Red Hat: 2013:1292-01: kernel: Moderate Advisory

Sep28
by Ike on September 28, 2013 at 2:26 am
Posted In: Other

(Sep 26) Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More…]

└ Tags: , , ,
 Comment 

Debian: 2764-1: libvirt: programming error

Sep27
by Ike on September 27, 2013 at 2:28 am
Posted In: Other

(Sep 25) Daniel P. Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats() function could lead to denial of service. [More…]

 Comment 

Red Hat: 2013:1282-01: rtkit: Important Advisory

Sep27
by Ike on September 27, 2013 at 2:24 am
Posted In: Other

(Sep 24) An updated rtkit package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More…]

└ Tags: , , ,
 Comment 

Red Hat: 2013:1283-01: puppet: Moderate Advisory

Sep27
by Ike on September 27, 2013 at 2:24 am
Posted In: Other

(Sep 24) Updated puppet packages that fix several security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate [More…]

└ Tags: , , ,
 Comment 

IMPORTANT: cPanel Security Notice 2013-09-25: WordPress 3.6.1

Sep26
by Ike on September 26, 2013 at 5:04 pm
Posted In: Community, cPanel, Hosting, News, security

SUMMARY

Three CVEs were reported for WordPress 3.6 and WordPress has released
an upgraded version to address theses vulnerabilities. cPanel has
updated the WordPress version delivered via the cPAddons functionality
in WHM to the new version of 3.6.1.

AFFECTED VERSIONS
All versions of WordPress 3.6.0 and below.

SECURITY RATING
US-CERT/NIST has given the following severities for the WordPress
vulnerabilities:

CVE-2013-4338
CVSS v2 Base Score: 7.5 (HIGH)

CVE-2013-4339
CVSS v2 Base Score: 7.5 (HIGH)

CVE-2013-4339
CVSS v2 Base Score: 3.5 (LOW)

SOLUTION
cPanel, Inc. has updated the version of WordPress in the cPAddons
system to 3.6.1. The cPanel Security Team highly recommends that
all installations of WordPress be update on your servers. The WHM
Admins can upgrade the installations of WordPress on their servers
using the Manage cPAddons Site Software functionality in WHM. cPanel
account users may also update from the WordPress link in the Site
Software section of their cPanel account interface.

REFERENCES

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4338

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4338

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4339

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4339

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4340

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4340

WordPress 3.6.1 Maintenance and Security Release

For the PGP signed message go here

└ Tags: , , , , ,
 Comment 

57 queries. 8.75 mb Memory usage. 0.546 seconds.