Red Hat Security Advisory 2020-3328-01 - Red Hat Ansible Tower 3.7.2-1 has addressed for security issues.
c76325c2e63da8a1c9811a78d857c45bRed Hat Security Advisory 2020-3329-01 - Red Hat Ansible Tower has had multiple bug fixes addressed including a security issue.
5ee1b522da731c4cf027a1986155c0baUbuntu Security Notice 4441-2 - USN-4441-1 fixed vulnerabilities in MySQL. The new upstream version changed compiler options and caused a regression in certain scenarios. This update fixes the problem. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
be47d3c959e593a5765b5e138182c543Red Hat Security Advisory 2020-3184-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
cfdbbaa4cd0effc577cc6fc15c6a88e5Red Hat Security Advisory 2020-3183-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
ea93c7dcf22654ca5bec2fda08d109cbUbuntu Security Notice 4432-2 - USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems , preventing them from successfully booting. This update addresses the issue. Users with BIOS systems that installed GRUB2 versions from USN-4432-1 should verify that their GRUB2 installation has a correct understanding of their boot device location and installed the boot loader correctly. Various other issues were also addressed.
1a353a8cdb06e7e9c9325c3947e45ffdUbuntu Security Notice 4452-1 - Trent Shea discovered that the libvirt package set incorrect permissions on the UNIX domain socket. A local attacker could use this issue to access libvirt and escalate privileges.
26191b7d77a8f9fcfdc7f39ef50e7b2dUbuntu Security Notice 4450-1 - Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
8a56b151952311fb68e4412ae9c9a5b1Ubuntu Security Notice 4451-1 - Thomas Chauchefoin discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code.
dba7822ad99b626b4da28d4558490343Ubuntu Security Notice 4448-1 - It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a reverse proxy, a remote attacker could possibly use this issue to perform HTTP Request Smuggling. Various other issues were also addressed.
f490bd6674a82d8af4d84ba15996c17fUbuntu Security Notice 4449-1 - Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. Ryota Shiga discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. Various other issues were also addressed.
ccdc98754ed6d235718171b799686bcaUbuntu Security Notice 4447-1 - It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.
cec1d8fcd7514e57e050ad3fee686a21Red Hat Security Advisory 2020-3247-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. Issues addressed include code execution and cross site scripting vulnerabilities.
09627a046f1dd8dcfac3c537c3f54e08Red Hat Security Advisory 2020-3308-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
64720b7761a12fb3a4767798c78ae258Red Hat Security Advisory 2020-3306-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3.2 serves as a replacement for Red Hat JBoss Web Server 5.3.1, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a denial of service vulnerability.
caecac300e64d3b48adb292d24855b6fRed Hat Security Advisory 2020-3305-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
6e1799e37ce5f20ef4e6ad6d064b44c3Red Hat Security Advisory 2020-3303-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 10 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
c3f05082eb8212198cca368d8f048dc0Red Hat Security Advisory 2020-3302-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.
bec548ef5732141a71773f0121b6cc60Red Hat Security Advisory 2020-3298-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Issues addressed include a denial of service vulnerability.
1f9903312f31065b4efe8a3d1621d7e8Red Hat Security Advisory 2020-3299-01 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include an out of bounds read vulnerability.
562b0750f9213b43a805d057ccbccc7eRed Hat Security Advisory 2020-3297-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
dea081405f874171c184d5a14d17c67aUbuntu Security Notice 4298-2 - USN-4298-1 fixed several vulnerabilities in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
d1de1d9403a24bcb05ee45c057fd3d41c-ares version 1.16.0 has an issue where ares_destroy() with pending ares_getaddrinfo() leads to a use-after-free condition.
1464ba2a11ec60f5b9714b8e26693d59Red Hat Security Advisory 2020-3285-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Issues addressed include an XML injection vulnerability.
550631a89619a3354b4451bfeb5c5f6bRed Hat Security Advisory 2020-3284-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Issues addressed include an XML injection vulnerability.
a867b14eb0a783c4e9e0cedd2b410216
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed