Ike.ninja

(Apr 3) Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4 and fix three security issues, several bugs, and add various enhancements are now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact

Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found in the scp client implementing the SCP protocol.

(Apr 3) Several security issues were fixed in the Linux kernel.

(Apr 3) An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact

As you may or may not be aware, on January 19th, 2019, a security announcement was published confirming the compromise of the PHP Extension and Application Repository (PEAR) installation script. The PEAR project had the following statement to announce: “A security breach has been found on the http://pear.php.net webserver, with a tainted go-pear.phar discovered. The PEAR website itself has been disabled until a known clean site can be rebuilt. A more detailed announcement will be on the …

The momentum from December’s WordPress 5.0 release was maintained through January with some big announcements and significant updates. Read on to find out what happened in the WordPress project last month. WordPress Leadership Grows In a milestone announcement this month, WordPress project lead, Matt Mullenweg (@matt), named two individuals who are coming on board to […]

(Feb 2) Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document.

(Jan 29) An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

(Feb 1) A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery.

(Feb 2) Bug fixes for binutils including one that is preventing Yocot/oe-core from building properly

(Jan 31) Several security issues were fixed in Avahi.

(Jan 31) An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

(Jan 30) Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.

(Jan 31) Several security issues were fixed in LibVNCServer.

(Jan 31) An update for etcd is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from