Happy Friday fellow Linux geeks! This week, important updates have been issued for nss, vim and mailman. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
nssThe DiscoveryIt was discovered that nss, the Mozilla Network Security Service library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS signatures (CVE-2021-43527).
|
vimThe DiscoveryMultiple heap-based buffer overflows, stack-based buffer overflows and a use after free have been discovered in the vim text editor program (CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927, CVE-2021-3928, CVE-2021-3968, CVE-2021-3973 and CVE-2021-3974). The ImpactThese flaws could result in buffer overflow attacks and the compromise of the vim program. The FixA vim security update that mitigates these issues has been released. We encourage you to update your vim packages promptly to protect the security and integrity of your systems. Your Related Advisories:Register to Customize Your Advisories |
mailmanThe DiscoveryThree important flaws in the mailman mailing list manager have been identified. They include two CSRF token bypass vulnerabilities (CVE-2021-42097 and CVE-2021-44227) and missing CSRF protection in the user options page (CVE-2016-6893). The Impact
|
