Asterisk Project Security Advisory - Insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the nat and symmetric_rtp options allow redirecting where Asterisk sends the next RTCP report.
313ff9367083c848ad358358e1ef5d2e2cc08ab243a86253a3085a0a2c87e354
Apple Security Advisory 2017-09-20-1 - This advisory provides additional information for APPLE-SA-2017-09-19-1 iOS 11.
8aeb5a27b696a6b9371d6de6e28fa2fbc84fc7b2623227bae3da19122efca2d6
Ubuntu Security Notice 3414-2 - USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.
1d827ba81365c6bdfd6f012da771e75dd4ada8902a22473187bbbf26c49b80d4
Ubuntu Security Notice 3425-1 - Hanno Boeck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.
a1a39c1915ac88f760d98cc7fd6c63b884d3ccb7402a2440e1864e64c6cc73fa
Red Hat Security Advisory 2017-2771-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Security Fix: A command injection flaw within the Emacs "enriched mode" handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user.
28bd09fac5e30458608e8154c11408ed75f185f0abee5e8ea7f00a64c4edf902
Red Hat Security Advisory 2017-2770-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data, which may lead to the privilege escalation.
8ce1e8eda24ca99789ffae91e998f600aa35c54fea94475650ac19fd442faa90
Apple Security Advisory 2017-09-19-3 - Xcode 9 is now available and addresses code execution and various other vulnerabilities.
b323f39eaec8eb4fc3557dbe54e6dc9f0deb4ab6e1e1465cd32b69c5e7ba3a49
Apple Security Advisory 2017-09-19-2 - Safari 11 is now available and addresses address bar spoofing and other vulnerabilities.
646b56a1d048967dab28769f1aaf50de1bdc5527808800579ae3d7c67b9fe324
Apple Security Advisory 2017-09-19-1 - iOS 11 is now available and addresses cross site scripting, denial of service, and various other vulnerabilities.
865ddf6e4616468e824f454d3cd875358dafbfd0bc8839b6bdf8c0c9a75125c5
This Microsoft bulletin summary notes that the ADV170015 Defense in Depth Update has undergone a major revision increment.
0a31b8b3975bdc82af9108af71693dd319cb56d6daf751d66384208beeb54a14
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiHLSurfGetInformation.
9771af75ba5776d56facb4df49d7fb859a4bfd6477530871ca30eecee7176653
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
f03b9428d67dc46ff3b712d7c827a00f746ceef20553d5b7b9236072384bb73e
This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
0fd670ee0f6c6f5dbfa40428bd339e9dffb1fade0801ed1ea13795174324240d
Red Hat Security Advisory 2017-2760-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.
63f5ba90523673c11c99253e704d39c3afc183161c91cfb839cfbf9db858fc32
Slackware Security Advisory - New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
97b8715bb9db5aec6be07858d3912d7ecc9bc15538757630f3773ccab81653b8
Slackware Security Advisory - New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue.
3ab1b2701a09358e5c8df7ba71e1c84ea6e57e96762fda5dea19c3733e3def3b
Slackware Security Advisory - New ruby packages are available for Slackware 14.2 and -current to fix security issues.
be1ba25794f035e28999574213d415357807edc5768e3d15dc3461a14570466f
Debian Linux Security Advisory 3978-1 - Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK Pixbuf library, which may result in the execution of arbitrary code if a malformed file is opened.
94dbcf92c3f4c69880ac9d09639d51be2809a7552119c6ca235f5b5e4dc6e36e
Ubuntu Security Notice 3424-1 - It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. It was discovered that libxml2 did not properly validate parsed entity references. An attacker could use this to specially construct XML data that could expose sensitive information. Various other issues were also addressed.
a5303f8530af68ac27eded66713bd807b2b44981490a742e52cf5b57786807cd
Ubuntu Security Notice 3422-2 - USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.
e27780348a8f8c6fe548f4fc823a3618d213ad1642631507a915d8fe3daa444c
Ubuntu Security Notice 3423-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service.
87295b6caa27c3ded5ece56a064c7422e1582070bd41149c139ac47f9df75c3f
Ubuntu Security Notice 3422-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. It was discovered that the asynchronous I/O subsystem of the Linux kernel did not properly set permissions on aio memory mappings in some situations. An attacker could use this to more easily exploit other vulnerabilities. Various other issues were also addressed.
59a73826987ffa71daea232f292915ef55c02017c0d971591db5164b7d4e6e9d
Ubuntu Security Notice 3420-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Flash-Friendly File System implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
121d74ff01c97dc17adc587c56c8b84bf85cf03412480c1e717209d3c1561270
Slackware Security Advisory - New kernel packages are available for Slackware 14.1, 14.2, and -current to fix a security issue.
e7c08682afc17b1617414ffcdfde953d5259a323f01736b63e0c4844d7abb155
Debian Linux Security Advisory 3975-1 - Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data (e.g. when using Emacs-based mail clients).
7930854fd8f7d16eca5554af352467589b32d0c62625694cb0b8ae8a175cad9a