Apple Security Advisory 2017-03-28-2 - This advisory provides additional information for APPLE-SA-2017-03-22-1. iTunes for Windows 12.6 addresses multiple vulnerabilities in various included software.
5e917bb7e6f9edc636297d6a5ef7728eaba569232b19fbb441916d312716221a
Apple Security Advisory 2017-03-28-1 - iCloud for Windows 6.2 is now available and addresses information disclosure, memory corruption, and various other vulnerabilities.
41c78bd843877663508f8fd5d2e712c16049e0e80c8f87fb341a44fd9ae1a3ed
Ubuntu Security Notice 3244-1 - Hanno Boeck discovered that GStreamer Base Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash.
b40cdf288bb3cb69187341104e38e859e49e3de86d008f11c28e0eac8d5f3949
Ubuntu Security Notice 3247-1 - St=E9phane Graber discovered that AppArmor incorrectly unloaded some profiles when restarted or upgraded, contrary to expected behavior.
d0eae3b00dcae60fe9aa8124e2ad107cd0b3b65d59464a43c2cf8f02900a89cc
Debian Linux Security Advisory 3823-1 - Ilja Van Sprundel discovered that the dmcrypt-get-device helper used to check if a given device is an encrypted device handled by devmapper, and used in eject, does not check return values from setuid() and setgid() when dropping privileges.
11ed3d35497fce0aa8208e337d18906978385a140e9058214a8d178bb172d613
Ubuntu Security Notice 3245-1 - Hanno Boeck discovered that GStreamer Good Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash.
f1e77caf8e0a58e2ce6dbed8c4b8e92814ca8f861fb84e128498c06590e8ba2a
Debian Linux Security Advisory 3821-1 - Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened.
ac6dce475366bfc8982bb644156baf46b40bb24087037b4f4b84e9339e833d1a
Gentoo Linux Security Advisory 201703-7 - A vulnerability in Xen's bundled QEMU version might allow privilege escalation. Versions less than 4.7.1-r8 are affected.
d66376b4cac43229f126f16946ea94e52f3eb56174590d8c10f033b8b43c59ca
Gentoo Linux Security Advisory 201703-6 - A vulnerability in Deluge might allow remote attackers to execute arbitrary code. Versions less than 1.3.14 are affected.
2b06a5ceb46b3c39e7d0275991b0275f5a8f9ca669189b8fd4770c725e11603d
Gentoo Linux Security Advisory 201703-5 - A vulnerability in Libtasn1 allows remote attackers to cause a Denial of Service condition. Versions less than 4.8 are affected.
96423a18f88ebc8917136e21dc92e6a32354b4955e03ff4e9699bfff0c0a954f
Gentoo Linux Security Advisory 201703-4 - A coding error has been found in cURL, causing the TLS Certificate Status Request extension check to always return true. Versions less than 7.53.0 are affected.
65d1387695268efc77ff50e28352c03c89f45320e5ab3ab76dddae629f504bd3
Ubuntu Security Notice 3246-1 - Ilja Van Sprundel discovered that dmcrypt-get-device incorrectly checked setuid and setgid return values. A local attacker could use this issue to execute code as an administrator.
38e9d099be590b4e07920777892cc4dab780f5d5f29c49ed15af521f8533e6dc
Apple Security Advisory 2017-03-27-7 - macOS Server 5.3 is now available and addresses denial of service and user enumeration vulnerabilities.
658872beabc18d8ce86f77b4f603d0f654af625711493b7b0c96aeb309af853a
Apple Security Advisory 2017-03-27-4 - iOS 10.3 is now available and addresses code execution, information disclosure, denial of service, and various other vulnerabilities.
22e0875f79f9c63aedffc618f68fec412607d64473f27fd6f5dbacb83463532e
Apple Security Advisory 2017-03-27-5 - watchOS 3.2 is now available and addresses code execution, buffer overflow, and various other vulnerabilities.
40689b2a1e784e8eee7d60608dc73fdedca02ff0fbc1cf82d244f831d06e8eb7
Apple Security Advisory 2017-03-27-1 - Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are now available and address a weak cryptography issue.
745de5dc99e800c0cbfca86a9ccf2b5cb8002743aa72c1b9242d277e90c4b038
Debian Linux Security Advisory 3817-1 - Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened.
f695f07a31864f9fbcba8a516dca7a7fd4e967523c42052df52113a9f1e281d0
Ubuntu Security Notice 3233-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, cause a denial of service via application crash or hang, or execute arbitrary code.
4abb70b1c35863ded49709995ba4e6d401e8550e183f3defde0d6a4363af7dad
Ubuntu Security Notice 3239-3 - USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS.
5ac6541ec2d8b1c23c092a5bf72c90784949c38ff1917bcec981e9c9d84897c2
Apple Security Advisory 2017-03-22-2 - iTunes for Mac 12.6 is now available and addresses vulnerabilities in expat and SQLite.
e601858939a95c65d673d763bbb29441fc85d606b842630460eb8b9750f35800
Microsoft Windows versions 8 and newer suffer from an AppLocker bypass vulnerability.
9d1b92067f6ae28cd876b6ae4a80e1d0947df6c18468cc1f09f3c8d2eeeca041
XFBurn suffers from a stack-based buffer overflow vulnerability that escalate privileges.
ca0d7ba6363a978b3d6fa7d8e7bc4884c33c240783550a711247bccb95c25733
Broadcom suffers from a buffer overflow vulnerability when parsing CCKM re-association responses.
c1de43d11bbe31e6686f56be6626ddf1603a025a1ae28eefb31e7a73be6cd66d
Apple Security Advisory 2017-03-22-1 - iTunes for Windows 12.6 is now available and addresses vulnerabilities in expat and SQLite.
92a02342700665c6f80c898f87e8f99e851a1d4239733c1dbddbbd842956b509
Red Hat Security Advisory 2017-0834-01 - The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.5.
f35c58e1997ade6507236228702d5e91a35a39a7b484a8a1e306c1ae797a1720