Tanzania Computer Emergency Response Team

TZCERT-SU-24-0110 (Slackware Security Update)

1st February 2024

Slackware has released security updates to address a vulnerability in sendmail package. Exploitation of this vulnerability may allow an attacker to bypass protection mechanism. Users and administrators are encouraged to review Slackware Security Advisory and apply necessary updates.

TZCERT-SU-24-0109 (Gentoo Security Update)

1st February 2024

Gentoo has released security updates to address vulnerabilities in containerd, libaom, webkitgtk, x11-base and chromium. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Gentoo Security Advisories glsa-202401-31, glsa-202401-32, glsa-202401-33, glsa-202401-30 and glsa-202401-34 and apply necessary updates.

TZCERT-SU-24-0108 (Tenable Security Update)

1st February 2024

Tenable has released security updates to address vulnerabilities in appwrite and HTML5 Video Player WordPress Plugin. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Tenable Security Advisories tra-2024-03 and tra-2024-02 and apply necessary updates.

TZCERT-SU-24-0107 (Apple Security Update)

1st February 2024

Apple has released security update to address a vulnerability in visionOS. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review Apple Security Advisory and apply necessary updates.

TZCERT-SU-24-0106 (Oracle Linux Security Update)

1st February 2024

Oracle has released security updates to address vulnerabilities in tigervnc, thunderbird, Firefox and tomcat. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Oracle Linux Security Advisories ELSA-2024-0607, ELSA-2024-0609, ELSA-2024-0608 and ELSA-2024-0539 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0110 (Slackware Security Update)

TZCERT-SU-24-0109 (Gentoo Security Update)

TZCERT-SU-24-0108 (Tenable Security Update)

TZCERT-SU-24-0107 (Apple Security Update)

TZCERT-SU-24-0106 (Oracle Linux Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)