Ubuntu Security Notice 6567-2 - USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behavior change leading to a regression in certain environments. This update fixes the problem. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. Various other issues were also addressed.
a54d7bc90f81ef99a51f6873f6c189be32af415ca78c88b11fc2bd3df9e91a3b
Ubuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.
822fd59a00f432568a1ff02767caa245fcfcf6843527f21aad32e7fa00321108
Gentoo Linux Security Advisory 202209-14 - Multiple vulnerabilities have been discovered in Fetchmail, the worst of which could result in email disclosure to third parties. Versions less than 6.4.22 are affected.
0464eed96bdd7d49cf6ef1bba542adce39a341211e8349a992dd1f3d06faf788
Red Hat Security Advisory 2022-1964-01 - Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet for retrieval. Then Fetchmail forwards the mail through SMTP so the user can read it through their favorite mail client. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
56a9423de5b90a5b76974fef202cb8350dc94cd1c401b9fb36ecb0edbd6e7fed
Debian Linux Security Advisory 4980-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service or the the execution of arbitrary code.
ddc750d896a05a7739ac3c32ccc088274d91a7af3ee492e2f13ec7ec5e11244b
Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities.
a75e1219ec6542b9cd32d3ece01efb8d1aeb909324898cf57695ad502378204a