Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
dbb9788260269c5a75eb5d18fd9ad0df1f06f00757cdde9d86994b35428b5776
pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request to the flash/addcrypted2 endpoint to leverage this for code execution. pyLoad by default runs two services, the primary of which is on port 8000 and can not be used by external hosts. A secondary Click N Load service runs on port 9666 and can be used remotely without authentication.
d86b89ccd29b81ac570725e1b71f96f42350980adb191ce14634207100bc2450
Ubuntu Security Notice 5739-2 - USN-5739-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. MariaDB has been updated to 10.3.38 in Ubuntu 20.04 LTS and to 10.6.12 in Ubuntu 22.04 LTS and Ubuntu 22.10.
864704062d2b1c3bdf54e5ca1c62eb30ddf326673f2e3cbfba651f9d4c73b1bd
Red Hat Security Advisory 2023-0774-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.28. Issues addressed include denial of service and out of bounds read vulnerabilities.
ca47c0cea81330f5de88e4e9f79a211719d421c59b8c4c4424353cdd2b6b0a26
Ubuntu Security Notice 5881-1 - It was discovered that Chromium did not properly manage memory. A remote attacker could possibly use these issues to cause a denial of service or execute arbitrary code via a crafted HTML page. It was discovered that Chromium did not properly manage memory. A remote attacker who convinced a user to install a malicious extension could possibly use this issue to corrupt memory via a Chrome web app.
1ffc99eb387d685f3934bcb9f92476d55e232ea25caa6a7e53c49c72dff61a87
Red Hat Security Advisory 2023-0833-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.
d16dc5abdc87b7c6d25b0c046da8d55627f3f9d1e6610e67e99f688d38471729
Red Hat Security Advisory 2023-0888-01 - A security update for 2.13.2-1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a denial of service vulnerability.
d4de88d15e138f91bd87cf8e8825d14fabd472872f1b7b84374be9f237454a82