Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.
05618523951e266d43a52069da1f0ba34d7ea40ab7b10ec9fbdc045f2a7608d6Red Hat Security Advisory 2019-1259-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507. Issues addressed include a denial of service vulnerability.
88adbd50131e2a099da28f4661da4264afaab14abbf4ed24b5194139431d2b90JSC DFG's doesGC() is incorrect about the HasIndexedProperty operation's behavior on StringObjects.
14a279bae66e49056c0e4b2a9091c3240e0fe8851027046cca926102cea4471bRevive Adserver versions prior to 4.2.1 make use of a cryptographically weak pseudo-random number generator.
feabf4f5898a355332369c41662b3e060d381adec2eedf985f89fc2676ad6cbdWebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities and various other issues that can lead to code execution. Multiple versions are affected.
fc77f6adb81f44a3ceb47bcf986c7857a13278c42b77786d3bf874042831015cUbuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.
28909dfaec423e05f4608eb048743996392be70b8be76c266a132e15a974d78bRed Hat Security Advisory 2019-1258-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL.
d734ef64d7114739cff19f38271902146dcd30ed2009404fec5ebeeed3280b4cUbuntu Security Notice 3989-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.
f48db585c7142fafe34c9d53c8235891a172ee735429b190c47490cd53eb7fbcUbuntu Security Notice 3990-1 - It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.
e9666cdd7eef3aca2bd5ffd29ff63c88a8467a370952dab56c248b7ca926192cJavaScriptCore AIR optimization incorrectly removes assignment to register.
a8dd00ac9f2bcbdc2b915ee79af5769a43a82c3045a988444400a182ce34eb0cRed Hat Security Advisory 2019-1245-01 - An update is now available for Red Hat Quay 3. Issues addressed include a man-in-the-middle vulnerability.
6a3ad047041bafc7aec7a00f709ef5bb136a7c52c4e176c7c02217045a47b31aUbuntu Security Notice 3985-2 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
f1cb1a1bf9b2f78407c94f968bde455d07cd4e360ff1504fa77d64c0ecf72c91Red Hat Security Advisory 2019-1243-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 74.0.3729.131. Issues addressed include an out of bounds access vulnerability.
0668684b9b5f8a2d66275b8fd6b0de51331195c06ee9f07e85e26c1f51718017Ubuntu Security Notice 3988-1 - It was discovered that MediaInfo contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfo to crash, resulting in a denial of service.
8fed6c2a76f828c83e674aea5402e22f9abb4840ccf7cfcfe69a12aaf029317fUbuntu Security Notice 3986-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.
9bf7bece1c350cccab56865cb42b760e25e431468015746400a7309649675fdbRed Hat Security Advisory 2019-1238-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include a buffer overflow vulnerability.
ec20c7bb3400cda4ce362180081bb842b3098913284687804e41bd4ebf7d57c6Red Hat Security Advisory 2019-1237-01 - The rh-python35-python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage vulnerability.
a7524274e041f70601d5a5607cdf562d36f391be932c212a56d22b3047e12dbfSlackware Security Advisory - New rdesktop packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
3f652b156d86664919d321bdd386ff0b197a45ae0191ac05ba1389173deb1aaeRed Hat Security Advisory 2019-1236-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.16, 1.1.13, 2.1.11, and 2.2.5. Issues addressed include a denial of service vulnerability.
6fce1e15cd8e6e435255395f04102d0a04aef3027b9d04dd4f61e9621410cbe4Ubuntu Security Notice 3985-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Ă–sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
7534b3aecd4afe92e8ac42e822a5b135ac5bcb68d6c26985c9b93bd054a537e4Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
68b47f4ffdc07819c94fbeb47e6d696fbb807757f05ad06fdc02f508ff57c808Red Hat Security Advisory 2019-1234-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.192. Issues addressed include a code execution vulnerability.
1836b28b51a78f63384effdd713d7ca2fd038789bce3b61dc479473235def733Debian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
d8b699763de9d6f223f90a3cba116541baf7a07ab1db9fea958646ded049c54eUbuntu Security Notice 3983-2 - USN-3983-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
71e35e54b29a6d6208ed09c73b86ede565c1f67be2f263b26df5e1a5c632a200Ubuntu Security Notice 3981-2 - USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.
cf1d147a8ca174e26d17ced42907db03da00db107fe0eeb5b4c3ac4cf14c1305
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed