Exploit the possiblities
Showing 51 - 75 of 3,960 RSS Feed

Files from Red Hat

Email addresssecalert at redhat.com
First Active2006-01-15
Last Active2018-01-19
Red Hat Security Advisory 2018-0021-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0021-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

tags | advisory, kernel
systems | linux, redhat
MD5 | be5ddb78d86fbfbb4c4cfde424816886
Red Hat Security Advisory 2018-0020-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0020-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

tags | advisory, kernel
systems | linux, redhat
MD5 | 3f28ae423b0f42009ca8508aaf41b1c4
Red Hat Security Advisory 2018-0012-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0012-01 - The microcode_ctl packages provide microcode updates for Intel and AMD processors. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory
systems | linux, redhat
MD5 | ce8bc5e196bafe5e007baee67e8f9598
Red Hat Security Advisory 2018-0018-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0018-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. Please refer to References section for further information about this issue and the performance impact.

tags | advisory, kernel
systems | linux, redhat
MD5 | 6ed4606b0130e1b28f898be105623fe7
Red Hat Security Advisory 2018-0013-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0013-01 - The microcode_ctl packages provide microcode updates for Intel and AMD processors. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit. As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.

tags | advisory
systems | linux, redhat
MD5 | 12fa431aa812b05dd118f7090d8b4bd3
Red Hat Security Advisory 2018-0007-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0007-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
MD5 | 3650657f5647aac2e4525bdda8cbbdc0
Red Hat Security Advisory 2018-0008-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0008-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
MD5 | e9555c16d39d26927f25fd56bfd1ee8a
Red Hat Security Advisory 2018-0011-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0011-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
MD5 | 53bda9d25882a61260979da0b7094c9d
Red Hat Security Advisory 2018-0009-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0009-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
MD5 | 97cf0138d7feb2c8d3d90c8f521c3ae8
Red Hat Security Advisory 2018-0010-01
Posted Jan 4, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0010-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.

tags | advisory, kernel
systems | linux, redhat
MD5 | 7f2f57f43598e7417f8820ef33b00f31
Red Hat Security Advisory 2018-0005-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0005-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | aac8a37c771d15022754d85ed843305a
Red Hat Security Advisory 2018-0004-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0004-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 2ca6effdab3cd5decbed50e07509a63b
Red Hat Security Advisory 2018-0002-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0002-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 0894af1f635e49e7a3ce1d8a874115ef
Red Hat Security Advisory 2018-0003-01
Posted Jan 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0003-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2017-12165, CVE-2017-12167, CVE-2017-12189, CVE-2017-12629, CVE-2017-7559, CVE-2017-7561
MD5 | 0a5412e7af365baf178d6fd067479b13
Red Hat Security Advisory 2017-3493-01
Posted Dec 21, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3493-01 - In accordance with the Red Hat Enterprise MRG Life Cycle policy, Red Hat Enterprise MRG Version 2 for Red Hat Enterprise Linux 6 will be retired as of June 30, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise MRG Version 2 for Red Hat Enterprise Linux 6 after June 30, 2018.

tags | advisory
systems | linux, redhat
MD5 | ba86756d028d7e1ec16cee1905536541
Red Hat Security Advisory 2017-3490-01
Posted Dec 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3490-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.7 will be retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.7 EUS after December 31, 2018.

tags | advisory
systems | linux, redhat
MD5 | 16f98a6d8a49860a9c57656eed2cc002
Red Hat Security Advisory 2017-3485-01
Posted Dec 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064
MD5 | 3600c3f840b4088b74aad6855538448c
Red Hat Security Advisory 2017-3484-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3484-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. CloudForms Management Engine Appliance. CloudForms Management Engine Gemset. Multiple security issues have been addressed.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-2664
MD5 | 664a0547e1fd2c77754dc2ae4f23b341
Red Hat Security Advisory 2017-3481-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3481-01 - Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will automatically determine the location for bricks across the cluster, making sure to place bricks and its replicas across different failure domains. Heketi also supports any number of GlusterFS clusters, allowing cloud services to provide network file storage without being limited to a single GlusterFS cluster. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-15103, CVE-2017-15104
MD5 | f4948d96eaff5eed37c2c2cb9ce41fea
Red Hat Security Advisory 2017-3479-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3479-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239.108. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15429
MD5 | 68eed7e922f6e51ce77a93144706ca10
Red Hat Security Advisory 2017-3477-01
Posted Dec 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3477-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12613, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9798
MD5 | c060ac568692c5a625232ab20b67a36e
Red Hat Security Advisory 2017-3476-01
Posted Dec 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3476-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12613, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9798
MD5 | 2998dd842722e8dccbccecc95efc81bf
Red Hat Security Advisory 2017-3475-01
Posted Dec 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3475-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12613, CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9798
MD5 | 4ef23340919b51fe7aeb084c433c2e50
Red Hat Security Advisory 2017-3474-01
Posted Dec 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3474-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | b377cde0952495aa6f0f019183098bb5
Red Hat Security Advisory 2017-3466-01
Posted Dec 15, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3466-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | 80f1b1f9f53f4d7dc4ab91f430db374e
Page 3 of 159
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close