Red Hat Security Advisory 2018-2511-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a memory disclosure vulnerability.
4ca4c3db9cbd55205ea2c05acb3d63b066329838d8eabd3c12d93281db527f5f
Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
7d7bfb81585f003b8060eb303f9d201d705ed9ff357804632ef0da65a60bf6aa
Debian Linux Security Advisory 4278-1 - Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in HTTP request smuggling.
b7afae7f88318699e37dc9ac77e194903af1ef8a0efded9f739e20d8f01752b5
Slackware Security Advisory - New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
3313285aba9c7c1e55e6392b2e04553b10a01c61f50d11a6d56e7942d4ab8d54
Ubuntu Security Notice 3741-3 - USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault vulnerabilities. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems. Various other issues were also addressed.
b146bd47639f4127fda338fc14fa2fc226aa80aba734cb893b6d50b42cb786dd
Debian Linux Security Advisory 4277-1 - Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code execution, denial of service or information disclosure when connecting to a malicious mail/NNTP server.
e8df7a7d9f5b9ad1a0a13a4f4621d7506b5dac6522fe3ef44395cf628c175c6c
Xen suffers from an integer overflow vulnerability in xen-netback xenvif_set_hash_mapping.
a57c9bdaee536be75c911cbc36bfde9628b265d45ec11186e3c633aa95fb102c
Debian Linux Security Advisory 4276-1 - Fariskhi Vidyan and Thomas Jarosch discovered several vulnerabilities in php-horde-image, the image processing library for the Horde groupware suite. They would allow an attacker to cause a denial-of-service or execute arbitrary code.
5a91e4696a88ec6df60c812fd310ab5a29f0fe840e8ade3ed2ebda558fa04fe4
Debian Linux Security Advisory 4275-1 - Kristi Nikolla discovered an information leak in Keystone, the OpenStack identity service, if running in a federated setup.
2722a7a50b3df516beead367c9a8fdb85bc8fc6b0ed463e739d8468a039808d5
Debian Linux Security Advisory 4274-1 - This update provides mitigations for the "L1 Terminal Fault" vulnerability affecting a range of Intel CPUs.
090e52f65938d37c9d400bbfae4c12bff0fad68fc7f006a27c5b57d8da365fcc
Debian Linux Security Advisory 4273-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support (needed to address "Spectre v4") and fixes for "Spectre v3a".
3063db9bd745bdaeeb09124be4f84fda09413e2977b37ed6971840c6ddf5d2f3
Ubuntu Security Notice 3658-3 - USN-3658-1 fixed a vulnerability in procps-ng. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
a32a90f48926d3e6126d1244f916e94cebf95b7a6a2e7475e80023c4dc952f14
Red Hat Security Advisory 2018-2486-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include buffer overflow, heap overflow, and use-after-free vulnerabilities.
140c5c41e74ea3c15e65121e0032d6722516e2191125272a7af63151aff85e5d
Red Hat Security Advisory 2018-2482-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issues addressed include a container breakout vulnerability.
62402d4275a02e8054f684608b6f634e241a038754a74759288805f7895f2d8e
Red Hat Security Advisory 2018-2469-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 4 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include insecure defaults.
58233e3f4ecd9722a599c2120cf4861835f04bbae8478ae9b987c99057992e0e
Ubuntu Security Notice 3743-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
45119b386ec1249752c118d988a4af26e77728f2aff90d9299f2cbcbc2021604
Ubuntu Security Notice 3744-1 - Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PostgreSQL incorrectly checked authorization on certain statements. A remote attacker could possibly use this issue to read arbitrary server memory or alter certain data. Various other issues were also addressed.
10c7a46516045ae2ad89d98e1e273b9ca69727a9da14ccba89173432684540ae
This Microsoft advisory notification includes advisories released or updated on August 15, 2018.
e1891489b4be96b57239849387f7e211ffa391cfb65751b826050c7496f89e11
This Microsoft bulletin summary holds CVE updates for CVE-2018-8202 and CVE-2018-8284.
be07de48f5737ecf4d07145dbf109296adb486ea3c1adb50f1a7aaaf02de9243
Red Hat Security Advisory 2018-2439-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include a silly amount of unspecified vulnerabilities.
00a0671d1d65d2911e8f22b332fc5a477655aa5fcbe5f132cee38f207705b81e
Red Hat Security Advisory 2018-2462-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.
d888f6c463bf4ebb8752fc93231cfe8f9188d40f7b96eb4a62e34c7bc02c8685
Red Hat Security Advisory 2018-2470-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 4 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes. Issues addressed include insecure defaults.
7c59532733c38f637d3997844cec73a4dbac335476a98bc66adf427a840b3d53
Red Hat Security Advisory 2018-2402-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a denial of service vulnerability.
255c58742e78f56152ffc709f8738c8457c04a31f66a87e2cc5738d46dea2b1a
Red Hat Security Advisory 2018-2435-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 30.0.0.154. Issues addressed include bypass and information leakage vulnerabilities.
5044b27ae451f9eae8e03ba312ca011d5ea7e5194a9ee06105a086f80ca1c509
Ubuntu Security Notice 3733-2 - USN-3733-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side- channel attack. A local attacker could use this attack to recover RSA private keys. Various other issues were also addressed.
817cfd19cf50cae7760c3417576d5726f44022f1b1c841a3e0a3e23a7fad11f8