(Jan 2) An update for rh-perl524-perl is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Comment
Archive for Other
2889 results.
(Jan 1) Fix CVEs as described in related RHBZ bug.
(Dec 28) Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed.
(Jan 1) Fix CVEs as described in related RHBZ bug.
(Jan 1) Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For the stable distribution (stretch), this problem has been fixed in
(Dec 30) **Archive_Tar version 1.4.4** * Fix Bug #21058: Long symlinks are not supported [mrook] * Fix Bug #23782: Prevent phar:// files from being extracted [mrook] — **PEAR** * drop deprecated option used when running `pear run-tests`
(Dec 26) Resiliency is an important factor to consider when evaluating an email security solution, yet this characteristic often goes overlooked. …
(Dec 27) The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.
(Dec 31) Updated to 3.3.4. Security fix by upstream: Anti-Phishing protection.. Server-provided text will not appear in user-facing GUI windows anymore. Server error messages are instead parsed and mapped to predefined strings.
(Dec 25) – Fix double-free in CEmuopl::~CEmuopl() (#1635881, CVE-2018-17825)
(Dec 25) – Fix double-free in CEmuopl::~CEmuopl() (#1635881, CVE-2018-17825)
(Dec 25) This update fixes multiple security vulnerabilities: CVE-2018-5783, CVE-2018-11254, CVE-2018-11255, CVE-2018-11256, CVE-2018-12982, CVE-2018-14320, CVE-2018-19532
(Dec 25) This update fixes multiple security vulnerabilities: CVE-2018-5783, CVE-2018-11254, CVE-2018-11255, CVE-2018-11256, CVE-2018-12982, CVE-2018-14320, CVE-2018-19532
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 21) Security fix for fts3/4 corrupt database exploit sqlite rebased to version 3.26.0 per: https://sqlite.org/releaselog/3_26_0.html spatialite-tools rebuilt for latest sqlite version
(Dec 21) Upstream announcement: The phpMyAdmin team is pleased to announce the release of **phpMyAdmin version 4.8.4**. Among other bug fixes, this contains several important security fixes. The security fixes involve: * Local file inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/), * XSRF/CSRF vulnerabilities allowing a specially-crafted URL to perform harmful operations
(Dec 23) The update for ghostscript issued as DSA-4346-1 caused a regression when used with certain options (cf. Debian bug #915832). Updated packages are now available to correct this issue.
(Dec 20) The system could be made to expose sensitive information.
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 22) **MariaDB C / C++ connector** Release notes: https://mariadb.com/kb/en/library/mariadb-connector-c-307-release-notes/ Maintainer notes: Marking as a security update, beacuse of fixed resource leaks. Moving libmariadb pkgconfig file to this package from mariadb- devel. Test with MariaDB-3:10.2.19-2
(Dec 21) Security fix for fts3/4 corrupt database exploit sqlite rebased to version 3.26.0 per: https://sqlite.org/releaselog/3_26_0.html spatialite-tools rebuilt for latest sqlite version
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 22) **MariaDB 10.3.11** Release notes: https://mariadb.com/kb/en/mariadb-10311-release-notes/ CVEs fixed: CVE-2018-3282 CVE-2016-9843 CVE-2018-3174 CVE-2018-3143 CVE-2018-3156 CVE-2018-3251 CVE-2018-3185 CVE-2018-3277 CVE-2018-3162 CVE-2018-3173 CVE-2018-3200 CVE-2018-3284
(Dec 21) Update to 4.2.5
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 18) An update for ansible is now available for Ansible Engine 2.5. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 18) An update for ansible is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 20) Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in mod_jk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading mod_jk to the new upstream version 1.2.46, which includes additional changes.