(Dec 20) Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in mod_jk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading mod_jk to the new upstream version 1.2.46, which includes additional changes.
Archive for December 21st, 2018
(Dec 17) **PHP version 7.2.13** (06 Dec 2018) **ftp:** * Fixed bug php#77151 (ftp_close(): SSL_read on shutdown). (Remi) **CLI:** * Fixed bug php#77111 (php-win.exe corrupts unicode symbols from cli parameters). (Anatol) **Fileinfo:** * Fixed bug php#77095 (slowness regression in 7.2/7.3 (compared to 7.1)). (Anatol) **iconv:** * Fixed bug php#77147 (Fixing 60494 ignored
(Dec 20) Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 20) Several security issues were fixed in the kernel.
(Dec 18) An update for ansible is now available for Ansible Engine 2. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 18) An update for ansible is now available for Ansible Engine 2.7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from