Ubuntu 4144-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
WordPress 5.3 Beta 2 is now available! This software is still in development, so we don’t recommend running it on a production site. Consider setting up a test site to play with the new version. You can test the WordPress 5.3 beta in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge […]
Upstream announcement: Welcome to **phpMyAdmin 4.9.1**, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of
– Update to 2.16.3 – Side channel attack on deterministic ECDSA (CVE-2019-16910) Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.16.3-and-2.7.12-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2019-10
An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
SDL 2.0 could be made to crash or run programs as your login if it opened a specially crafted file.
e2fsprogs could be made to execute arbitrary code if it is running in a crafted ext4 partition.
e2fsprogs could be made to execute arbitrary code if it is running in a crafted ext4 partition.
An update for the nodejs:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
This update includes the latest release of the Apache HTTP Server, version `2.4.41`, fixing various security issues. Several major enhancements are also included in this update: * `mod_md` is now packaged from upstream *github* releases. * `mod_cgid` stderr handling has been improved See http://www.apache.org/dist/httpd/CHANGES_2.4.41 for a full list of changes since
Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident.
Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point). CVE-2019-13377
– double free due to subsequent call of realloc() (CVE-2019-5481) – fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482)
Security fix for CVE-2019-14822
Exim could be made to crash or run programs if it received specially crafted network traffic.
It was discovered that file-roller, an archive manager for GNOME, does not properly handle the extraction of archives with a single ./../ in a file path. An attacker able to provide a specially crafted archive for processing can take advantage of this flaw to overwrite files if a user
A buffer overflow flaw was discovered in Exim, a mail transport agent. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code.
– rebase to latest upstream version 9.27 – security fixes added for: – CVE-2019-14811 (bug #1747908) – CVE-2019-14812 (bug #1747907) – CVE-2019-14813 (bug #1747906) – CVE-2019-14817 (bug #1747909)
Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident.
Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.
It was discovered that the Go programming language did accept and normalize invalid HTTP/1.1 headers with a space before the colon, which could lead to filter bypasses or request smuggling in some setups.
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS. Red Hat Product Security has rated this update as having a security impact
In the September 2019 survey we received responses from 1,291,178,101 sites across 241,131,705 unique domain names and 9,068,313 web-facing computers. This reflects a gain of 19 million sites, 1.69 million domains and 119,000 computers.
All major vendors gained sites this month. The largest gain was for nginx with an increase of 20.6 million sites, followed by Microsoft (+2.9 million), Google (+2.1 million) and Apache (+462,000). This extends nginx’s lead as the largest web server vendor by number of sites; it gained 1.12 percentage points taking it to a 32.7% market share. nginx also showed the largest gains in number of unique domains and web-facing computers.
The largest gain within the top million sites this month was by LiteSpeed, which also saw gains in hostnames, domains, and web-facing computers. The September survey saw 1,422 more sites within the top million using this light-weight Apache alternative, an 8.0% increase. This was accompanied by increases of 480,000 sites (+2.6%), 326,000 domains (+9.4%) and 1,665 web-facing computers (+8.1%).
There are losses in market share for both Apache and nginx as the largest server vendors by number of active sites. Apache lost 22,000 active sites while nginx gained 915,000; due to large gains elsewhere this amounted to Apache losing 0.94pp and nginx losing 0.11pp. Google gained 800,000 active sites and 0.16pp of market share to retake third place from Cloudflare; Cloudflare gained 591,000 sites. The largest increase of active sites was in sites running openresty with an increase of 1.04 million.
Apache 2.4.41 was released on August 14th bringing several security fixes. This is the first release of Apache 2.4 since 2.4.39 was released on April 1st.
OpenLiteSpeed released a major new feature in version 1.6.0 on September 10th adding support for QUIC and HTTP/3 as well as a new one-click build tool and support for more platforms.
Both OpenResty and Tengine released versions incorporating the nginx patches that fix the HTTP/2 related security issues discussed in last month’s blog. OpenResty version 1.15.8.2 was released on September 8th and Tengine 2.3.2 released on August 20th.
Developer | August 2019 | Percent | September 2019 | Percent | Change |
---|---|---|---|---|---|
nginx | 401,454,029 | 31.56% | 422,048,243 | 32.69% | 1.12 |
Apache | 374,277,243 | 29.43% | 374,739,321 | 29.02% | -0.40 |
Microsoft | 187,109,423 | 14.71% | 189,991,312 | 14.71% | 0.00 |
30,969,259 | 2.43% | 33,058,930 | 2.56% | 0.13 |
Security fix for CVE-2019-1010228
Security fix for CVE-2019-1010228
An update for kibana is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for golang-github-openshift-oauth-proxy-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
The end of the 2019 WebPros Summit has come, and it was an event for the books. We have enjoyed getting spend time with all of you, and cannot wait to do this again next year! We owe huge thanks to all of our attendees, sponsors, and exhibitors. We strive to put on the best event we possibly can for you, and joining us for these past few days is incredibly worth it. A big …
An update for gRPC, included in sriov-network-device-plugin-container, is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
58 queries. 9 mb Memory usage. 1.461 seconds.