USN-6849-1: Salt vulnerabilities ›
25 June 2024
Several security issues were fixed in Salt.
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
25 June 2024
Several security issues were fixed in Salt.
25 June 2024
Google Guest Agent and OS Config Agent could be made to crash if it open a specially crafted JSON.
25 June 2024
Roundcube could be made to crash or run programs if it received specially crafted input.
CVE-2024-37383 , CVE-2024-37384 , CVE-2023-47272 , and 1 other
25 June 2024
libheif could be made to crash if it opened a specially crafted file.
CVE-2023-49463 , CVE-2020-23109 , CVE-2023-49464 , and 5 others
25 June 2024
Several security issues were fixed in Ansible.
24 June 2024
CUPS could be made to arbitrary chmod paths with specially crafted configuration file.
24 June 2024
Hibernate could be made to expose sensitive information.
20 June 2024
gdb could be made to crash if it opened a specially crafted file.
19 June 2024
PHP could be made to accept invalid URLs.
19 June 2024
A security issue was fixed in MariaDB