Version update + security fix
Comment
Archive for May, 2020
178 results.
Version update + security fix
Debian: DSA-4686-1: apache-log4j1.2 security update
May15
on May 15, 2020
at 6:46 pm
Posted In: Uncategorized
It was discovered that the SocketServer class included in apache-log4j1.2, a logging library for java, is vulnerable to deserialization of untrusted data. An attacker can take advantage of this flaw to execute arbitrary code in the context of the logger
USN-4360-1 introduced a regression in json-c.
USN-4360-1 introduced a regression in json-c.
Fix for CVE-2020-5283. ViewVC 1.1.28 ChangeLog – security fix: escape subdir lastmod file name (#211) – fix standalone.py first request failure (#195) ViewVC 1.1.27 ChangeLog: – suppress stack traces (with option to show) (#140) – distinguish text/binary/image files by icons (#166, #175) – colorize alternating file content lines (#167) – link to the instance root from the
The 5.6.12 stable update contains a number of important fixes across the tree.
Website security is one of the most important aspects of running an online presence. A hacked website can lead to countless hours of debugging and repair, loss of income, to loss of credibility and lawsuits. With over 30,000 new small business website hacks a day and numerous corporation breaches, not a day goes by without a compromised site showing up in the news. Over the past decade, hackers have targeted the top three open-source Content Management Systems:
json-c could be made to execute arbitrary code if it received a specially crafted JSON file.
RedHat: RHSA-2020-2171:01 Important: kernel-rt security and bug fix update
May14
on May 14, 2020
at 3:08 pm
Posted In: Uncategorized
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
RedHat: RHSA-2020-2169:01 Moderate: Red Hat JBoss Enterprise Application
May14
on May 14, 2020
at 8:14 am
Posted In: Uncategorized
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
RedHat: RHSA-2020-2165:01 Moderate: openstack-manila security update
May14
on May 14, 2020
at 8:08 am
Posted In: Uncategorized
An update for openstack-manila is now available for Red Hat OpenStack Platform 16 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
APT could be made to crash if it opened a specially crafted file.
RedHat: RHSA-2020-2168:01 Moderate: Red Hat JBoss Enterprise Application
May14
on May 14, 2020
at 7:47 am
Posted In: Uncategorized
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Secure a Plesk Hosted Email Account using SpamAssassin, ClamAV and Amavis
May14
on May 14, 2020
at 7:00 am
Posted In: Uncategorized
Here’s a comparison of the latest Plesk security extensions we released this year, protecting your sites from threats and available for your Plesk platform.
The post Secure a Plesk Hosted Email Account using SpamAssassin, ClamAV and Amavis appeared first on Plesk.
Shuaibing Lu discovered that missing input validation in the ar/tar implementations of APT, the high level package manager, could result in denial of service when processing specially crafted deb files.
Last Upstream release, including (among others): – (security) Prevent execution of SQL injection while assigning a technician, – (security) Permit to change key used to store passwords, – (security) Improve CSRF token, – (security) Fix several possible XSS, – (security) Fix a few possible SQL injections, – Fix SCSS caching issues, – Fix inline images handling on item update, – Fix PHP 7.4
This update includes a security fix for CVE-2020-10737. Additionally, From 0.34.6: – update license on src/buffer.h – changes “/var/run” to “/run” in systemd service file (Orion Poplawski, #1834511) From 0.34.5: – apply patch from Matthias Gerstner of the SUSE security team to fix a possible race condition in the mkhomedir helper (noted above, this fixes CVE-2020-10737) –
RedHat: RHSA-2020-2148:01 Important: Red Hat OpenShift Service Mesh 1.1.2
May13
on May 13, 2020
at 5:48 pm
Posted In: Uncategorized
An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Debian: DSA-4684-1: libreswan security update
May13
on May 13, 2020
at 3:57 pm
Posted In: Uncategorized
Stephan Zeisberg discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 Informational Exchange packet, resulting in denial of service.
Several security issues were fixed in libexif.
RedHat: RHSA-2020-2146:01 Important: .NET Core on Red Hat Enterprise Linux
May13
on May 13, 2020
at 1:11 pm
Posted In: Uncategorized
An update for rh-dotnet21-dotnet is now available for .NET Core on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2020-2142:01 Moderate: Ansible security and bug fix update
May13
on May 13, 2020
at 12:12 pm
Posted In: Uncategorized
An update for ansible is now available for Ansible Engine 2.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
RedHat: RHSA-2020-2143:01 Important: .NET Core security update
May13
on May 13, 2020
at 11:52 am
Posted In: Uncategorized
An update for .NET Core is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
USN-3911-1 introduced a regression in file.
Several security issues were fixed in Squid.
IPRoute could be made to execute arbitrary code if it received a specially crafted input.
How Your Feedback Can Improve Plesk Products
May13
on May 13, 2020
at 6:00 am
Posted In: Uncategorized
The post How Your Feedback Can Improve Plesk Products appeared first on Plesk.
RedHat: RHSA-2020-2126:01 Important: qemu-kvm security update
May13
on May 13, 2020
at 3:50 am
Posted In: Uncategorized
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2020-2125:01 Important: kpatch-patch security update
May13
on May 13, 2020
at 3:45 am
Posted In: Uncategorized
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability