Happy Friday fellow Linux geeks! This week, important updates have been issued for Firefox, cifs-utils and python-twisted-web. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
FirefoxThe DiscoveryEight important security vulnerabilities have been discovered in Mozilla Firefox, including a heap buffer overflow in WebGL (CVE-2022-31737), browser window spoof using fullscreen mode (CVE-2022-31738), attacker-influenced path traversal when saving downloaded files (CVE-2022-31739), memory safety bugs in Firefox 101 and Firefox ESR 91.10 (CVE-2022-31747), and more. |
cifs-utilsThe DiscoverySeveral security issues have been found in cifs-utils (Common Internet File System utilities). It was discovered that cifs-utils invoked a shell when requesting a password (CVE-2020-14342), incorrectly used host credentials when mounting a krb5 CIFS file system from within a container (CVE-2021-20208), incorrectly handled certain command-line arguments (CVE-2022-27239), and incorrectly handled verbose logging (CVE-2022-29869). The ImpactThese vulnerabilities could result in privilege escalation attacks and the compromise of sensitive information. The FixAn update has been released for cifs-utils that mitigates these bugs. Update now to protect the security and integrity of your systems and your sensitive information. Your Related Advisories:Register to Customize Your Advisories |
python-twisted-webThe DiscoveryAn important security bug has been discovered in the python-twisted-web web server (CVE-2022-24801). The Impact
|
