Depending on the timing, it is possible for Asterisk to crash when using a TLS connection if the underlying socket parent/listener gets destroyed during the handshake.
f908e37fa6bf92ff245d1f52190b304b3ef6738cc22397a7a0ad4665b63b3f39If the IAX2 channel driver receives a packet that contains an unsupported media format it can cause a crash to occur in Asterisk.
4b4013dde28ebd85bf26ab9c3fd8cf604c2de2c7aacef317b575436966ddf0a0When Asterisk receives a re-INVITE without SDP after having sent a BYE request a crash will occur. This occurs due to the Asterisk channel no longer being present while code assumes it is.
ed776e0af45a5b2a169abf425e456827171d23d6768bff6373779d772dd49e62Ubuntu Security Notice 5021-1 - Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. Various other issues were also addressed.
7ac8b3d2c694f2858e4713261d1ae24b6f8a1aae63be74dbdc2984959e7d4c58Red Hat Security Advisory 2021-2866-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The ovirt-ansible-hosted-engine-setup package provides an Ansible role for deploying Red Hat Virtualization Hosted-Engine.
d6d9da65f13da7bd76c524af0be7f2b3807d6a80218366fd83a1fcb23d20f182Red Hat Security Advisory 2021-2865-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution and denial of service vulnerabilities.
ce9968ff4577033a91a08ac4e693f7ae3c886e4bcb370b3eb85795db47a2a9d5Red Hat Security Advisory 2021-2736-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a use-after-free vulnerability.
1fa632f28d5e605ea0ec82cfb7ecd3c710ed64a96ecae4e68f689247c4013aa9Red Hat Security Advisory 2021-2779-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
aacb10ef0b6fd4316b022328b4531163cd36123f2e4c9fc9bcd4b4a84e971e43Red Hat Security Advisory 2021-2780-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
4834f7a89b1c105c8c634d270a29e092dfbba1336b090fde6cfce50e35c48a75Red Hat Security Advisory 2021-2777-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
39701e076729f2dbf50ed75ccf5d34ae1a75adac7c46b433300189fdc0d76b7aRed Hat Security Advisory 2021-2778-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
1c017048ac46160e63782702866696d00843d69e0de717523dd8f8d936db5f02Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
3005346e90339c18a4c626169c6f1d9fb8643bb0d0a049bcaf64b7ccb4fd272cGentoo Linux Security Advisory 202107-50 - A vulnerability in Singularity could result in remote code execution. Versions less than 3.7.4 are affected.
275b6d1f9a321457af31fe60a31dd40995d53cd5bbd8166a942bbdd7b2876d20Gentoo Linux Security Advisory 202107-49 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 91.0.4472.164 are affected.
3544ab6bea8c304bbd61204ad791443d4540519c4a76f43c18d2536e37049c87
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed