(Aug 3) The 4.17.11 stable update contains a number of important fixes across the tree. Also of note, starting with this release, kernel-headers is built from a different srpm. The contents should be the same, but there were some benefits to breaking it from the kernel build. —- The 4.17.10 stable kernel update contains a number of important fixes across the tree.
Archive for August 4th, 2018
4 results.
Comment
(Aug 4) Jann Horn discovered a directory traversal vulnerability in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of this flaw to retrieve arbitrary files via a specially crafted request, when ‘enable-http-clone=1’ (default) is not turned off.
(Aug 3) Sync with git (CVE-2017-14160, CVE-2018-10392, CVE-2018-10393, bz#1516379)
(Aug 3) Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.