This week we cover security updates for dpkg, logrotate, GnuPG, CUPS, InfluxDB and more, plus we take a quick look at some open positions on the team - come join us!
31 unique CVEs addressed
ntfscktool failed to perform proper bounds checking on filesystem metadata - if could trick a user into running it on an untrusted filesystem image could then possibly get code execution
ntfs-3g-devpackage which is not installed by default
io_uring- an unprivileged user can spam requests which would eventually overflow counter and then could be used to trigger an OOB write -> controlled memory corruption -> privesc
io_uringfound by this researcher - https://seclists.org/oss-sec/2021/q2/127