Gentoo Linux Security Advisory 201812-11 - Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. Versions less than 1.29.1 are affected.
c2570adfc5cdff440bb017fd397bdb75834b5a50c3ad30045a8e3c1b93679cfa
Gentoo Linux Security Advisory 201812-10 - A vulnerability in GKSu might allow attackers to execute arbitrary commands. Versions less than or equal to 2.0.2 are affected.
77c78b36e0b1a9cfe7e16ae3f6fd54c12fe5d152c653d7d8a205a55b861af831
Debian Linux Security Advisory 4361-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed.
d950b4d7929cb9669efb988cbc5ec89d3abe6ef04b39e103580b0ad68bfa6007
Debian Linux Security Advisory 4360-1 - Multiple security issues were found in libarchive, a multi-format archive in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service.
4ca78c1aca3d7538b998511ad79830ff0f91bc94448ecc1564153a6b33bfe80f
Debian Linux Security Advisory 4359-1 - Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.
e65574a27d9a4df1d7727205093f828922aab4ced4ee9f6258e8e7f79a332809
Debian Linux Security Advisory 4358-1 - The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.
40a3126031a021ed1604bc09ac2d9b39a41e33cd6fb5c6d278a6de68d833df59
Debian Linux Security Advisory 4346-2 - The update for ghostscript issued as DSA-4346-1 caused a regression when used with certain options (cf. Debian bug #915832). Updated packages are now available to correct this issue.
440c0e22267075085f31140b95c4ad43be14dd8a98bd71ea6f9f3bd74a6d7115
Slackware Security Advisory - New netatalk packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
a3e5670c48444a33470b9c8c68191b67a8043115ff484e3b4b730f1eb7d80399
Gentoo Linux Security Advisory 201812-9 - Multiple vulnerabilities have been found in Go, the worst which could lead to the execution of arbitrary code. Versions less than 1.10.7 are affected.
0d1fc3fb1ddb7972eefe107b9e4e8695b642669377a39229fd062eedc72169a5
LibTIFF version 4.0.8 suffers from multiple memory leak vulnerabilities.
99b39c7e3e305f25232c535712f3fc0ca2051fdcf102d69777eda04623c5b380
Ubuntu Security Notice 3849-1 - It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
8af550c56d88e940bd49fc37b8e96986f53f118dc0a33f1ef43ae042d260ae9f
Ubuntu Security Notice 3849-2 - USN-3849-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
bdd2087e5d8c2e6ea3ea9fbd008a48c85005b8014c5200920d37f2ee93426078
Ubuntu Security Notice 3847-3 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
88ddcb277ba792306a56a051e1a6ea3b2df9a11ba6f4d4f0bb790bd6664c4b64
Ubuntu Security Notice 3848-2 - USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
0e01790258c142284e2a185f6b24d6e1b1322200ec802bdf3976255b1f7553f0
Ubuntu Security Notice 3848-1 - It was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Kanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ef32f46b101a860f44706fee0448815aa83426a298a340332abb7bab4d753836
It was discovered that an integer overflow vulnerability existed in the CDRom driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
054a56994c9bd62549cd29e0464ca1a0a7be22a3004cc645c80c0b65070bbdc0
Ubuntu Security Notice 3847-2 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
f686a26622bf753cbbb760351f7a2649c795917011883eab629db03a6b1b546f
Ubuntu Security Notice 3847-1 - It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ab186e3e3caa72822140697919f42bea4149fc7ebd5e687a8c7c58306f58d45e
Ubuntu Security Notice 3846-1 - It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information.
8581b2a2d1444d9cf46ee164418a9983be851c41453802a02eafe79465cc1ded
Debian Linux Security Advisory 4357-1 - Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in mod_jk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading mod_jk to the new upstream version 1.2.46, which includes additional changes.
b24a38ef4323cc06b46c0a586485f0b2275b750231ac7d0ea19237ede56eb97c
Debian Linux Security Advisory 4356-1 - Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.
9f43e90f4658db9594afe845e426a1e0baffea9dcc9c0620456466712e121a2d
Debian Linux Security Advisory 4355-1 - Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
b913df49694577978d9065ec818547f4d3d6619f2cbbc393194fc7e2ac40992a
FreeBSD Security Advisory - Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.
c02904f0ef3015af27b497e26383079f1472a0876e7c3cbb2cc3a462525449df
Red Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
ecccca8405ce1ae112c4c9ef8699c52acaa7349eacd9444e706b1cc606052122
Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
7d67828682276999308ce93378cd3811edc0d9b3565bdbef85add8ef9bf3f2bf