(Mar 14) Multiple vulnerabilities were discovered in cURL, an URL transfer library. CVE-2018-1000120
Comment
(Mar 17) Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds memory write when playing Vorbis media files could result in the execution of arbitrary code.
(Mar 13) nx-libs 3.5.0.33: – Don’t allow overriding of X.Org Server UNIX sockets via TEMP/NX_TEMP environment variables. Fixes problems on machines that use pam_tempdir.so. – Fix CVE-2017-2624 (timingsafe_memcmp) by Ulrich Sibiller. – Potentially improve LAN- and WAN-type connection speed settings scenarios. Includes a regression fix for VPN connections by Simon Matter. – Fix problems in
(Mar 13) nx-libs 3.5.0.33: – Don’t allow overriding of X.Org Server UNIX sockets via TEMP/NX_TEMP environment variables. Fixes problems on machines that use pam_tempdir.so. – Fix CVE-2017-2624 (timingsafe_memcmp) by Ulrich Sibiller. – Potentially improve LAN- and WAN-type connection speed settings scenarios. Includes a regression fix for VPN connections by Simon Matter. – Fix problems in
(Mar 14) An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which