#vulnerability

Ubuntu Security Notice 6538-2 - USN-6538-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 18.04 LTS. Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.

Ubuntu Security Notice 6587-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice 6586-1 - It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS. It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. This issue only affected Ubuntu 16.04 LTS and Ubuntu 20.04 LTS.

Red Hat Security Advisory 2024-0262-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0261-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-0217-03 - An update for rabbitmq-server is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-0216-03 - An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2024-0215-03 - An update for GitPython is now available for Red Hat OpenStack Platform 17.1. Issues addressed include a local file inclusion vulnerability.

Red Hat Security Advisory 2024-0214-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 17.1. Issues addressed include denial of service and remote shell upload vulnerabilities.

Red Hat Security Advisory 2024-0213-03 - An update for python-eventlet is now available for Red Hat OpenStack Platform 17.1.