LinuxSecurity.com

update to 126.0.6478.55 High CVE-2024-5830: Type Confusion in V8 High CVE-2024-5831: Use after free in Dawn High CVE-2024-5832: Use after free in Dawn High CVE-2024-5833: Type Confusion in V8

Security fix for CVE-2024-34055

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors. (CVE-2024-24789)

An issue has been found in cups, the Common UNIX Printing System(tm). When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its Known Exploited Vulnerabilities (KEV) catalog . This bug is being actively exploited in the wild, and federal organizations have been given a deadline of June 20th to patch it, suggesting that private organizations follow suit.

Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and newsgroup client, and Firefox, the widely used open-source web browser. The identified vulnerabilities could result in denial of service attacks, unauthorized access to sensitive information, and the execution of arbitrary code.

Ethical hacking, or analyzing a system without permission to try and discover vulnerabilities that hackers can use, is an essential part of maintaining robust Linux security. Ethical hacking helps prevent cyberattacks before they happen by identifying vulnerabilities before they are exploited by malicious actor.

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

* bsc#1065729 * bsc#1151927 * bsc#1152472 * bsc#1154353 * bsc#1156395

* bsc#1065729 * bsc#1174585 * bsc#1190569 * bsc#1191949 * bsc#1192107

* bsc#1226027 Cross-References: * CVE-2024-5688 * CVE-2024-5690

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Remember when you were sent an email from a purported "bank" informing you of suspicious transactions? Phishing attacks - those deceptive attempts at stealing your information through deception - can be overwhelming and potentially stressful, but not with cybersecurity awareness!

Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass ransomware . This development has caused alarm in the cybersecurity community and highlights the necessity of taking proactive measures against such threats.

A new backdoor, "Noodle RAT" has caused widespread alarm across the cybersecurity landscape. Research highlights this previously undisclosed malware used by Chinese-speaking groups engaged in cybercrime and espionage activities.

Update bundled edk2 to 20240524 (#2284243)

release 1.12.0