LinuxSecurity.com

28.05.2025 13:41 Latest upstream release. Changelog: https://github.com/gorhill/uBlock/releases/tag/1.64.0 . Fixes CVE-2025-4215 .

28.05.2025 13:41 Update to version 22.15.1

28.05.2025 13:41 Update to 20.19.2

28.05.2025 08:10 Update to upstream 2.1-49. 20250512 Addition of 06-ad-01/0x20 microcode at revision 0xa0000d1; Addition of 06-ad-01/0x95 microcode at revision 0x10003a2;

28.05.2025 08:10 Update to 20.19.2

28.05.2025 08:10 Update to version 22.15.1

28.05.2025 08:10 The package bind before version 9.20.9-1 is vulnerable to denial of service.

28.05.2025 08:10 The package varnish before version 7.7.1-1 is vulnerable to content spoofing.

28.05.2025 08:10 net-tools could be made to crash or run programs as your login if it opened a specially crafted input.

28.05.2025 02:40 Sender Spoofing via Malformed From Header in Thunderbird. Unsolicited File Download, Disk Space Exhaustion, and Credential Leakage via mailbox:/// Links. JavaScript Execution via Spoofed PDF Attachment and file:/// Link.

28.05.2025 02:40 In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3_db_config can cause a denial of service . An sz*nBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect.

28.05.2025 02:40 VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.

28.05.2025 02:40 Out-of-bounds access when resolving Promise objects. Out-of-bounds access when optimizing linear sums. References: - https://bugs.mageia.org/show_bug.cgi?id=34287

28.05.2025 02:40 cifs-utils could be made to expose sensitive information.

28.05.2025 02:40 New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues.