Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.
05618523951e266d43a52069da1f0ba34d7ea40ab7b10ec9fbdc045f2a7608d6
Red Hat Security Advisory 2019-1259-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. A new version of .NET Core that address security vulnerabilities is now available. The updated version is .NET Core Runtime 2.1.11 and SDK 2.1.507. Issues addressed include a denial of service vulnerability.
88adbd50131e2a099da28f4661da4264afaab14abbf4ed24b5194139431d2b90
JSC DFG's doesGC() is incorrect about the HasIndexedProperty operation's behavior on StringObjects.
14a279bae66e49056c0e4b2a9091c3240e0fe8851027046cca926102cea4471b
Revive Adserver versions prior to 4.2.1 make use of a cryptographically weak pseudo-random number generator.
feabf4f5898a355332369c41662b3e060d381adec2eedf985f89fc2676ad6cbd
WebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities and various other issues that can lead to code execution. Multiple versions are affected.
fc77f6adb81f44a3ceb47bcf986c7857a13278c42b77786d3bf874042831015c
Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.
28909dfaec423e05f4608eb048743996392be70b8be76c266a132e15a974d78b
Red Hat Security Advisory 2019-1258-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL.
d734ef64d7114739cff19f38271902146dcd30ed2009404fec5ebeeed3280b4c
Ubuntu Security Notice 3989-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.
f48db585c7142fafe34c9d53c8235891a172ee735429b190c47490cd53eb7fbc
Ubuntu Security Notice 3990-1 - It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. Various other issues were also addressed.
e9666cdd7eef3aca2bd5ffd29ff63c88a8467a370952dab56c248b7ca926192c
JavaScriptCore AIR optimization incorrectly removes assignment to register.
a8dd00ac9f2bcbdc2b915ee79af5769a43a82c3045a988444400a182ce34eb0c
Red Hat Security Advisory 2019-1245-01 - An update is now available for Red Hat Quay 3. Issues addressed include a man-in-the-middle vulnerability.
6a3ad047041bafc7aec7a00f709ef5bb136a7c52c4e176c7c02217045a47b31a
Ubuntu Security Notice 3985-2 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
f1cb1a1bf9b2f78407c94f968bde455d07cd4e360ff1504fa77d64c0ecf72c91
Red Hat Security Advisory 2019-1243-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 74.0.3729.131. Issues addressed include an out of bounds access vulnerability.
0668684b9b5f8a2d66275b8fd6b0de51331195c06ee9f07e85e26c1f51718017
Ubuntu Security Notice 3988-1 - It was discovered that MediaInfo contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfo to crash, resulting in a denial of service.
8fed6c2a76f828c83e674aea5402e22f9abb4840ccf7cfcfe69a12aaf029317f
Ubuntu Security Notice 3986-1 - It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.
9bf7bece1c350cccab56865cb42b760e25e431468015746400a7309649675fdb
Red Hat Security Advisory 2019-1238-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP35. Issues addressed include a buffer overflow vulnerability.
ec20c7bb3400cda4ce362180081bb842b3098913284687804e41bd4ebf7d57c6
Red Hat Security Advisory 2019-1237-01 - The rh-python35-python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include an information leakage vulnerability.
a7524274e041f70601d5a5607cdf562d36f391be932c212a56d22b3047e12dbf
Slackware Security Advisory - New rdesktop packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
3f652b156d86664919d321bdd386ff0b197a45ae0191ac05ba1389173deb1aae
Red Hat Security Advisory 2019-1236-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.16, 1.1.13, 2.1.11, and 2.2.5. Issues addressed include a denial of service vulnerability.
6fce1e15cd8e6e435255395f04102d0a04aef3027b9d04dd4f61e9621410cbe4
Ubuntu Security Notice 3985-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Ă–sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
7534b3aecd4afe92e8ac42e822a5b135ac5bcb68d6c26985c9b93bd054a537e4
Red Hat Security Advisory 2019-1235-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
68b47f4ffdc07819c94fbeb47e6d696fbb807757f05ad06fdc02f508ff57c808
Red Hat Security Advisory 2019-1234-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 32.0.0.192. Issues addressed include a code execution vulnerability.
1836b28b51a78f63384effdd713d7ca2fd038789bce3b61dc479473235def733
Debian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
d8b699763de9d6f223f90a3cba116541baf7a07ab1db9fea958646ded049c54e
Ubuntu Security Notice 3983-2 - USN-3983-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
71e35e54b29a6d6208ed09c73b86ede565c1f67be2f263b26df5e1a5c632a200
Ubuntu Security Notice 3981-2 - USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.
cf1d147a8ca174e26d17ced42907db03da00db107fe0eeb5b4c3ac4cf14c1305