Red Hat Security Advisory 2019-0910-01 - This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a deserialization vulnerability.
05dca764a934db5626dabfbc55d7cc06a8facaf44f0a09956efa3c45a18c1a26
Apache Archiva versions 2.0.0 through 2.2.3 suffer from arbitrary file write and delete vulnerabilities.
b8dcaeba46cd142605678810a1d0b6c2dc035a30e2018fe9649c17695c0a0b12
Apache Archiva versions 2.0.0 through 2.2.3 suffer from a persistent cross site scripting vulnerability.
dcd6152ced13abecbc177d100e88e12766627dc4e3c81c5b7a982d5a7b43b20d
Ubuntu Security Notice 3960-1 - It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service.
e5c36b8236e5dcac5f3e631829a426222f458001fa01af8cacd7e1b7017756d3
Debian Linux Security Advisory 4437-1 - It was discovered that a buffer overflow in the RTSP parser of the GStreamer media framework may result in the execution of arbitrary code if a malformed RSTP stream is opened.
bc8a622611b63e97247b96fb5c74154f4653d1a8a7fb4a49421109c5cd1b1448
Ubuntu Security Notice 3959-1 - It was discovered that Evince incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information.
669dda614f5b4d31dcae47c97ea37086595e9048aaeae96cd72e4b56af7910f3
Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.
df28c2b8fc806792950ef320b38b24112132d25d54ec04f8f3aee39e69995fc1
Red Hat Security Advisory 2019-0902-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.
90195f168793e06b9ef0967c605d9f9f6f6e3901ed207e9aae55bb2357627299
Debian Linux Security Advisory 4436-1 - problems and missing or incomplete input sanitizing may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed.
525bc559decb02a259f43ff4c1088a37825ad9c868630219ca313aa43aee104c
Ubuntu Security Notice 3958-1 - It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams. If a user were tricked into opening a crafted RTSP stream with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code.
30a531e6b3c61b8b33c9f33b0cf3f8999309865d93c6e054ffba3ec781e2c5d0
Ubuntu Security Notice 3957-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have been updated to MySQL 5.7.26. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
fd6da06d0b5fcdab5ffdf9a225f950455852d3694d5de517d73e8563af33caa6
Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
ea217cab2b85ff9222a103d60a3ecf77601ae00ad9c3ce3f302f6a3eacc53cba
GAT-Ship Web Module versions prior to 1.40 suffer from an unrestricted file upload vulnerability.
29b659482027b40950b1a55c4531b6749375a0bdfd8e2c1ecbc694deaca21696
Ubuntu Security Notice 3956-1 - It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
3d24ed0e149890bba90071f8a75a8241b8ac0de8924929c8af98c07861a6b0c0
Ubuntu Security Notice 3955-1 - It was discovered that tcpflow incorrectly handled certain malformed network packets. A remote attacker could send these packets to a target system, causing tcpflow to crash or possibly disclose sensitive information.
6cf5a53ec29be9040d1801329f4f20f949f71d9d030b7c6df3a273f9ac45bd7c
Ubuntu Security Notice 3922-3 - USN-3922-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
803a4bbada6ca25b99730a60e87bb2e4bd4ffb9f3b9c099cee7b2e025aff543b
Red Hat Security Advisory 2019-0886-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6 and 7.
51ee6ce89ffa1483a5ec9d03a365dbe195147c06ea7b02816c74f69960f40146
Gentoo Linux Security Advisory 201904-25 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.0-r4 are affected.
b8ef2d5b31853634154b8d8df5f413eb259a7fcf09e7c186b608a5ad6e3aad61
Gentoo Linux Security Advisory 201904-24 - Multiple vulnerabilities have been found in Ming, the worst of which could result in a Denial of Service condition. Versions less than 0.20181112 are affected.
89fc4c461140c0c378a047021c889a873387afdd57d749af13dc04ddb3fedb14
Red Hat Security Advisory 2019-0877-01 - Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Thorntail 2.4.0 serves as a replacement for RHOAR Thorntail 2.2.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.
5a770a9e44f952c4dbd8ebcd0a5a7da0c0737d9f710ca712c6c037e86137438f
Ubuntu Security Notice 3954-1 - It was discovered that FreeRADIUS incorrectly handled certain inputs. An attacker could possibly use this issue to bypass authentication.
1eb13bc35a756c03e3145507d6d0d7a516996bc6cf6f7b5a26bd2720ffa03b66
Confluence Server and Confluence Data Center suffer from a path traversal vulnerability in the downloadallattachments resource. Versions affected include 6.6.0 up to 6.6.13, 6.7.0 up to 6.12.4, 6.13.0 up to 6.13.4, 6.14.0 up to 6.14.3, and 6.15.0 up to 6.15.2.
54a6bf44997071eacfb8aca90470a91c600400151badba57559e2a382f7bcf17
Ubuntu Security Notice 3936-2 - USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
1cb95bb14e2ae5da83921b83e00a2b435a18221c8d5f817232ec256867b3d9b4
Red Hat Security Advisory 2019-0868-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.7 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
499f331beaf6d05c7febcd24be4e987b27ce2daffebe7e4197bbb2d838627df9
Red Hat Security Advisory 2019-0857-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.7 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements.
0ca7fc023124bc1f0da469e121be746b038c42793c79e53b6ee17612555d18ae