod library.
Red Hat Security Advisory 2022-6066-01Mon, 15 Aug 2022 16:04:31 GMT Red Hat Security Advisory 2022-6066-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6057-01Mon, 15 Aug 2022 16:04:23 GMT Red Hat Security Advisory 2022-6057-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.422 and .NET Runtime 3.1.28.
Red Hat Security Advisory 2022-6058-01Mon, 15 Aug 2022 16:04:11 GMT Red Hat Security Advisory 2022-6058-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.108 and .NET Runtime 6.0.8.
Gentoo Linux Security Advisory 202208-31Mon, 15 Aug 2022 16:04:03 GMT Gentoo Linux Security Advisory 202208-31 - Multiple vulnerabilities have been found in GStreamer and its plugins, the worst of which could result in arbitrary code execution. Versions less than 1.16.3 are affected.
Gentoo Linux Security Advisory 202208-30Mon, 15 Aug 2022 16:03:57 GMT Gentoo Linux Security Advisory 202208-30 - Multiple vulnerabilities have been discovered in Binutils, the worst of which could result in denial of service. Versions less than 2.38 are affected.
Gentoo Linux Security Advisory 202208-29Mon, 15 Aug 2022 16:03:50 GMT Gentoo Linux Security Advisory 202208-29 - Multiple vulnerabilities have been discovered in Nokogiri, the worst of which could result in denial of service. Versions less than 1.13.6 are affected.
Gentoo Linux Security Advisory 202208-28Mon, 15 Aug 2022 16:03:44 GMT Gentoo Linux Security Advisory 202208-28 - Multiple vulnerabilities have been discovered in Puma, the worst of which could result in denial of service. Versions less than 5.6.4 are affected.
Gentoo Linux Security Advisory 202208-26Mon, 15 Aug 2022 16:03:35 GMT Gentoo Linux Security Advisory 202208-26 - Multiple vulnerabilities have been discovered in libarchive, the worst of which could result in arbitrary code execution. Versions less than 3.6.1 are affected.
Gentoo Linux Security Advisory 202208-27Mon, 15 Aug 2022 16:03:28 GMT Gentoo Linux Security Advisory 202208-27 - Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape). Versions less than 7.0.0 are affected.
Gentoo Linux Security Advisory 202208-23Mon, 15 Aug 2022 16:03:21 GMT Gentoo Linux Security Advisory 202208-23 - Multiple vulnerabilities have been discovered in Xen, the worst of which could result in remote code execution (guest sandbox escape). Versions less than 4.15.3 are affected.
Gentoo Linux Security Advisory 202208-25Mon, 15 Aug 2022 16:03:09 GMT Gentoo Linux Security Advisory 202208-25 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected.
Gentoo Linux Security Advisory 202208-24Mon, 15 Aug 2022 16:03:03 GMT Gentoo Linux Security Advisory 202208-24 - Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service. Versions less than 2.34 are affected.
Gentoo Linux Security Advisory 202208-21Mon, 15 Aug 2022 16:02:56 GMT Gentoo Linux Security Advisory 202208-21 - A heap-based buffer overflow in libeml might allow attackers to execute arbitrary code. Versions less than 1.4.2 are affected.
Gentoo Linux Security Advisory 202208-20Mon, 15 Aug 2022 16:02:48 GMT Gentoo Linux Security Advisory 202208-20 - Multiple vulnerabilities have been discovered in Apache Webserver, the worst of which could result in remote code execution. Versions less than 2.4.54 are affected.
Gentoo Linux Security Advisory 202208-22Mon, 15 Aug 2022 16:02:41 GMT Gentoo Linux Security Advisory 202208-22 - Multiple vulnerabilities have been discovered in xterm, the worst of which could result in denial of service. Versions less than 371 are affected.
Ubuntu Security Notice USN-5556-1Thu, 11 Aug 2022 15:43:19 GMT Ubuntu Security Notice 5556-1 - It was discovered that Booth incorrectly handled user authentication. An attacker could use this vulnerability to cause a denial of service.
Gentoo Linux Security Advisory 202208-16Thu, 11 Aug 2022 15:43:12 GMT Gentoo Linux Security Advisory 202208-16 - A vulnerability in faac could result in denial of service. Versions less than 1.30 are affected.
Gentoo Linux Security Advisory 202208-18Thu, 11 Aug 2022 15:43:00 GMT Gentoo Linux Security Advisory 202208-18 - A vulnerability in Motion allows a remote attacker to cause denial of service. Versions less than 4.3.2 are affected.
Gentoo Linux Security Advisory 202208-19Thu, 11 Aug 2022 15:42:49 GMT Gentoo Linux Security Advisory 202208-19 - An open redirect vulnerability has been discovered in aiohttp. Versions less than 3.7.4 are affected.
Gentoo Linux Security Advisory 202208-15Thu, 11 Aug 2022 15:42:38 GMT Gentoo Linux Security Advisory 202208-15 - Multiple vulnerabilities have been discovered in isync, the worst of which could result in arbitrary code execution. Versions less than 1.4.4 are affected.