Tanzania Computer Emergency Response Team

Slackware has released security updates to address vulnerabilities in xorg-server and gnutls packages. Exploitation of these vulnerabilities may allow an attacker to cause denial of service condition to an affected system. Users and Administrators are encouraged to review Slackware Security Advisories SSA:2024-016-02 and SSA:2024-016-01 and apply necessary updates.

GitLab has released security updates to address vulnerabilities in GitLab prior to version 16.8. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review GitLab Release Note and apply necessary updates.

Advisory No: TZCERT/SA/2024/01/15 Date of First Release: 15th January 2024 Source: GitLab Software Affected: GitLab self-managed instances version 16.1 to 16.1.5,16.2 to 16.2.8,16.3 to 16.3.6,16.4 to 16.4.4,16.5 to 16.5.5,16.6 to 16.6.3 and 16.7 to 16.7.1 Overview: GitLab has released security updates to address two critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356), whereby …

Advisory No: TZCERT/SA/2024/01/15 Date of First Release: 15th January 2024 Source: Ivanti Software Affected: Version 9.x and 22.x Overview: Ivanti has issued an advisory on two critical zero-day vulnerabilities discovered in Ivanti Connect Secure VPN and Ivanti Policy Secure appliances. The vulnerability could lead to unauthenticated remote code execution. Description: …

Advisory No: TZCERT/SA/2024/01/15 Date of First Release: 15th January 2024 Source: Juniper Software Affected: All versions of Junos OS on SRX Series and EX Series. Overview: Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. Successfully …