Ike.ninja

(Dec 20) Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.

(Dec 20) Several security issues were fixed in the kernel.

(Dec 18) An update for ansible is now available for Ansible Engine 2. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

(Dec 17) **Version 3.4.20** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas) * bug #29436 [Cache] Fixed

(Dec 19) An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

(Dec 17) **Version 4.1.9** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas) * bug #29436 [Cache] Fixed

(Dec 18) An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

(Dec 17) – Update to 2.14.1 – CVE-2018-19608 (#1656784) Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2018-03 —- – Update to 2.14.0 Release notes:

(Dec 17) An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

(Dec 17) **Version 3.4.20** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas) * bug #29436 [Cache] Fixed

(Dec 17) Updated packages are now available for Red Hat Gluster Storage 3.4 Web Administration on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

(Dec 16) New upstream version 1.8.2. Fix low priority security issue with TLS: https://www.redhat.com/archives/libguestfs/2018-December/msg00047.html —- New upstream version 1.8.1. —- Rebase to new stable version 1.8.0. —- nbdkit metapackage should depend on versioned -server subpackage etc. —- New upstream version 1.6.3.

(Dec 11) Security fix for CVE-2018-19044, CVE-2018-19045, CVE-2018-19046, CVE-2018-19115

(Dec 12) Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314

(Dec 11) USN-3837-1 introduced a regression in poppler.