Ubuntu Security Notice 5526-2 - USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a regression by incrementing the internal package version number on Ubuntu 22.04 LTS. This update fixes the problem. Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature.
8c41a2693d407eefe7e13b7defbcf414474f7e1b4eed38adbde82f77f010d590Red Hat Security Advisory 2022-6079-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a privilege escalation vulnerability.
b245269cc6acf1dbc42bb59360e9c7416f3026aff0ca7e1507e483ea945923edRed Hat Security Advisory 2022-6073-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
44bc4925eddbb67b285b675712c5d123f78ce3f5c67aef2a2bc37ac0e4dd09f5Red Hat Security Advisory 2022-6075-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
54b56b0a70c3dd8996d47363cb2f7883c209d1c2cb091d9fe86b3ff89352913aRed Hat Security Advisory 2022-6078-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a privilege escalation vulnerability.
4b7311f5616130f86296dec014f18be5a68e37df0f88b307582f61648229dc69This paper is an in-depth blog post on hacking Zyxel IP cameras to obtain a root shell.
b1c1d5af6bd2b118ab3a1c720fe41a27cfec41885c4cf555570f4e8a14d7f78b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed