AdvisoryWeek
Subscribe
Archives
2021-43 - Apple, Adobe, Canonical, Red Hat, Cisco, Microsoft, Google, GitHub
Published on November 1, 2021
Email address
Subscribe
Advisory Week
Week 43, 2021
Apple Security Advisory
Safari 15.1 Security Content
iOS 14.8.1 and iPadOS 14.8.1 Security Content
tvOS 15.1 Security Content
Security Update 2021-007 Catalina Security Content
watchOS 8.1 Security Content
iOS 15.1 and iPadOS 15.1 Security Content
macOS Monterey 12.0.1 Security Content
macOS Big Sur 11.6.1 Security Content
Adobe Security Bulletins and Advisories
Security updates available for Adobe Photoshop | APSB21-28 APSB21-109
Security Updates Available for Adobe Lightroom | APSB20-74 APSB21-97
Security Update Available for Adobe InCopy | APSB21-05 APSB21-108
Security Update Available for Adobe InDesign | APSB20-66 APSB21-107
Security Updates Available for Adobe Animate | APSB21-21 APSB21-105
Security Updates Available for Adobe Media Encoder | APSB20-57 APSB21-99
Security Updates Available for Adobe Illustrator | APSB21-12 APSB21-98
Security Updates Available for Adobe Prelude | APSB20-70 APSB21-96
Security Updates Available for Adobe Bridge | APSB21-23 APSB21-94
Security Updates Available for Adobe Audition | APSB20-40 APSB21-92
Ubuntu Security Notices
USN-5126-2: Bind vulnerability
USN-5125-1: PHP vulnerability
USN-5009-2: libslirp vulnerabilities
USN-5122-2: Apport vulnerability
USN-5124-1: GNU binutils vulnerabilities
USN-5123-2: MySQL vulnerabilities
USN-5123-1: MySQL vulnerabilities
USN-5122-1: Apport vulnerability
Red Hat Security Advisory
(RHSA-2021:3915) Moderate: OpenShift Container Platform 3.11.542 security update
(RHSA-2021:4012) Moderate: Red Hat support for Spring Boot 2.4.9 security update
(RHSA-2021:3930) Moderate: OpenShift Container Platform 4.7.36 security and bug fix update
(RHSA-2021:3926) Moderate: OpenShift Container Platform 4.8.17 security and bug fix update
(RHSA-2021:3934) Moderate: OpenShift Container Platform 4.9.4 packages and security update
(RHSA-2021:4000) Important: kpatch-patch security update
(RHSA-2021:3988) Moderate: samba security update
(RHSA-2021:3987) Important: kernel security and bug fix update
(RHSA-2021:3982) Important: rh-ruby30-ruby security update
(RHSA-2021:3980) Important: Red Hat OpenStack Platform 13.0 (redis) security update
(RHSA-2021:3971) Important: Red Hat OpenStack Platform 10.0 (redis) security update
(RHSA-2021:3968) Important: OpenJDK 11.0.13 security update for Windows Builds
(RHSA-2021:3967) Important: OpenJDK 11.0.13 security update for Portable Linux Builds
(RHSA-2021:3961) Important: OpenJDK 8u312 Windows Builds release and security update
(RHSA-2021:3960) Important: OpenJDK 8u312 security update for Portable Linux Builds
(RHSA-2021:3956) Important: xstream security update
(RHSA-2021:3955) Low: redhat-ds:11 security, bug fix, and enhancement update
Cisco Security Advisory
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerability
Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability
Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability
Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
Multiple Cisco Products Snort Rule Denial of Service Vulnerability
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability
Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability
Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities
Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability
Cisco Firepower Threat Defense Software Command Injection Vulnerabilities
Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability
Microsoft Security
Chromium: CVE-2021-38003 Inappropriate implementation in V8
Chromium: CVE-2021-38002 Use after free in Web Transport
Chromium: CVE-2021-38001 Type Confusion in V8
Chromium: CVE-2021-38000 Insufficient validation of untrusted input in Intents
Chromium: CVE-2021-37999 Insufficient data validation in New Tab Page
Chromium: CVE-2021-37998 Use after free in Garbage Collection
Chromium: CVE-2021-37997 Use after free in Sign-In
Google Security Advisories
Pixel Update Bulletin—October 2021 | Android Open Source Project
Github Security Advisories
[GHSA-5xvc-vgmp-jgc3] Improper Access Control in jupyterhub-firstuseauthenticator
[GHSA-m836-gxwq-j2pm] Improper Access Control in github.com/treeverse/lakefs
[GHSA-4p3x-8qw9-24w9] Authenticated Stored XSS in shopware/shopware
[GHSA-j7qv-pgf6-hvh4] XSS in `*Text` options of the Datepicker widget in jquery-ui
[GHSA-gpqq-952q-5327] XSS in the `of` option of the `.position()` util in jquery-ui
[GHSA-9gj3-hwp5-pmwc] XSS in the `altField` option of the Datepicker widget in jquery-ui
[GHSA-59hh-656j-3p7v] DoS via maliciously crafted p2p message
[GHSA-m49f-hcxp-6hm6] CSRF allowing an external page to trigger a user logout event