(Oct 21) Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the tar …
Archive for March 10th, 2018
(Mar 3) The security update announced as DSA-4120-1 caused regressions on the powerpc kernel architecture (random programs segfault, data corruption). Updated packages are now available to correct this issue.
(Mar 6) **PHP version 7.1.15** (01 Mar 2018) **Apache2Handler:** * Fixed bug php#75882 (a simple way for segfaults in threadsafe php just with configuration). (Anatol) **Date:** * Fixed bug php#75857 (Timezone gets truncated when formatted). (carusogabriel) * Fixed bug php#75928 (Argument 2 for `DateTimeZone::listIdentifiers()` should accept `null`). (Pedro Lacerda) * Fixed
(Mar 7) Several vulnerabilities have been discovered in the ISC DHCP client, relay and server. The Common Vulnerabilities and Exposures project identifies the following issues:
(Mar 6) Added patch to fix: CVE-2017-18198 (#1549644) Added patch to fix: CVE-2017-18199 (#1549701) Added patches to fix: CVE-2017-18201 (#1549707)
(Mar 6) This update fixes two minor security vulnerabilities in `malloc` (CVE-2018-6485, CVE-2018-6551, RHBZ#1542102, RHBZ#1542119), and provides a C++ version of `iseqsig`.
(Mar 2) Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues:
(Mar 6) add Xen page-table isolation (XPTI) mitigation and Branch Target Injection (BTI) mitigation for XSA-254 DoS via non-preemptable L3/L4 pagetable freeing [XSA-252] (#1549568) grant table v2 -> v1 transition may crash Xen [XSA-255] (#1549570) x86 PVH guest without LAPIC may DoS the host [XSA-256] (#1549572)
(Mar 6) Several security issues were fixed in Irssi.
(Mar 8) Several security issues were fixed in Zsh.
(Mar 7) An update is now available for Red Hat JBoss Web Server 3.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Mar 7) An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Mar 8) Several security issues were fixed in ClamAV.
(Mar 9) The system could be made to expose sensitive information.
(Mar 7) An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Mar 9) An update for dhcp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability