(Feb 27) Kelby Ludwig and Scott Cantor discovered that the Shibboleth service provider is vulnerable to impersonation attacks and information disclosure due to incorrect XML parsing. For additional details please refer to the upstream advisory at
Archive for March 12th, 2018
(Mar 2) Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. They could lead to the use of an incorrect upstream proxy, or allow a remote attacker to cause a denial-of-service by application crash.
(Mar 11) **PHP version 7.1.15** (01 Mar 2018) **Apache2Handler:** * Fixed bug php#75882 (a simple way for segfaults in threadsafe php just with configuration). (Anatol) **Date:** * Fixed bug php#75857 (Timezone gets truncated when formatted). (carusogabriel) * Fixed bug php#75928 (Argument 2 for `DateTimeZone::listIdentifiers()` should accept `null`). (Pedro Lacerda) * Fixed
(Mar 11) **MySQL 5.7.21** Bugs fixed: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html CVEs fixed: http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html CVE-2018-2696 CVE-2018-2703 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2600 CVE-2018-2612
(Feb 23) Several security issues were fixed in the Linux kernel.
(Mar 5) Several security issues were fixed in Memcached.
(Mar 6) An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Mar 6) An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability