Debian Linux Security Advisory 3976-1 - Marcin 'Icewall' Noga of Cisco Talos discovered two vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened.
0a69601790864c6fb3deab2a65a9e4e5d304fe53babef2625fd8e003bb451c4aGentoo Linux Security Advisory 201709-9 - A command injection vulnerability in Subversion may allow remote attackers to execute arbitrary code. Versions less than 1.9.7 are affected.
71ad2e3ea855a8a91408fb8dc7d0efea59a1c6f92a7d8dacb8134433f2085bb4Gentoo Linux Security Advisory 201709-10 - A command injection vulnerability in Git may allow remote attackers to execute arbitrary code. Versions less than 2.13.5 are affected.
e92e20a35f60603bd964dd01bad3a0b018c363015d80f1cea02411d5feff0bcbGentoo Linux Security Advisory 201709-11 - Gentoo's GIMPS ebuilds are vulnerable to privilege escalation due to improper permissions. A local attacker could use it to gain root privileges. Versions less than 28.10-r1 are affected.
96ea60b0a4facc92e4b97ee120156b4c4e7ef9c01962be854a1044d5f3540b4aGentoo Linux Security Advisory 201709-12 - A vulnerability in module File::Path for Perl allows local attackers to set arbitrary mode values on arbitrary files bypassing security restrictions. Versions less than 5.24.1-r2 are affected.
354da611e13b26533594dfaddd7263b5ff8f6d1c891f45eda624a9cbb40d1437Gentoo Linux Security Advisory 201709-13 - A vulnerability in SquirrelMail might allow remote attackers to execute arbitrary code. Versions less than 1.4.23_pre20140426 are affected.
da9c6c27e01b985e24b832d8da884cfb720f0b5b35fd69e1d00f5f0159f97a4aGentoo Linux Security Advisory 201709-14 - Multiple vulnerabilities have been found in cURL, the worst of which may allow attackers to bypass intended restrictions. Versions less than 7.55.1 are affected.
40bb3d6b5ff32cb8c093b4d2ce2380042c6cc3679e8da56bb15ce35f4c67f98bRed Hat Security Advisory 2017-2674-01 - Red Hat Mobile Application Platform 4.5 is delivered as a set of Docker-formatted container images.
aa218b6f6c10015ca84e076a9a181086eca3ff4ebef126b5653ecfb133a0b658Red Hat Security Advisory 2017-2675-01 - Red Hat Mobile Application Platform 4.5 consists of three main components: Core - development and management of apps occurs in the RHMAP Core, which can be installed either in an on-premise installation of OpenShift Container Platform 3.x. MBaaS - Application data, runtimes, and integrations are deployed to the RHMAP MBaaS installed on OpenShift Container Platform 3.x. Build Farm - deployed separately from the Core and the MBaaS, the Build Farm is shared between all instances of RHMAP. Third-party Linux, Windows, and Apple server hosting providers are used to support building client app binaries for all platforms.
93a8a9deae1045cef27272ee7b978c5576edfd1a38095bd0288afbefef04fdebUbuntu Security Notice 3346-2 - USN-3346-1 fixed vulnerabilities in Bind. The fix for CVE-2017-3142 introduced a regression in the ability to receive an AXFR or IXFR in the case where TSIG is used and not every message is signed. This update fixes the problem. In addition, this update adds the new root zone key signing key. Various other issues were also addressed.
ba269e77b4f4595013c6acdfe974b0ae07d2337e57573df22af9751fa9d7abdaUbuntu Security Notice 3418-1 - It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that the GDK-PixBuf library did not properly handle certain tiff images. If an user or automated system were tricked into opening a specially crafted tiff file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
16c7497ece9fe2bdb87df8e130d44bcedf755e58c32adefe4413184ba9f22b5dUbuntu Security Notice 3419-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. It was discovered that a buffer overflow existed in the Broadcom FullMAC WLAN driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
66c58ebf7b67139201a7338f892ba43bd6f9bfe76cfd13b0465f942093cb8f2dUbuntu Security Notice 3419-2 - USN-3419-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.
ba170e3635c1a188e3560304497a4dd5e06177696a56cfeffd73bce86650ea03Ubuntu Security Notice 3420-2 - USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.
5c3d0047c4974f9a3ced05880d3b1ed8984bd8ae8daf9b43a22ce6e810c37c1aUbuntu Security Notice 3421-1 - It was discovered that Libidn2 incorrectly handled certain input. A remote attacker could possibly use this issue to cause Libidn2 to crash, resulting in a denial of service.
6ae7719d16a32671a0c9681af049b687e272cc35aaba6ec3ad7821b5df336045
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed