It was discovered that various procedures in Ghostscript, the GPL PostScript/PDF interpreter, do not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.
Archive for September, 2019
Exim could be made to run programs as an administrator if it received specially crafted network traffic.
You’ve probably heard that WordPress is open-source software, and may know that it’s created and run by volunteers. WordPress enthusiasts share many examples of how WordPress changed people’s lives for the better. This monthly series shares some of those lesser-known, amazing stories. Meet Abdullah Ramzan, from Lahore, Punjab, Pakistan. Abdullah Ramzan was born and brought […]
Update to 1.8.6 release which fixes a bug in 1.8.5. 1.8.5 is a security release to address various buffer overflow and overrun issues in the rdesktop protocol handling.
* Security fix for CVE-2019-14267 * Security fix for CVE-2019-14934
“Zerons” and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service.
npm/fstream could be made to overwrite files.
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
WordPress 5.2.3 is now available! This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade. If you haven’t yet updated to 5.2, there are also updated versions […]
An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
An update for atomic-openshift-web-console is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Several vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8644
Firefox could be made to crash or run programs as your login if it opened a malicious website.
– Update to latest release – Emission of Session property-changed notifications from logind is fixed (this was breaking the switching of sessions to and from gnome). – Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved. Now proper polkit authorization is required (CVE-2019-15718). Switching ttys will work again after reboot. Otherwise, no
#WebProsSummit19 Guest Blog: LiteSpeed Technologies
This is the first in a series of guest blogs around the 2019 Web Pros Summit. Please welcome Kacey Schroeder from LiteSpeed Technologies. LiteSpeed Technologies is honored to be a sponsor of WebPros Summit 2019 and long-term partners with cPanel. We first began collaborating with cPanel with the release of our original WHM plugin in 2013. cPanel introduced official support for LiteSpeed Web Server in 2014, as the only official third-party supported web server. This …
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
An update for openstack-nova is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Alf-Andre Walla discovered a remotely triggerable assert in the Varnish web accelerator; sending a malformed HTTP request could result in denial of service.
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
The 5.2.11 stable kernel update contains a number of important fixes across the tree. —- The 5.2.10 stable kernel update contains a number of important fixes across the tree. —- The 5.2.9 stable kernel update contains a number of important fixes across the tree. —- The 5.2.8 stable kernel update contains a number of important fixes across the tree.
The 5.2.11 stable kernel update contains a number of important fixes across the tree. —- The 5.2.10 stable kernel update contains a number of important fixes across the tree. —- The 5.2.9 stable kernel update contains a number of important fixes across the tree. —- The 5.2.8 stable kernel update contains a number of important fixes across the tree.
Latest upstream 0.2.8
The 5.2.11 stable kernel update contains a number of important fixes across the tree. —- The 5.2.10 stable kernel update contains a number of important fixes across the tree. —- The 5.2.9 stable kernel update contains a number of important fixes across the tree. —- The 5.2.8 stable kernel update contains a number of important fixes across the tree.
The 5.2.11 stable kernel update contains a number of important fixes across the tree. —- The 5.2.10 stable kernel update contains a number of important fixes across the tree.
systemd-resolved would allow unprivileged users to change DNS settings.
Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escape from the share path definition and see the complete ‘/’ filesystem. Unix permission checks in the kernel
Samba would allow unintended access to files over the network.
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability