(Jul 24) An update for rhev-hypervisor7 is now available for RHEV 3.X Hypervisor and Agents for Red Hat Enterprise Linux 6 and RHEV 3.X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact
(Jul 24) An update for rh-ror42-rubygem-sprockets is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Jul 23) python-cryptography could be made to expose sensitive information if it received a specially crafted input.
(Jul 21) A regression that caused boot failures was fixed in the Linux kernel.
(Jul 23) Denis Andzakovic discovered that network-manager-vpnc, a plugin to provide VPNC support for NetworkManager, is prone to a privilege escalation vulnerability. A newline character can be used to inject a Password helper parameter into the configuration data passed to vpnc,
(Jul 19) This release fixes a directory and symbolic link traversal vulnerability in Archive::Zip::Archive Perl module that allows an attacker to writite into an arbitrary file accesible by a local user.
(Jul 19) Fix heap memory corruption, CVE-2017-17833
(Jul 19) An update for fluentd is now available for Red Hat OpenStack Platform 13.0 Operational Tools for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(Jul 17) Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.
(Jul 19) – Fix Side Channel Based ECDSA Key Extraction (CVE-2018-12437) (PR #408) – Fix potential stack overflow when DER flexi-decoding (CVE-2018-0739) (PR #373) – Fix two-key 3DES (PR #390) – Fix accelerated CTR mode (PR #359) – Fix Fortuna PRNG (PR #363) – Fix compilation on platforms where cc doesn’t point to gcc (PR #382) – Fix using the wrong environment variable LT instead of LIBTOOL (PR #392) – Fix [More…]
(Jul 19) This release fixes a directory and symbolic link traversal vulnerability in Archive::Zip::Archive Perl module that allows an attacker to writite into an arbitrary file accesible by a local user.
(Jul 19) An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Jul 19) An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Jul 18) Jeriko One discovered two vulnerabilities in the ZNC IRC bouncer which could result in privilege escalation or denial of service. For the stable distribution (stretch), these problems have been fixed in
(Jul 18) A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.
(Jul 18) New release (1:12.2.6-1) Security fix for CVE-2018-1128 Security fix for CVE-2018-1129 Security fix for CVE-2018-10861
(Jul 19) This is the Six-Month notification for the retirement of Red Hat Enterprise Linux 6.7 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 6.7.
(Jul 17) – fix heap buffer overflow in SMTP send (CVE-2018-0500)
(Jul 14) Update to Sprockets 3.7.2. Fixes CVE-2018-3760: https://access.redhat.com/security/cve/cve-2018-3760
(Jul 17) Several security issues were fixed in PolicyKit.
(Jul 17) An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.
(Jul 17) Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
(Jul 18) A vulnerability was discovered in Wordpress, a web blogging tool. It allowed remote attackers with specific roles to execute arbitrary code.
(Jul 16) – Security fix for CVE-2017-9258, CVE-2017-9259, CVE-2017-9260
(Jul 14) This is a straightforward update from 2.5.1 to the newly-released 2.5.2. Release notes are here: https://github.com/singularityware/singularity/releases/tag/2.5.2 The most important fix is a security issue in the overlay code. Please look for regressions in your Singularity runtime workflows.
(Jul 16) A timing attack was discovered in the function for CSRF token validation of the “Ruby rack protection” framework. For the stable distribution (stretch), this problem has been fixed in
(Jul 15) This is a straightforward update from 2.5.1 to the newly-released 2.5.2. Release notes are here: https://github.com/singularityware/singularity/releases/tag/2.5.2 The most important fix is a security issue in the overlay code. Please look for regressions in your Singularity runtime workflows.
(Jul 15) Update to Sprockets 3.7.2. Fixes CVE-2018-3760: https://access.redhat.com/security/cve/cve-2018-3760
(Jul 11) An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
(Jul 11) An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
53 queries. 9 mb Memory usage. 0.321 seconds.