Tanzania Computer Emergency Response Team

GitHub has released security updates to address a vulnerability in Jupyter Server Proxy’s websocket. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review GitHub Security Advisory and apply necessary updates.

Red Hat has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service condition. Users and administrators are encouraged to review Red Hat Security Advisories RHSA-2024:1444, RHSA-2024:1441, RHSA-2024:1438, RHSA-2024:1437 and RHSA-2024:1267 and apply necessary updates.

Hewlett-Packard has released security updates to address vulnerabilities in HPE StoreEasy Servers and AMD Client UEFI Firmware. Exploitation of these vulnerabilities may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review HP Security Advisories hpesbst04611 and hpsbhf03890 and apply necessary updates.

Debian has released security updates to address vulnerabilities in pdns-recursor, php-dompdf-svg-lib and fontforge. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Debian Security Advisories msg00050, msg00049 and msg00048 and apply necessary updates.

Spring has released security updates to address vulnerabilities in Spring Security and Spring Authorization Server. Exploitation of these vulnerabilities may allow an attacker to bypass authentication. Users and administrators are encouraged to review Spring Security Advisories cve-2024-22257 and cve-2024-22258 and apply necessary updates.