Tanzania Computer Emergency Response Team

TZCERT-SU-24-0046 (DebianOS Security Update)

15th January 2024

Debian has released security updates to address vulnerabilities in phpseclib. Exploitation of these vulnerabilities may allow an attacker to gain access to sensitive information. Users and administrators are encouraged to review DebianOS Security Advisories msg00008 and msg00006 and apply necessary updates.

TZCERT-SU-24-0045 (HP Security Update)

15th January 2024

Hewlett-Packard has released security updates to address vulnerabilities in Intel Optane, Intel Rapid storage and NVIDIA. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review HP Security Advisories hpsbhf03882, hpsbhf03884 and hpsbhf03903 and apply necessary updates.

TZCERT-SU-24-0044 (Mageia Security Update)

15th January 2024

Mageia has released security updates to address vulnerabilities in chromium-browser, openssh, x11-server, gnutls and vlc. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Mageia Security Advisories MGASA-2024-0011, MGASA-2024-0010, MGASA-2024-0009, MGASA-2024-0008 and MGASA-2024-0007 and apply necessary updates.

TZCERT-SU-24-0043 (NetApp Security Update)

15th January 2024

NetApp has released security updates to address vulnerabilities in golang, HarshiCorp vault, FreeBSD, SQLite, Apache and IBM. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service condition. Users and administrators are encouraged to review NetApp Security Advisories ntap-20240112-0005, ntap-20240112-0006, ntap-20240112-0007, ntap-20240112-0008, ntap-20240112-0001 and ntap-20240112-0002 and …

TZCERT-SU-24-0042 (Oracle Linux Security Update)

15th January 2024

Oracle has released security updates to address vulnerabilities in frr, idm, dotNET, squid, tomcat, kernel and gnutls. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Oracle Linux Security Advisories ELSA-2024-0130, ELSA-2024-0143, ELSA-2024-0156, ELSA-2023-6884, ELSA-2024-0125, ELSA-2024-12069 and ELSA-2024-0155 …

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0046 (DebianOS Security Update)

TZCERT-SU-24-0045 (HP Security Update)

TZCERT-SU-24-0044 (Mageia Security Update)

TZCERT-SU-24-0043 (NetApp Security Update)

TZCERT-SU-24-0042 (Oracle Linux Security Update)

Subscribe to Receive Regular Updates

HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Servers Arbitrary Code Execution (CVE-2021-38578)

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

Critical vulnerabilities affecting IBM Sterling B2B Integrator, IBM QRadar SIEM and IBM Disconnected Log Collector (CVE-2022-42920, CVE-2023-51385 and CVE-2023-39410)

AIKit 4.14.1 Authenticated SQL Injection (CVE-2024-31370)

Critical remote code execution vulnerability in XZ Library (CVE-2024-3094)