Happy Friday fellow Linux geeks! This week, important updates have been issued for OpenJDK, gzip and OpenSSL. Read on to learn about these vulnerabilities and how to secure your system against them.
Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.
Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!
Yours in Open Source,
OpenJDKThe DiscoveryMultiple security bugs have been discovered in the OpenJDK Java runtime (CVE-2022-21426, CVE-2022-21434, CVE-2022-21443 and CVE-2022-21476). |
gzipThe DiscoveryAn important arbitrary-file-write vulnerability (CVE-2022-1271) has been found in the gzip file compression and decompression application. The ImpactThis flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system. The FixA gzip security update fixes this bug. We recommend updating as soon as possible to project the confidentiality, integrity and availability of your files and your system. Your Related Advisories:Register to Customize Your Advisories |
OpenSSLThe DiscoveryIt was discovered that The c_rehash script does not properly sanitize shell metacharacters to prevent command injection (CVE-2022-1292). The Impact
|
