(Jul 5) This update backports an upstream fix for CVE-2018-12910.
Archive for Other
(Jul 8) Fix CVE-2018-13054 cinnamon: privilege escalation in cinnamon-settings-users.py GUI
Fedora 28: transifex-client Security Update
(Jul 7) New upstream version
(Jul 7) ## 3.3.17 (2018-05-25) * security #cve-2018-11407 [Ldap] cast to string when checking empty passwords * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured * security #cve-2018-11406 clear CSRF tokens when the user is logged out * security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener * security #cve-2018-11386
(Jul 6) Latest upstream release, omits some mounting code found to be insecure and not well tested.
Ubuntu 0040-1: Linux kernel vulnerability
(Jul 3) Several security issues were fixed in the kernel.
Ubuntu 3698-2: Linux kernel (Trusty HWE) vulnerabilities
(Jul 2) Several security issues were fixed in the Linux kernel.
(Jul 6) Latest upstream release, omits some mounting code found to be insecure and not well tested.
(Jul 5) The system could be made to expose sensitive information.
(Jul 5) devscripts could be made to run arbitrary code if it received a specially crafted YAML file.
Debian: DSA-4240-1: php7.0 security update
(Jul 5) Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584
Debian: DSA-4241-1: libsoup2.4 security update
(Jul 5) It was discovered that the Soup HTTP library performed insuffient validation of cookie requests which could result in an out-of-bounds memory read.
(Jul 5) Update to 0.26.4 (CVE-2018-11235)
(Jul 5) Backport fix for arbitrary file write vulnerability
RedHat: RHSA-2018-2143:01 Important: Red Hat Decision Manager 7.0.1 bug fix
(Jul 5) An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Jul 4) Archive Zip module could be made to expose sensitive information if it received a specially crafted input.
(Jul 4) Archive Zip module could be made to expose sensitive information if it received a specially crafted input.
(Jul 3) Backport fix for arbitrary file write vulnerability
(Jul 3) 4.1.1 GA, security fix for CVE-2018-10841 —- 4.1.0 GA
(Jul 3) libsoup could be made to crash if it received a specially crafted input.
(Jul 3) Several security issues were fixed in Exiv2.
(Jul 3) This update backports an upstream fix for CVE-2018-12910.
Debian: DSA-4238-1: exiv2 security update
(Jul 3) Several vulnerabilites have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed.
Fedora 28: standard-test-roles Security Update
(Jul 3) Update to 2.14 This updates ensures that the VNC server used for debugging is bound to the local interfaces. Previously the VNC server might have been available globally depending on the system’s firewall settings.
(Jul 3) Fabian Henneke discovered a cross-site scripting vulnerability in the password change form of GOsa, a web-based LDAP administration program. For the stable distribution (stretch), this problem has been fixed in
RedHat: RHSA-2018-2123:01 Moderate: python security update
(Jul 3) An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
Ubuntu 3697-1: Linux kernel vulnerabilities
(Jul 2) Several security issues were fixed in the Linux kernel.
Ubuntu 3697-2: Linux kernel (OEM) vulnerabilities
(Jul 2) Several security issues were fixed in the Linux kernel.
(Jul 1) Update for security fixes
(Jul 1) Upstream announcement: The phpMyAdmin team is pleased to announce the release of **phpMyAdmin version 4.8.2**. Among other bug fixes, this contains an important security update and it is highly recommended that all users upgrade immediately. The urgent vulnerability allows an authenticated attacker to exploit a phpMyAdmin feature to show and potentially execute files on the