(Jun 10) Security fix for CVE-2018-10995
Comment
Archive for Other
2889 results.
Debian: DSA-4225-1: openjdk-7 security update
Jun11
on June 11, 2018
at 9:01 am
Posted In: Uncategorized
(Jun 10) Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation.
Debian: DSA-4220-1: firefox-esr security update
Jun11
on June 11, 2018
at 8:42 am
Posted In: Uncategorized
(Jun 8) Ivan Fratric discovered a buffer overflow in the Skia graphics library used by Firefox, which could result in the execution of arbitrary code. For the oldstable distribution (jessie), this problem has been fixed
RedHat: RHSA-2018-1820:01 Important: Red Hat Virtualization security,
Jun11
on June 11, 2018
at 8:37 am
Posted In: Uncategorized
(Jun 11) An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for RHEL-7. Red Hat Product Security has rated this update as having a security impact
(Jun 9) This update fixes CVE-2016-10040, a stack overflow in QXmlSimpleReader due to a too lenient entityCharacterLimit in our version of the patch for CVE-2013-4549. (The limit was increased from the upstream 1024 to 65536 to address QTBUG-35459, an issue where the security fix was breaking existing real-world XML files. Unfortunately, that is too much to actually fit on the CPU stack. This fix
(Jun 9) Security fix for CVE-2018-8013. Updated to upstream release 1.10.
Debian: DSA-4222-1: gnupg2 security update
Jun10
on June 10, 2018
at 8:31 am
Posted In: Uncategorized
(Jun 8) Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
Debian: DSA-4221-1: libvncserver security update
Jun10
on June 10, 2018
at 8:29 am
Posted In: Uncategorized
(Jun 8) Alexander Peslyak discovered that insufficient input sanitising of RFB packets in LibVNCServer could result in the disclosure of memory contents.
(Jun 8) DWARF5 and split dwarf, including GNU DebugFission, support.
Debian: DSA-4223-1: gnupg1 security update
Jun09
on June 9, 2018
at 9:01 am
Posted In: Uncategorized
(Jun 8) Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
(Jun 8) Remove essentially unused pre_release tagging in spec file Fixup Makefile patch to include LDFLAGS in all linking commands
(Jun 4) Several security issues were fixed in Liblouis.
(Jun 8) Marcus Brinkmann discovered that GnuGPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email.
RedHat: RHSA-2018-1809:01 Important: Red Hat OpenShift Application Runtimes
Jun09
on June 9, 2018
at 8:36 am
Posted In: Uncategorized
(Jun 7) An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Jun 7) A security issue was fixed in Unbound.
(Jun 5) Several security issues were fixed in Git.
Fedora 28: java-1.8.0-openjdk-aarch32 Security Update
Jun08
on June 8, 2018
at 8:53 am
Posted In: Uncategorized
(Jun 7) 8u171 update
(Jun 7) Security fix for CVE-2017-13685 CVE-2017-15286
RedHat: RHSA-2018-1815:01 Important: chromium-browser security update
Jun08
on June 8, 2018
at 8:36 am
Posted In: Uncategorized
(Jun 7) An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
RedHat: RHSA-2018-1812:01 Important: java-1.7.1-ibm security update
Jun08
on June 8, 2018
at 8:36 am
Posted In: Uncategorized
(Jun 7) An update for java-1.7.1-ibm is now available for Red Hat Satellite 5.6 and Red Hat Satellite 5.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Jun 6) **Version 2.8.41** (2018-05-25) * bug #27359 [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (nicolas-grekas) * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured * security #cve-2018-11406 clear CSRF tokens when the user is logged out * security #cve-2018-11385 Adding session authentication strategy to Guard
(Jun 6) **Version 4.0.11** (2018-05-25) * bug #27364 [DI] Fix bad exception on uninitialized references to non-shared services (nicolas-grekas) * bug #27359 [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (nicolas- grekas) * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured * security #cve-2018-11406 clear CSRF tokens when the user
(Jun 6) Several security issues were fixed in Liblouis.
(Jun 5) Several security issues were fixed in procps-ng.
Debian: DSA-4218-1: memcached security update
Jun07
on June 7, 2018
at 8:27 am
Posted In: Uncategorized
(Jun 6) Several vulnerabilities were discovered in memcached, a high-performance memory object caching system. The Common Vulnerabilities and Exposures project identifies the following problems:
RedHat: RHSA-2018-1786:01 Moderate: Red Hat OpenShift Application Runtimes
Jun07
on June 7, 2018
at 8:26 am
Posted In: Uncategorized
(Jun 4) An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
RedHat: RHSA-2018-1784:01 Important: rh-java-common-xmlrpc security update
Jun07
on June 7, 2018
at 8:26 am
Posted In: Uncategorized
(Jun 4) An update for rh-java-common-xmlrpc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Debian: DSA-4214-1: zookeeper security update
Jun05
on June 5, 2018
at 9:01 am
Posted In: Uncategorized
(Jun 1) It was discovered that Zookeeper, a service for maintaining configuration information, enforced no authentication/authorisation when a server attempts to join a Zookeeper quorum.
(Jun 1) Upstream security fixes related to .gitmodules handling. From the [upstream announcement](https://public-inbox.org/git/xmqqy3g2flb6.fsf@gitster- ct.c.googlers.com/): “` * Submodule “names” come from the untrusted .gitmodules file, but we blindly append them to $GIT_DIR/modules to create our on-disk repo paths. This means you can do bad things by putting “../” into the
(Jun 4) CVE-2016-9396