Ubuntu Security Notice 4215-1 - It was discovered that NSS incorrectly handled certain certificates. An attacker could possibly use this issue to cause a denial of service.
502c7fc5e2babf83fbec9dab100070f278da3636a8edd0329005b281fb368bfeRed Hat Security Advisory 2019-4114-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. An out-of-bounds write was addressed.
8f34b769e5fc49dd0df4e862edaeccc1b3a9139ef81188faf76c4295aef79e9cRed Hat Security Advisory 2019-4115-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.
4b71d33f382e5e49154dc2716af7399bcee7a7701f8ea51cc94e0891474b32ecRed Hat Security Advisory 2019-4113-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR6. Issues addressed include deserialization and null pointer vulnerabilities.
d666e814e18905e238d69e35f214f6c18b5e35e57e865b5590848b0321d14169A malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host. Symantec Endpoint Protection versions 14.x below 14.2 (RU1) and 12.x below 12.1 (RU6 MP10) are affected. Symantec Endpoint Protection Small Business Edition versions 12.x below 12.1 (RU6 MP10c) are affected.
ba684560b58492719e146b7962feca0b68d0d97a728a6b906962fa4a1fc92df6OpenSSL Security Advisory 20191206 - There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME.
161cc8530c92bc02fac2a71dc79ca3638bbfaa2a59eb49517b1f72fbf38ae5e3BeeGFS versions 7.1.3 and below suffer from a privilege escalation vulnerability.
d30029c1850a3b316562ecfdf0823e70e5d8b72548aae0f53565d9c31f6d8df9Red Hat Security Advisory 2019-4111-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.3.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
224bba0bea2b4b81070d09ee9d8678b000af220507ef8c975f454c91cd9c86f0Red Hat Security Advisory 2019-4107-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.3.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
5562b5f2a63c0b121aab356793d7cab30942eed21a39b943fda49544217da70dRed Hat Security Advisory 2019-4108-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.3.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
41a8f4fe9c609a086f35de7bc944ec7276570160b7ec31e6209af5aa9ccb6d52Ubuntu Security Notice 4214-1 - It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
cb29788344365ab2b1d386d6b9f5b6cd6bd498dc04ad06ea17b75bca90e9cb4eRed Hat Security Advisory 2019-4109-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Issues addressed include deserialization and null pointer vulnerabilities.
968d959fde4c2a03c012fae36e23646bf2dfebf2fe41f0a770f14c22863f148fRed Hat Security Advisory 2019-4110-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP55. Issues addressed include deserialization and null pointer vulnerabilities.
c2163794ac91d134a60d9ad2a503a0c2c6e311293f7fe330faa334d9d3bd401aUbuntu Security Notice 4213-1 - Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks and access restricted servers. This issue was only addressed in Ubuntu 19.04 and Ubuntu 19.10. Jeriko One discovered that Squid incorrectly handed URN responses. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
95608e82aa5bc19b1025fff36128f36c39a6e83721488fe4c6dc58d9f2cfe122Ubuntu Security Notice 4212-1 - Tim D
e716076d47c2974458d52d31fb8ab1e046f2d578e50639df189d4f36da59168dRed Hat Security Advisory 2019-4082-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory includes ose-cluster-authentication-operator-container, ose-cluster-config-operator-container, and ose-cluster-kube-apiserver-operator-container, which have been updated with the a fix to address a secret disclosure issue.
563414c80fc6048a1732d2861ad68304d7131d3a8df3d594fa17915be9216316Red Hat Security Advisory 2019-4081-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A secret disclosure issue was addressed.
6b7952ff309ebcc67992f4ee628929d88e9300eace6f419ca81de1d070a258a7Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
15e55fbcf0e46f52c452659cc5536923f77e0d93866281a4ade6de408cc3a5c4Ubuntu Security Notice 4182-3 - USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. Various other issues were also addressed.
9873ce0744c7903ed3485e6ed56137adac90e035c3d1321e1445e3b1cb36a2edUbuntu Security Notice 4182-4 - USN-4182-2 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. Various other issues were also addressed.
97e13efb5017be1375b480c91abcd9a1c5897daac63a1dd2a24252e7741db982Red Hat Security Advisory 2019-4075-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ose-cluster-kube-apiserver-operator-container and ose-cluster-kube-scheduler-operator-container images for Red Hat OpenShift Container Platform 4.2.9. These images have been rebuilt with an updated version of openshift/library-go to address a data sanitization issue.
9e663213cc9ad506fa281f48e31e66c01b3779f099e2b5b9665dac99a925af94Red Hat Security Advisory 2019-4074-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the runc RPM package for Red Hat OpenShift Container Platform 4.2.9. The runC tool is a lightweight, portable implementation of the Open Container Format that provides a container runtime. Issues addressed include a bypass vulnerability.
66e602ca70f1b784c50eafc915b506699c891d638a3ada3a7fb0fab8921fa3e6Ubuntu Security Notice 4194-2 - USN-4194-1 fixed a vulnerability in postgresql-common. This update provides the corresponding update for Ubuntu 14.04 ESM. Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
ac5e1cc73bc4af9f7be486a13b218331311753c1ebd481c5bf5f2f384f810a43Ubuntu Security Notice 4207-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
8a1c3fd7155302cb1ec1e31f9144f4a9663fff6db142a158728344092ab7406dUbuntu Security Notice 4206-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service.
20ce73efdbd82d12749ed443483915973c7f843ca5b1c0cf7ee750b99ba02e45
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed