Ike.ninja

(Aug 30) Several security issues were fixed in libx11.

(Aug 28) An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

(Aug 29) An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

(Aug 29) Several issues were discovered in the Tomcat servlet and JSP engine. They could lead to unauthorized access to protected resources, denial-of-service, or information leak.

(Aug 29) poppler could be made to crash if it received specially crafted PDF file.

(Aug 29) An update for ansible is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

(Aug 27) The system could be made to expose sensitive information.

(Aug 28) This is the Six-Month notification for the retirement of Red Hat Enterprise Linux 6.4 Advanced Mission Critical (AMC). This notification applies only to those customers subscribed to the Advanced Mission Critical (AMC) channel for Red Hat Enterprise Linux 6.4.

Learn about the most common issues that websites and web applications crash into and the best ways that a hosting platform can solve and help overcome them.

The post How a WebOps platform fixes five common site and web app issues appeared first on Plesk.

(Aug 27) An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

(Aug 24) Several security issues were fixed in the Linux kernel.

• Project: Joomla!
• SubProject: CMS
• Impact: Low
• Severity: Low
• Versions: 3.7.0 through 3.8.11
• Exploit type: ACL Violation
• Reported Date: 2018-July-10
• Fixed Date: 2018-August-28
• CVE Number: CVE-2018-15881

Description

Inadequate checks regarding disabled fields can lead to an ACL violation.

Affected Installs

Joomla! CMS versions 3.7.0 through 3.8.11

Solution

Upgrade to version 3.8.12

Contact

The JSST at the Joomla! Security Centre.

• Project: Joomla!
• SubProject: CMS
• Impact: High
• Severity: Low
• Versions: 1.5.0 through 3.8.11
• Exploit type: Malicious file upload
• Reported Date: 2018-August-23
• Fixed Date: 2018-August-28
• CVE Number: CVE-2018-15882

Description

Inadequate checks in the InputFilter class could allow specifically prepared PHAR files to pass the upload filter.

Affected Installs

Joomla! CMS versions 1.5.0 through 3.8.11

Solution

Upgrade to version 3.8.12

Contact

The JSST at the Joomla! Security Centre.

(Aug 24) Several security issues were fixed in the Linux kernel.

(Aug 22) Spice could be made to crash if it received specially crafted network traffic.