Ubuntu Security Notice 6727-2 - USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements.
98f7aae4d30d1b37976aae71c2f8f3d1c09fb49865d4abec3139169342e9663aUbuntu Security Notice 6727-1 - It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data.
2c691be3dfb8ed61396b4eb86ac7b035f8344a516e272f6ffb13c26ac0186bd9Red Hat Security Advisory 2024-1498-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
8040d52b4784a6e8a2450cd97ee38fcb7907e77333d167938853469e343e5980Red Hat Security Advisory 2024-1495-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
c75eafc88cdfda22f560cd46eeaf38ff34fe9766e692845e01ef20ae63a6d00fRed Hat Security Advisory 2024-1494-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
606572dd4d95dd1de56695ad71ca9f35948eacad36562730ffd8c1ce311f22ceRed Hat Security Advisory 2024-1493-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
749a0634426b461a8582602f4cff52f951021b304c88ddd66f38c9a20d184cc5Red Hat Security Advisory 2024-1492-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7bbef7fcbc40b051f54bf2867415a967c32d103397c8b9d4ed7fe019a4a0fc6cRed Hat Security Advisory 2024-1485-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
cb6d472544bf0aeb62495788b675979901f95643e3711c5d88fe91abb822ec1eRed Hat Security Advisory 2024-1484-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
49371d460f37dd9335d28acb1593c3c63ad50eaa0455e76cf89988b0368cd6daRed Hat Security Advisory 2024-1483-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
64a3e483cbae18307eaee1bd251b18988fc7e2834037359f53d2f3fe43476b38Ubuntu Security Notice 6717-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.
c7e276778f2c974b0aa76f968f7adfbc3e4984a93e8eaf31675ad13306e8e12aRed Hat Security Advisory 2024-1500-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
c05f8f74cc8a662e477728100ce6bcdd582daa8a8b25edec9d157bea7fcf1396Red Hat Security Advisory 2024-1499-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
4c35312ed656f58e5e77883ac99c6d4277c212a2120cbc8392c9387665c90811Red Hat Security Advisory 2024-1497-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
694916cc7f93ef561a4faa6e4737263c6cb158372d7f2f807cc33d8f3ad9986bRed Hat Security Advisory 2024-1496-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7f4ff279933caca7c3743c461957b45d21d77941725aa2ac85b04d5e1ce0acb3Red Hat Security Advisory 2024-1491-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
945623663f2172096c6b71e3b08fdabe05c8a47439dd5ff05a8e7b4e291dc27aRed Hat Security Advisory 2024-1490-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
ff89bb1e11cbe0562a24cf57e66f3825dcb41bc7cd1d8ebc94e15ab4bbdd16e0Red Hat Security Advisory 2024-1489-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
86bc89a9b35a07fa4157edb431950ea320dbafa5691bafdddeddeb1a3c184da5Red Hat Security Advisory 2024-1488-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
6bf37a4b678fce20bf909634fe2de254458bf2ea9e41119e298ea3af53f80f9cRed Hat Security Advisory 2024-1487-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7c27cfc7e2501f297c9a798bd9de71a80591b82191a8429e1542992a7cd7ad91Red Hat Security Advisory 2024-1486-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
dade356857652e398da063a21b88de38dbffc67ef3cf5758ae9330710bfae8c5Debian Linux Security Advisory 5644-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or leaks of encrypted email subjects.
52c9ec4f8c2d47616afc49e17f3a3b204457658b0cbdb5e77c7a81280f8c2fceDebian Linux Security Advisory 5643-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure, bypass of content security policies or spoofing.
a448517a42a8f898647c5aa7c7b1e0258fff75928a056aa5b3eb6c5fe41ab76bUbuntu Security Notice 6703-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Hubert Kario discovered that Firefox had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.
8925f4bfe2e00238817e4e82aaa72fa22ab5cbc166f07e21afc8f8a239ee2279Red Hat Security Advisory 2024-0108-03 - An update for nss is now available for Red Hat Enterprise Linux 9.
cec73bbb3c72c8f4576dcbcabfaa68eff88c51359a6c261e4ff0de82681a0bb1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed