Update to SDL2_Image 2.0.5 for multiple CVEs.
Comment
Archive for September 24th, 2019
9 results.
8u222 update
– rebase to latest upstream version 9.27 – security fixes added for: – CVE-2019-14811 (bug #1747908) – CVE-2019-14812 (bug #1747907) – CVE-2019-14813 (bug #1747906) – CVE-2019-14817 (bug #1747909)
- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0-3.9.11
- Exploit type: XSS
- Reported Date: 2019-August-28
- Fixed Date: 2019-September-24
- CVE Number: CVE-2019-16725
Description
Inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
Affected Installs
Joomla! CMS versions 3.0.0 – 3.9.11
Solution
Upgrade to version 3.9.12
Contact
The JSST at the Joomla! Security Centre.
Reported By: Aswin M Guptha
Joomla 3.9.12 Release
Sep24
Joomla 3.9.12 is now available. This is a security fix release for the 3.x series of Joomla which addresses one security vulnerability and contains over 30 bug fixes and improvements.
8u222 update
LibreOffice could be made to run programs as your login if it opened a specially crafted file.
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability