#linux

Debian Linux Security Advisory 5807-1 - Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service or potentially the execution of arbitrary code.

OpenSSL is a popular cryptographical toolkit with more than 20 years of history. For a long time, the only way to extend it was by using an "engine", which defines how a cryptographic algorithm is computed. This could include hardware devices and even new algorithms not included in the main library, but as OpenSSL evolved it became evident that the engines API was limiting. A new pluggable system, called a "provider", was introduced.What is a providerA provider, in OpenSSL terms, is a unit of code that provides one or more implementations of cryptographic operations, making new algorithms avai

Debian Linux Security Advisory 5806-1 - A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed.

Debian Linux Security Advisory 5805-1 - It was discovered that the daemon of the GNU Guix functional package manager was susceptible to privilege escalation.

Direct cyberattacks on vehicles are all but unheard of. In theory though, the opportunity is there to cause real damage — data extraction, full system compromise, even gaining access to safety-critical systems.

Hackers can exploit critical vulnerabilities in Mazda’s infotainment system, including one that enables code execution via USB, compromising…

Debian Linux Security Advisory 5804-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher, Q1IQ (@q1iqF) and P1umer discovered that processing maliciously crafted web content may lead to an unexpected process crash. Narendra Bhati discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced.

A significant amount of vulnerabilities in the Linux kernel have been resolved that include use-after-free and race conditions.

Red Hat Security Advisory 2024-9019-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-9018-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities.