(Sep 11) Zsh could be made to execute arbitrary code if it received a specially crafted script.
Archive for Other
Ubuntu 3762-2: Linux kernel (HWE) vulnerabilities
(Sep 11) Several security issues were fixed in the Linux kernel.
(Sep 11) – fix two security issues in shebang line parsing (CVE-2018-0502 CVE-2018-13259)
Debian: DSA-4290-1: libextractor security update
(Sep 10) Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or the execution of arbitrary code if a specially crafted file is opened.
(Sep 11) Security fix for CVE-2018-1000801
Ubuntu 0043-1: Linux kernel vulnerability
(Sep 11) Several security issues were fixed in the kernel.
Ubuntu 3763-1: Linux kernel vulnerability
(Sep 11) The system could be made to crash if it received specially craftednetwork traffic.
RedHat: RHSA-2018-2669:01 Important: Fuse 7.1 security update
(Sep 11) An update is now available for Red Hat Fuse. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
RedHat: RHSA-2018-2666:01 Important: chromium-browser security update
(Sep 10) An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2018-2664:01 Critical: Red Hat JBoss Enterprise Application
(Sep 10) A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
RedHat: RHSA-2018-2663:01 Critical: Red Hat JBoss Enterprise Application
(Sep 10) A security update is now available for Red Hat JBoss Enterprise Application Platform from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
Debian: DSA-4287-1: firefox-esr security update
(Sep 7) Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service.
Debian: DSA-4289-1: chromium-browser security update
(Sep 8)
Debian: DSA-4288-1: ghostscript security update
(Sep 7) Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being
RedHat: RHSA-2018-2608:01 Important: Red Hat Gluster Storage security,
(Sep 4) Updated glusterfs packages that fix multiple security issues, several bugs, and adds various enhancements are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact
Debian: DSA-4285-1: sympa security update
(Sep 5) Michael Kaczmarczik discovered a vulnerability in the web interface template editing function of Sympa, a mailing list manager. Owner and listmasters could use this flaw to create or modify arbitrary files in the server with privileges of sympa user or owner view list config files
RedHat: RHSA-2018-2613:01 Moderate: samba security,
(Sep 4) Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact
RedHat: RHSA-2018-2607:01 Important: Red Hat Gluster Storage security,
(Sep 4) Updated glusterfs packages that fix multiple security issues and bugs, and add various enhancements are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact
Ubuntu 3761-1: Firefox vulnerabilities
(Sep 6) Firefox could be made to crash or run programs as your login if it opened a malicious website.
(Sep 6) Defcon 26 provided individuals and organizations with valuable tips and insight on security and the latest and most effective defenses. Here are some security-related highlights from the event. …
Debian: DSA-4286-1: curl security update
(Sep 5) Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.
RedHat: RHSA-2018-2615:01 Moderate: collectd security update
(Sep 4) An update for collectd is now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
RedHat: RHSA-2018-2612:01 Moderate: samba security,
(Sep 4) Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact
Ubuntu 3760-1: transfig vulnerability
(Sep 6) transfig could be made to execute arbitrary code if it received a specially crafted FIG file.
Debian: DSA-4284-1: lcms2 security update
(Sep 4) Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed.
Ubuntu 3759-1: libtirpc vulnerabilities
(Sep 5) Several security issues were fixed in libtirpc.
Ubuntu 3759-2: libtirpc vulnerabilities
(Sep 5) Several security issues were fixed in libtirpc.
RedHat: RHSA-2018-2561:01 Important: CloudForms 4.6.4 security, bug fix,
(Sep 4) An update is now available for CloudForms Management Engine 5.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
RedHat: RHSA-2018-2626:01 Important: Red Hat Virtualization security,
(Sep 4) An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2018-2645:01 Important: kernel security update
(Sep 4) An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,