Debian: DSA-4263-1: cgit security update

Aug04
by Ike on August 4, 2018 at 1:28 pm
Posted In: Other

(Aug 4) Jann Horn discovered a directory traversal vulnerability in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of this flaw to retrieve arbitrary files via a specially crafted request, when ‘enable-http-clone=1’ (default) is not turned off.

 Comment 

Fedora 28: libvorbis Security Update

Aug04
by Ike on August 4, 2018 at 1:24 pm
Posted In: Other

(Aug 3) Sync with git (CVE-2017-14160, CVE-2018-10392, CVE-2018-10393, bz#1516379)

 Comment 

Debian: DSA-4262-1: symfony security update

Aug04
by Ike on August 4, 2018 at 12:53 pm
Posted In: Other

(Aug 3) Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

 Comment 

Fedora 28: pam_yubico Security Update

Aug03
by Ike on August 3, 2018 at 2:04 pm
Posted In: Other

(Aug 2) Update to 2.26, fixes CVE-2018-9275

 Comment 

Fedora 27: pam_yubico Security Update

Aug03
by Ike on August 3, 2018 at 1:39 pm
Posted In: Other

(Aug 2) Update to 2.26, fixes CVE-2018-9275

 Comment 

50 queries. 8.5 mb Memory usage. 0.272 seconds.