Red Hat Security Advisory 2017-1285-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a newer upstream version: collectd. Security Fix: collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and with empty "AuthFile" options an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.
776f60d9d717f98debe6591d5c749394531c12b7c6f20e209f53577feadf7e52
Ubuntu Security Notice 3298-2 - USN-3298-1 fixed a vulnerability in MiniUPnP. This update provides the corresponding update for Ubuntu 17.04. It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library. Various other issues were also addressed.
5a1f244a639723fbd4203f9d69ead26cbeb2abd49dbc6d279bb0532f02b34f38
Ubuntu Security Notice 3296-1 - It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code.
74c8dce6464b45a17a96071c45ced2918a74b90c99d10b7e5dc0109233c1a292
HPE Security Bulletin HPESBHF03750 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5, Comware 7 and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
7f882c6324716b75cd78a8b4cab85a38448ce39540c3887364e56b39ae65a64d
Gentoo Linux Security Advisory 201705-14 - A vulnerability in Smb4K could allow local attackers to execute commands as root. Versions less than 1.2.3-r1=E2=80=88 are affected.
9be6ea56f40f00cf7923d6ab881d6124ac5ea1313b410131e4fb7deccec6e898
Gentoo Linux Security Advisory 201705-13 - Teeworlds client vulnerability in snap handling could result in execution of arbitrary code. Versions less than 0.6.4 are affected.
726fa651af570a6bf068da3abe00936709c9bea5e589202f2cac0f36b007c521
Gentoo Linux Security Advisory 201705-12 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 25.0.0.171 are affected.
259b808761e0e98470f16e5aabd7f216dc8d5a307d8f2381e704cf2cbd78d433
Ubuntu Security Notice 3297-1 - Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly disclose sensitive information. Various other issues were also addressed.
8995d60474715ca698f623cfd847001e10d5652f23121b9db2700dc1ab3047cc
Debian Linux Security Advisory 3863-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.
d67b514719632528efba1567bd135fdf63d7336a14fc411155a5bbc9412f99c4
Gentoo Linux Security Advisory 201705-11 - Multiple vulnerabilities have been found in Xen, the worst of which could allow for privilege escalation. Versions less than 4.7.2-r1 are affected.
88256f8cd485249f5f238de1a9910c899d9943d9e363d9853729ce40b2c2c543
HPE Security Bulletin HPESBHF03746 1 - Potential security vulnerabilities have been identified in HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be exploited remotely to allow execution of code. Revision 1 of this advisory.
1ea0082d1774a3deb45526dce71a859acda9cb53b77a5847982fa6bdf2b9f3a2
Red Hat Security Advisory 2017-1334-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Security Fix: An input validation vulnerability was found in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible, and the ability to send facts back to the Ansible server, could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.
204a789202d549f591081ca3fc1e84f843d4846f5dca491183ea3afac773bf62
Red Hat Security Advisory 2017-1298-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
40f0d88fee842312c08174e9a755735d073fbc79231455636cffc86f445ac1fd
Red Hat Security Advisory 2017-1297-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
4cdf95d71fe190028c5b4eaf8a98bb01e7ca1f467d3e4a94c93169e92070f5df
Red Hat Security Advisory 2017-1308-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A local attacker with CAP_NET_RAW capability could use this flaw to trigger a buffer overflow, resulting in the crash of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
05e1316e780dc2164e9b946f6bf6af0785375c6af129a7e24f7c80990de20921
Ubuntu Security Notice 3298-1 - It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.
631298feb6a5b1934adf10d2fd480579073fd086c0ef642c6eb804daf10480a8
Ubuntu Security Notice 3299-1 - Some security information preloaded in Firefox was due to expire before the next scheduled release. This update bumps the expiration times.
df3414b2d818c1a38bdba2005fdd90d516dbc52be88231e97df0d51c9e68bc35
Slackware Security Advisory - New samba packages are available for Slackware 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
9513be389e78976da3f00c4485ef02d0ed3bee97954917bf86af4ff2cd2589d4
HPE Security Bulletin HPESBHF03751 1 - A potential vulnerability in HPE Aruba AirWave Glass 1.0.0 and 1.0.1 could be remotely exploited to allow remote code execution. Revision 1 of this advisory.
1722d4cad3d0d2c67f2fd4e92eae1dd12ceb75eb0f8239a356d352732d1de17f
Ubuntu Security Notice 3296-2 - USN-3296-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code. Various other issues were also addressed.
582154a3e5f15b8b497e94262789591a1ba008088aa8adf694d1ab35ee200e61
Debian Linux Security Advisory 3861-1 - Jakub Jirasek of Secunia Research discovered that libtasn1, a library used to handle Abstract Syntax Notation One structures, did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into processing a maliciously crafted assignments file.
a686af7b3ef858fd2228b341cc27e32399ed5f33d77e41ebaf52b825d43fa96d