Red Hat Security Advisory 2018-2321-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a code execution vulnerability.
5330f94f08b22c0915cb6bf31ce17bcd085ec7ccb1e187ec9c530a643c0a744e
Slackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.
ff8d9f897db7415ccc485d8dbc17f616b9548aa0c3c6770257762e1359b0f97d
Slackware Security Advisory - New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
28ee005aba2a9ff31e8681342f381225c233087d4dbfb79ff9bc8256870794bc
Ubuntu Security Notice 3725-2 - USN-3725-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.61 in Ubuntu 12.04 ESM. Various other issues were also addressed.
5b5866bcf83aeb11a872395f583cae494bea589362184e9987b287e7b2ca36c7
Ubuntu Security Notice 3725-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.61 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.23. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
bd7c82bd9b43d8302f1ba59e7e245d65ac06842703a6bb0d4e6379f2c8ff9fdc
Red Hat Security Advisory 2018-2289-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. Issues addressed include a bypass vulnerability.
89db1d255b2ebdecdf4e455112b4792eed9730114402ea293fd5d0b93896cade
Red Hat Security Advisory 2018-2290-01 - memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Issues addressed include an integer overflow.
4e72de47595402af82b7742070e9de1468889fe6778ff71261bcae5655fa8597
Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a clear-text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are sent unencrypted to the remote AMQP service. An unauthenticated attacker in the same network collision domain, could potentially sniff the password from the network and use it to access the component using the privileges of the compromised user.
b88245a3c30e47eecf7a2837426863c2649600bf0a874b7d50debeea19b25006
Red Hat Security Advisory 2018-2282-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 68.0.3440.75. Issues addressed include buffer overflow, bypass, and information leakage vulnerabilities.
ca5766f6b9de8d71d945f0c80ca146b85298f67e058c051a145c1c10100e5988
Red Hat Security Advisory 2018-2284-01 - The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Issues addressed include a traversal vulnerability.
88b27afe2aa19bbc48817cf9c7404ca008beb3f307e3205b174d9219766b8713
Red Hat Security Advisory 2018-2285-01 - The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Issues addressed include a traversal vulnerability.
be32cbe9654e9e32200354086a3bc6c21a5b1f829cfa2287fb8597d4458e027e
Red Hat Security Advisory 2018-2286-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include an insufficient validation vulnerability.
d274be6d6ece344f0a707f546b44fdb63c8772eff44769765004f7df4c852b4a
Red Hat Security Advisory 2018-2283-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include an insufficient validation vulnerability.
15d9125195132ea4b872e91f3809c2bc02898b200dbd17af922ad3520923d39c
Debian Linux Security Advisory 4257-1 - Jann Horn discovered that FUSE, a Filesystem in USErspace, allows the bypass of the 'user_allow_other' restriction when SELinux is active (including in permissive mode). A local user can take advantage of this flaw in the fusermount utility to bypass the system configuration and mount a FUSE filesystem with the 'allow_other' mount option.
6ae379afa1bdb3daca80e53b902623ac0af07b819114316f385107c5a5c45863
Debian Linux Security Advisory 4258-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
ac4d29a191b91b8377d86774f4f94d83e77e95e3518f503758d5d1efa7396b29
Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.
af6fc158a858662e25882608104480c25fcc4d45a236f8081a633157c455f8c7
Gentoo Linux Security Advisory 201807-4 - A heap-based buffer overflow in cURL might allow remote attackers to execute arbitrary code. Versions less than 7.61.0 are affected.
0a2320b12f6346b6d6a07303de445c5e22e0dc8f7838dc4b90dd35b3b1eacfe1
Gentoo Linux Security Advisory 201807-3 - Multiple vulnerabilities have been found in ZNC, the worst of which could result in privilege escalation. Versions less than 1.7.1-rc1 are affected.
91fb9587b76cf7af39bf255f51d11ce5f6170df1fe7a9a3e8a017635623d2674
This Microsoft advisory notification includes advisories released or updated on July 26, 2018.
35a049ea6e21911bf22ccf3333cf87a197c717531e4d3d0322045c4ebff9954b
Debian Linux Security Advisory 4256-1 - Several vulnerabilities have been discovered in the chromium web browser.
b37c2f37b7d2cc256391b4cbdfc0701d5bdb60add7642c0eba9fa126b255b5cc
This Microsoft bulletin summary holds a CVE update for CVE-2018-8202.
d711a2912b947865bc4e6a6c596bb87a47a588684e75b6c65b74d11197146979
This Microsoft bulletin summary holds CVE updates for CVE-2018-8308.
dea63ee770752757f3393bac9560688ed9ae6dbfb0eca27e531bdc642cfdcaa5
Red Hat Security Advisory 2018-2251-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.
cfab7a998bd27c1e4a1a0e65a6b7bd19bed1aba4d0504b8ee9a31d57643744bf
Red Hat Security Advisory 2018-2252-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.
710bbfbe7f1c6bbad567e4d6df96227243d295254c8df4498a8b7b3a8cd14173
Red Hat Security Advisory 2018-2255-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 191. Issues addressed include an insufficient validation vulnerability.
7f56d6d295c0b9904a9d164fe4d5c455c5008ad4d1e65d4ab50bb02cf2ac133d