An update for katello-installer-base which configures qpid-dispatch-router is now available for Red Hat Satellite 6.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Archive for April, 2019
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Several security issues were fixed in Wget.
Several security issues were fixed in Wget.
WordPress 5.2 Beta 2
WordPress 5.2 Beta 2 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site to play with the new version. There are two ways to test the WordPress 5.2 beta: try the WordPress Beta Tester plugin (you’ll want to […]
Update to latest upstream release, fix CVE-2019-9844 (rhbz#1695304,
The 5.0.6 update contains a number of important fixes across the tree
Java applets or applications could be made to expose sensitiveinformation.
Jann Horn discovered that the PAM module in systemd insecurely uses the environment and lacks seat verification permitting spoofing an active session to PolicyKit. A remote attacker with SSH access can take advantage of this issue to gain PolicyKit privileges that are normally
The systemd PAM module could be used to gain additional PolicyKit privileges.
Lua could be made to crash if it received a specially crafted script.
“Cybersecurity is changing; We need new protection strategies” – Say CloudLinux (Imunify360)
The post “Cybersecurity is changing; We need new protection strategies” – Say CloudLinux (Imunify360) appeared first on Plesk.
Michael Hanselmann discovered that Samba, a SMB/CIFS file, print, and login server for Unix, was vulnerable to a symlink traversal attack. It would allow remote authenticated users with write permission to either write or detect files outside of Samba shares.
Security fix for CVE-2019-10255, CVE-2019-9644.
Cedric Krier discovered that missing access validation in Tryton could result in information disclosure . For the stable distribution (stretch), this problem has been fixed in
Security fix for CVE-2019-8936
Security fix for CVE-2019-8936
Security fix for CVE-2019-8936
Kusano Kazuhiko discovered a buffer overflow vulnerability in the handling of Internationalized Resource Identifiers (IRI) in wget, a network utility to retrieve files from the web, which could result in the execution of arbitrary code or denial of service when recursively
FreeRDP fix for CVE-2018-1000852, Remmina bugfix update and rebuilds for updated FreeRDP.
FreeRDP fix for CVE-2018-1000852, Remmina bugfix update and rebuilds for updated FreeRDP.
FreeRDP fix for CVE-2018-1000852, Remmina bugfix update and rebuilds for updated FreeRDP.
FreeRDP fix for CVE-2018-1000852, Remmina bugfix update and rebuilds for updated FreeRDP.
Adam Dobrawy, Frederico Silva and Gregory Brzeski from HyperOne.com discovered that pdns, an authoritative DNS server, did not properly validate user-supplied data when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend. This would allow a
AdvanceCOMP could be made to run arbitrary code if it opened a specially crafted file.
Several security issues were fixed in the Apache HTTP Server.
Security fix for CVE-2018-20662, CVE-2019-9631, CVE-2019-9200 and CVE-2019-9903.
Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used.
Several security issues were fixed in BusyBox.
PolicyKit could allow unintended access.