Packet Storm

Red Hat Security Advisory 2023-1079-01 - An update for osp-director-downloader-container, osp-director-agent-container and osp-director-operator-container is now available for Red Hat OpenStack Platform 16.2 (Train).

Ubuntu Security Notice 5923-1 - It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop tool. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service, or possibly execute arbitrary code.

Agilebio Lab Collector version 4.234 suffers from a remote code execution vulnerability.

Red Hat Security Advisory 2023-1065-01 - The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2023-1064-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site request forgery, cross site scripting, and deserialization vulnerabilities.

Red Hat Security Advisory 2023-1066-01 - The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2023-1067-01 - The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2023-1068-01 - The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. Issues addressed include a buffer overflow vulnerability.

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Debian Linux Security Advisory 5369-1 - It was discovered that an integer overflow in the RFC3164 parser of syslog-ng, a system logging daemon, may result in denial of service via malformed syslog messages.