Netcraft recently discovered that French jewellery retailer Cleor—which operates 136 boutiques across France—was infected with a malicious JavaScript skimmer. The injected code sent the fraudster a copy of the credit card details entered by unsuspecting Cleor customers during the legitimate checkout process. Shopping Site Skimmers This attack has many of the hallmarks of JavaScript skimming […]
Archive for Other
After many months of development by a dedicated team of programmers and beta testers, the new LinuxSecurity is almost ready! Please bear with us while we work to bring back the RSS feeds.
(Mar 26) An update for rh-mysql57-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Mar 26) An update for rh-ruby23-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Mar 26) An update for slf4j is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Mar 26) An update for python-paramiko is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
(Mar 28) An update for sensu is now available for Red Hat OpenStack Platform 12.0 Operational Tools for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(Mar 28) An update for openstack-tripleo-common and openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 12.0 (Pike). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(Apr 2) Several security issues were fixed in OpenJDK 8.
(Apr 3) Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4 and fix three security issues, several bugs, and add various enhancements are now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact
(Apr 2) Several security issues were fixed in OpenJDK 7.
(Apr 3) An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Apr 3) Several security issues were fixed in the Linux kernel.
(Apr 3) Several security issues were fixed in the Linux kernel.
(Apr 3) An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact
(Apr 3) An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Feb 2) Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document.
(Feb 2) Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution
(Jan 31) An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Jan 29) An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Feb 1) A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery.
(Feb 1) A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery.
(Feb 2) Bug fixes for binutils including one that is preventing Yocot/oe-core from building properly
(Jan 31) Several security issues were fixed in Avahi.
(Jan 30) Several security issues were fixed in Open vSwitch.
(Jan 31) An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Jan 31) An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Jan 31) – Resolves: #1666565, #1666566 – CVE-2018-20699 – Resolves: #1663068, #1667622 – umount all procfs and sysfs with –no-pivot – built docker @projectatomic/docker-1.13.1 commit 1185cfd – built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43
(Jan 30) Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.
(Jan 31) Several security issues were fixed in LibVNCServer.