Red Hat Security Advisory 2020-1497-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include a buffer overflow vulnerability.
f80f1e718d52160743afe826ffa9c8a4d9183700f91505d41bdbaf883bab9c21Red Hat Security Advisory 2020-1495-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Issues addressed include out of bounds write and use-after-free vulnerabilities.
0372171b6c3257e955ee13ea1cff0749a2aa8955f6d4bbf1eb56e15f1c77b11dRed Hat Security Advisory 2020-1496-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Issues addressed include out of bounds write and use-after-free vulnerabilities.
f9059f9f96f09681cca6c1c026a26d7147b0fd9e3e88a56fd2fa77c59fab7c6dRed Hat Security Advisory 2020-1493-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, heap overflow, and null pointer vulnerabilities.
f9f905afbd1c07e906b01a9b5f9efb2a071312f8ce6cf0b7ced2546f5dad629eRed Hat Security Advisory 2020-1488-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Issues addressed include out of bounds write and use-after-free vulnerabilities.
3d641f1f595cc55e33f5677dc89e422acc8ca2db255c90e6d2c6773108b78b21Red Hat Security Advisory 2020-1489-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.7.0. Issues addressed include out of bounds write and use-after-free vulnerabilities.
a5edb044c676b7ae3379c1e267c7dcb5faf5cc278704b1b13ddcbedb06e96680Red Hat Security Advisory 2020-1487-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 81.0.4044.92. Issues addressed include an out of bounds read vulnerability.
c201ecf1b01f3a1d1f24e5272b70e283c47ac0ef6e45093796cf47db418d1f25Red Hat Security Advisory 2020-1486-01 - The ipmitool packages contain a command-line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. Issues addressed include a buffer overflow vulnerability.
ba349d02ef8554628c8a59293372ccbaee2189ea0d55bf9ce58928dc5d1cb810Ubuntu Security Notice 4330-1 - It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.
103beb00d1081229c9f84f14247061058d88af29920494f71828b3a45201dd63CA Technologies, A Broadcom Company, is alerting customers to multiple vulnerabilities in CA API Developer Portal. Multiple vulnerabilities exist that can allow attackers to bypass access controls, view or modify sensitive information, perform open redirect attacks, or elevate privileges. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. Versions 4.2.x and below as well as 4.3.1 are affected.
6d265b473d801c6edbd64f1ac235a8448cf52134380927f18722ca0f0b0a1813Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information (read memory from another guest VM). Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory).
ca957b71b70ae09e8f907fcd801c5a9571b9a877407f563e8bd4dc3a7e21def9Ubuntu Security Notice 4329-1 - Felix Wilhelm discovered that Git incorrectly handled certain URLs that included newlines. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
c507f897a077e45f8e138f77a383e2e59f2ee92189aa4eff179d2ffee8fb105cRed Hat Security Advisory 2020-1478-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.
d84fae8c88d4aa3d8749bc4b09e1db93b8f74c5ff47654c2138ce978f244de21Red Hat Security Advisory 2020-1479-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.
cb3d2e59f737cca534608d0a69b173e618f90055450114ed6b1d53e19692bf15Red Hat Security Advisory 2020-1475-01 - Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development. Issues addressed include a bypass vulnerability.
b5c8f10137e8c8827b0c0c84598a3473b41756f99fb1840845586af722d09d16Red Hat Security Advisory 2020-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
920696c0e32317a6d3b2b3813652b6ec4156aaf52111b944643b5cc67468b844Red Hat Security Advisory 2020-1461-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.
6f849628c8283933e795cc7c5a43d9c1b76b0d0812a2ec3ca6dcc3f40b6d9960Red Hat Security Advisory 2020-1471-01 - The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. A double-free issue was addressed.
c119e7c14d41f3620c80755171d913cc24910c1f0709552b0f23dedf48571eeaRed Hat Security Advisory 2020-1470-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
7afeadbc4c99701e9484d75f0545e54d6a95cf198aa6be96a12760f702fb5356Red Hat Security Advisory 2020-1464-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Issues addressed include a privilege escalation vulnerability.
a5e2fc1d02621564cb71b34bdb55c50363ed27fd8b8912ee9cc480bdd0085c2eRed Hat Security Advisory 2020-1462-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
13cad2f3b24f9bcb2ffc46f612f937821b8385d1c587da44e80913794075e4a9Red Hat Security Advisory 2020-1396-01 - The podman tool manages Pods, container images, and containers. It is part of the libpod library, which is for applications that use container Pods. Container Pods is a concept in Kubernetes. A file overwrite issue was addressed.
b46bc7f1ffd4575984dfb530583452c2675970f3ae5002ac83cfd5e695ea8e97Red Hat Security Advisory 2020-1473-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
89eea5e4fee72506d0476bd22dc881f27a31bcf2786222a145d09ed8a694638eRed Hat Security Advisory 2020-1460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. BR/EDR encryption key negotiation attacks were addressed.
3b34a6b1f468974c158bdf39d7b449c074cd1abc7a972dea0dcbd4c3cfafc774Red Hat Security Advisory 2020-1454-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include an information leakage vulnerability.
e50ff276f0065191e2af3057790dfb6b1d4f7ce684207066157bfc3463f130c1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed