AdvisoryWeek
Subscribe
Archives
2021-51 - Mozilla, Canonical, Red Hat, Amazon, GitHub
Published on December 27, 2021
Email address
Subscribe
Advisory Week
Week 51, 2021
Mozilla Security Advisories
Security Vulnerabilities fixed in Thunderbird 91.4.1 mfsa2021-55
Ubuntu Security Notices
USN-5186-2: Firefox regressions
USN-5203-1: Apache Log4j 2 vulnerability
Red Hat Security Advisory
(RHSA-2021:5269) Moderate: rh-maven36-log4j12 security update
(RHSA-2021:5238) Low: virt:rhel and virt-devel:rhel security update
(RHSA-2021:5235) Moderate: postgresql:12 security update
(RHSA-2021:5236) Moderate: postgresql:13 security update
(RHSA-2021:5241) Moderate: kernel-rt security and bug fix update
(RHSA-2021:5227) Moderate: kernel security and bug fix update
(RHSA-2021:5226) Moderate: openssl security update
(RHSA-2021:5219) Important: Red Hat Single Sign-On security update on RHEL 8
(RHSA-2021:5218) Important: Red Hat Single Sign-On 7.5.0 security update on RHEL 7
(RHSA-2021:5217) Important: Red Hat Single Sign-On 7.5.0 security update
(RHSA-2021:5206) Moderate: log4j security update
Amazon AWS Security Advisories
AWSSupportServiceRolePolicy Informational Update
Github Security Advisories
[GHSA-w6v2-qchm-grj7] Insecure permissions on user namespace / fakeroot temporary rootfs in Singularity
[GHSA-6w7g-p4jh-rf92] "Verify All" Returns Success Despite Validation Failures in Singularity
[GHSA-pmfr-63c2-jr5c] Execution Control List (ECL) Is Insecure in Singularity
[GHSA-g54h-m393-cpwq] devices resource list treated as a blacklist by default
[GHSA-f3w5-v9xx-rp8p] Signature verification failure in Tendermint
[GHSA-6jqj-f58p-mrw3] Denial of Service in TenderMint
[GHSA-mx43-r985-5h4m] Open redirect vulnerability in Sourcegraph
[GHSA-qqxw-m5fj-f7gv] The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect
[GHSA-j7px-6hwj-hpjg] Open Redirect in OAuth2 Proxy
[GHSA-5m6c-jp6f-2vcv] Open Redirect in OAuth2 Proxy
[GHSA-627p-rr78-99rj] GitLab auth uses full name instead of username as user ID, allowing impersonation
[GHSA-m9hp-7r99-94h5] Critical security issues in XML encoding in github.com/dexidp/dex
[GHSA-68wm-pfjf-wqp6] Authentication bypassed with malformed request URI on nginx