Red Hat Security Advisory 2018-2511-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include a memory disclosure vulnerability.
4ca4c3db9cbd55205ea2c05acb3d63b066329838d8eabd3c12d93281db527f5fSlackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
7d7bfb81585f003b8060eb303f9d201d705ed9ff357804632ef0da65a60bf6aaDebian Linux Security Advisory 4278-1 - Multiple vulnerabilities were discovered in Jetty, a Java servlet engine and webserver which could result in HTTP request smuggling.
b7afae7f88318699e37dc9ac77e194903af1ef8a0efded9f739e20d8f01752b5Slackware Security Advisory - New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
3313285aba9c7c1e55e6392b2e04553b10a01c61f50d11a6d56e7942d4ab8d54Ubuntu Security Notice 3741-3 - USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault vulnerabilities. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems. Various other issues were also addressed.
b146bd47639f4127fda338fc14fa2fc226aa80aba734cb893b6d50b42cb786ddDebian Linux Security Advisory 4277-1 - Several vulnerabilities were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, potentially leading to code execution, denial of service or information disclosure when connecting to a malicious mail/NNTP server.
e8df7a7d9f5b9ad1a0a13a4f4621d7506b5dac6522fe3ef44395cf628c175c6cXen suffers from an integer overflow vulnerability in xen-netback xenvif_set_hash_mapping.
a57c9bdaee536be75c911cbc36bfde9628b265d45ec11186e3c633aa95fb102cDebian Linux Security Advisory 4276-1 - Fariskhi Vidyan and Thomas Jarosch discovered several vulnerabilities in php-horde-image, the image processing library for the Horde groupware suite. They would allow an attacker to cause a denial-of-service or execute arbitrary code.
5a91e4696a88ec6df60c812fd310ab5a29f0fe840e8ade3ed2ebda558fa04fe4Debian Linux Security Advisory 4275-1 - Kristi Nikolla discovered an information leak in Keystone, the OpenStack identity service, if running in a federated setup.
2722a7a50b3df516beead367c9a8fdb85bc8fc6b0ed463e739d8468a039808d5Debian Linux Security Advisory 4274-1 - This update provides mitigations for the "L1 Terminal Fault" vulnerability affecting a range of Intel CPUs.
090e52f65938d37c9d400bbfae4c12bff0fad68fc7f006a27c5b57d8da365fccDebian Linux Security Advisory 4273-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides SSBD support (needed to address "Spectre v4") and fixes for "Spectre v3a".
3063db9bd745bdaeeb09124be4f84fda09413e2977b37ed6971840c6ddf5d2f3Ubuntu Security Notice 3658-3 - USN-3658-1 fixed a vulnerability in procps-ng. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
a32a90f48926d3e6126d1244f916e94cebf95b7a6a2e7475e80023c4dc952f14Red Hat Security Advisory 2018-2486-01 - This release adds the new Apache HTTP Server 2.4.29 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Issues addressed include buffer overflow, heap overflow, and use-after-free vulnerabilities.
140c5c41e74ea3c15e65121e0032d6722516e2191125272a7af63151aff85e5dRed Hat Security Advisory 2018-2482-01 - Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Issues addressed include a container breakout vulnerability.
62402d4275a02e8054f684608b6f634e241a038754a74759288805f7895f2d8eRed Hat Security Advisory 2018-2469-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 4 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include insecure defaults.
58233e3f4ecd9722a599c2120cf4861835f04bbae8478ae9b987c99057992e0eUbuntu Security Notice 3743-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
45119b386ec1249752c118d988a4af26e77728f2aff90d9299f2cbcbc2021604Ubuntu Security Notice 3744-1 - Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PostgreSQL incorrectly checked authorization on certain statements. A remote attacker could possibly use this issue to read arbitrary server memory or alter certain data. Various other issues were also addressed.
10c7a46516045ae2ad89d98e1e273b9ca69727a9da14ccba89173432684540aeThis Microsoft advisory notification includes advisories released or updated on August 15, 2018.
e1891489b4be96b57239849387f7e211ffa391cfb65751b826050c7496f89e11This Microsoft bulletin summary holds CVE updates for CVE-2018-8202 and CVE-2018-8284.
be07de48f5737ecf4d07145dbf109296adb486ea3c1adb50f1a7aaaf02de9243Red Hat Security Advisory 2018-2439-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include a silly amount of unspecified vulnerabilities.
00a0671d1d65d2911e8f22b332fc5a477655aa5fcbe5f132cee38f207705b81eRed Hat Security Advisory 2018-2462-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a buffer overflow vulnerability.
d888f6c463bf4ebb8752fc93231cfe8f9188d40f7b96eb4a62e34c7bc02c8685Red Hat Security Advisory 2018-2470-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 4 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes. Issues addressed include insecure defaults.
7c59532733c38f637d3997844cec73a4dbac335476a98bc66adf427a840b3d53Red Hat Security Advisory 2018-2402-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. Issues addressed include a denial of service vulnerability.
255c58742e78f56152ffc709f8738c8457c04a31f66a87e2cc5738d46dea2b1aRed Hat Security Advisory 2018-2435-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 30.0.0.154. Issues addressed include bypass and information leakage vulnerabilities.
5044b27ae451f9eae8e03ba312ca011d5ea7e5194a9ee06105a086f80ca1c509Ubuntu Security Notice 3733-2 - USN-3733-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side- channel attack. A local attacker could use this attack to recover RSA private keys. Various other issues were also addressed.
817cfd19cf50cae7760c3417576d5726f44022f1b1c841a3e0a3e23a7fad11f8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed