Red Hat Security Advisory 2017-2918-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
668de5ec7c2ffb14d70f655cc1fae90c9916874f80e9a59e8ec1cecdaf1fa43b
WebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution, memory corruption, cookie theft, and various other issues.
3a18e3f692c17224ea98fd036f7468cb2c7bfb6852fc969ed1c8f78cbe39dd1d
Slackware Security Advisory - New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
00701a59a7ccfacff5f0b7c265dffab9bcd8df28608126b39ede7a33588c1267
Slackware Security Advisory - New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
f7c456a7cfe81d5c9734a699a0a652dab3b12565a843c373d120f438a762b7de
Slackware Security Advisory - New libXres packages are available for Slackware 14.1, 14.2, and -current to fix a security issue.
ba4dee4196f1fd0039a52c066dad8f5928def70d4e1cdb78f9f3eece879723cc
Red Hat Security Advisory 2017-2913-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs-tough-cookie. Security Fix: A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.
207c9f5b3bfa8096b0ad3099446383171cdc1c188392fa25bf0c7d8733b6f491
Red Hat Security Advisory 2017-2912-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs4-nodejs-tough-cookie. Security Fix: Regular expression denial of service flaws were found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.
15d05375027e414524dfcc71c88c277757bdd2644e884d5051db86ec3f021974
Red Hat Security Advisory 2017-2911-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol.
ddcbb28cce8084e45243003d804c9765d7684845b992495ebc4aa25bdd7ef4af
This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
1b927278ff93e0ef884d0b2ecb9b3c9214f1647b82ce8f6a2c763f4196246afd
Gentoo Linux Security Advisory 201710-20 - Multiple vulnerabilities have been found in Nagios, the worst of which could lead to the remote execution of arbitrary code. Versions prior to 4.3.3 are affected.
71bbb60aa3362e4c8f4445ea29cd272ea687230997e48f4eb582bacc56ad6176
Red Hat Security Advisory 2017-2908-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs. Security Fix: It was found that Node.js was using a non-randomized seed when populating hash tables. An attacker, able to supply a large number of inputs, could send specially crafted entries to the Node.js application, maximizing hash collisions to trigger an excessive amount of CPU usage, resulting in a denial of service.
7969868d6d3e4cc32a9f6308dce75909322aa2c3b6f3723586b11a881f1a97e3
Gentoo Linux Security Advisory 201710-19 - Multiple vulnerabilities have been found in libarchive, the worst of which could lead to a Denial of Service condition. Versions less than 3.3.0 are affected.
86fc0bec8e78681d6cf24948e8a4e2bb9e6f7b75e57aa12b7a41791b482d4e27
Red Hat Security Advisory 2017-2905-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.
d7e1b54ddf358b368323a0d855bf2e5186841d7534eca072f35a8d897659fdfd
Gentoo Linux Security Advisory 201710-18 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.2.8 are affected.
74182e2fa1de3051fe5a5e387c1c4a43e8c3561f268eef142677191cc11c3c11
Red Hat Security Advisory 2017-2907-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol.
c467a1c4f7cb51ed5062bdc517c2295e285cd5c495e37d543ae688167c35f501
Gentoo Linux Security Advisory 201710-17 - Multiple vulnerabilities have been found in Xen, the worst of which may allow local attackers to escalate privileges. Versions less than 4.7.3 are affected.
9484e589a56881408d4c0766dd0c78bd8f82e19aea09b18a0919672dda99ea6b
HPE Security Bulletin HPESBHF03789 2 - A potential security vulnerability has been identified in the "HP Trusted Platform Module 2.0 Option" kit. This optional kit is available for HPE Gen9 systems with firmware version 5.51. The vulnerability in TPM firmware 5.51 is that new mathematical methods exist such that RSA keys generated by the TPM 2.0 with firmware 5.51 are cryptographically weakened. This vulnerability could lead to local and remote unauthorized access to data. Revision 2 of this advisory.
acdb5759c51be71c692f1131460bb7021ed481bbd9c21ac6af091921bdd24b5e
Ubuntu Security Notice 3456-1 - It was discovered that the X.Org X server incorrectly handled certain lengths. An attacker able to connect to an X server, either locally or remotely, could use these issues to crash the server, or possibly execute arbitrary code.
ae7f1eae80900b7f7dfcf04b648d771c3b13b3d6314ba66e63f1427820c9d84b
Red Hat Security Advisory 2017-2899-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 27.0.0.170. Security Fix: This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
42c4b20574fd46cdec6e1151b9759e96c775095c6bb41183c21e4438ac3e1e90
Red Hat Security Advisory 2017-2904-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.
5b20d3c47a867b021f89c414e2e15806585f337275ea0f6a5bd1d6adc8c38d66
Interspire Email Marketer versions prior to 6.1.6 suffered from an administrative authentication bypass vulnerability.
63b12c183eef7d18a993e7da3f6e94fb295c8da79b37ec97a2295783aff97b9b
Red Hat Security Advisory 2017-2906-01 - Red Hat Single Sign-On 7.1 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. The Node.js adapter provides a simple module for authentication and authorization in Node.js applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.
d729e98f328dac94dc12ca2849872675e6350f226f0e2ac94427213f552718b6
Ubuntu Security Notice 3455-1 - Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with using key reinstallation attacks to obtain sensitive information. Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. Various other issues were also addressed.
5ea1473561df45ed73f31c70c3bec7ed067a0d030ebc28a43d266854cc54e8f7
EMC Isilon OneFS suffers from a reflected cross site scripting vulnerability. Versions prior to 8.1.0.1, prior to 8.0.1.2, prior to 8.0.0.6, and 7.2.1.x are affected.
e4e7afbd444952c1a4a040ffa0abeb64181e5add2a1a0a92462825db33bfdd0a
EMC NetWorker Server contains a buffer overflow vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions prior to 8.2.4.9, 9.0.x (all supported versions), prior to 9.1.1.3, and prior to 9.2.0.4 are affected.
369450dcc54bb4e682d177bc26e40df0e16897100df6e263e0947a432e6a9ef8