Debian Linux Security Advisory 4527-1 - Multiple security issues were found in PHP, a widely-used open source extension and the iconv_mime_decode_headers() function could result in information disclosure or denial of service.
cfa26de7b719004f8369504e7caadc31cc85fdf19389df53f353eaa8a3409fafDebian Linux Security Advisory 4528-1 - Daniel McCarney discovered that the BIRD internet routing daemon incorrectly validated RFC 8203 messages in it's BGP daemon, resulting in a stack buffer overflow.
20d5245db320a242264a68f8c7f1a5822b6c52e2a4c1828b0a5f868bbda20e07Red Hat Security Advisory 2019-2829-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
e49a1cfe40a32a42f34f7a6f36a06fa418d48fb4bababa5d0d60585faa61116fRed Hat Security Advisory 2019-2830-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.
a92c53dfcfa036969c2cd0c7055162e22ea0c12d2af40e29bbf229f966fd6c10Red Hat Security Advisory 2019-2827-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
ff8536c0a080182186f4a1947eef54799c9fb80ce8506bae3faf34c6ee60c3f7Red Hat Security Advisory 2019-2828-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.
11709d7630829ef41705b332ce2145bbeef9e4663b3f875e0c654615bff15d81Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include an out of bounds write vulnerability.
5d98bb169c0022e723dbcc0170c5cc39144a84d85aedfaccd46b356f884baf14VMware Security Advisory 2019-0013 - VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities.
7ae81418b88c50964c3ec2eca5fb6e16aa19df476d8be7e332903866535a9182VMware Security Advisory 2019-0014 - VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities.
747b8f15ba4a5df5baeb54aecc017f0b0e7ca529e5ccb81660c529f98ca3feecRed Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issues addressed include a denial of service vulnerability.
6db2fc5ba5ae499fa0f7a4bbbc155d6d378588483e1d08e6c8fed16e216519c8Debian Linux Security Advisory 4525-1 - Simon McVittie reported a flaw in ibus, the Intelligent Input Bus. Due to a misconfiguration during the setup of the DBus, any unprivileged user could monitor and send method calls to the ibus bus of another user, if able to discover the UNIX socket used by another user connected on a graphical environment. The attacker can take advantage of this flaw to intercept keystrokes of the victim user or modify input related configurations through DBus method calls.
31d489a5bebac71abdc3f0ab3fc8c5ed659bf01c8d9d73d9e23f3dd1dda2087dRed Hat Security Advisory 2019-2807-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.
764bc4a4796da29c8cb55bc0d248d48283fea11352284be9fd1b1c8bcffbbeb3Red Hat Security Advisory 2019-2805-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. An insufficient input validation issue was addressed.
a3dd8f4dc4779a19de4f6f2287e599c65945ade0e186dd72671af32ed2cf9947Red Hat Security Advisory 2019-2806-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
578ebcf4bc739d63cf9d017f09cf78dc93a26132c534ab18b05662020e5ef80dRed Hat Security Advisory 2019-2808-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A page cache side channel attack issue was addressed.
ad2bb158a4c47b6c6e01c5c21314541a0646b3e2fe267f72e25b81e77ed9a482Red Hat Security Advisory 2019-2798-01 - The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file. Issues addressed include a code execution vulnerability.
a92d6703bca508a9cc426af1331d9408fd4246d007e2ae2b76f88ddfabafbd5cRed Hat Security Advisory 2019-2773-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and use-after-free vulnerabilities.
3a0c16af0c58a36629ad8769fdc792a6f9ceb6114f07a9c052a1281fc0a4dc79Red Hat Security Advisory 2019-2796-01 - Skydive is an open source real-time network topology and protocols analyzer. Unbounded memory growth issues were addressed.
e5aa245137eb429f217aa860b6f067ce0c358b727940225e814ef05ddddaafa1Ubuntu Security Notice 4128-2 - It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. It was discovered that Tomcat 9 did not address HTTP/2 connection window exhaustion on write while addressing CVE-2019-0199. An attacker could possibly use this issue to cause a denial of service.
08757c1107d32ca3b9c2d753acc016026ef19792e9912d6ad65960bb00fc8cb2Ubuntu Security Notice 4136-2 - USN-4136-1 fixed a vulnerability in wpa_supplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that wpa_supplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service.
a174822390e920608f7ccabbd8fe74c7710baccf5446111649a1f3d74ccbaa78Ubuntu Security Notice 4136-1 - It was discovered that wpa_supplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service.
f21e1d889a8d0fd9e0de9a46eac5375ba4997523973c4627952814f9e58efd21Ubuntu Security Notice 4135-1 - Peter Pi discovered a buffer overflow in the virtio network backend implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
fde271c8b7c2dd5918b945a5cd54f8c8430801b6c224a0aa8cb293763b66fbc9Ubuntu Security Notice 4135-2 - Peter Pi discovered a buffer overflow in the virtio network backend implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service or possibly execute arbitrary code in the host OS. It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
b1b0a10cc050386d41f1213e38643cfc6f7fdab4fb404d292ad8210fbc0778ebRed Hat Security Advisory 2019-2791-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-console-operator container image for Red Hat OpenShift Container Platform 4.1.16.
efad317faf10f4ed7e9459a334b45d1939287339e0b175ba1f88414df0ddd613Red Hat Security Advisory 2019-2792-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the openshift-enterprise-container container image for Red Hat OpenShift Container Platform 4.1.16. Issues addressed include a cross site request forgery vulnerability.
c6dccbf74745e709d4940373b09c08d6a171bc14da06787257b7d769cac3674c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed