Ubuntu Security Notice 4376-2 - USN-4376-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Cesar Pereida Garc
5ffe6bab9ab65abc32cc3f1b5a2aa54bUbuntu Security Notice 4419-1 - It was discovered that a race condition existed in the Precision Time Protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
1a43296b82c72fbb0f52cc4e8828d2f4Ubuntu Security Notice 4421-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that Thunderbird would continue an unencrypted connection when configured to use STARTTLS for IMAP if the server responded with PREAUTH. A remote attacker could potentially exploit this to perform a person-in-the-middle attack in order to obtain sensitive information. Various other issues were also addressed.
326f5ebac4547f863a712734770a0ae2Red Hat Security Advisory 2020-2870-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
2c5c3e857f06dbb08b024b25d3729fb2Red Hat Security Advisory 2020-2863-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
b877010e867a0a00e1a8510f7ef3dbd5Red Hat Security Advisory 2020-2861-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include cross site scripting, denial of service, and server-side request forgery vulnerabilities.
859b001fe65073c510ebeca168065f10Red Hat Security Advisory 2020-2864-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a resource exhaustion vulnerability.
ad911e1396ddd2552f4d336198ad2a50Applebot/0.1 does not fully obey robots.txt as it interprets allow entries for Googlebot as implied permission for Applebot.
8dc6a1d084972fcf46b8cdbdb06e25e0MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability.
844f9866fce4b802fb66ffa43ad52ca1Ubuntu Security Notice 4420-1 - David Hill and Eric Harney discovered that Cinder and os-brick incorrectly handled ScaleIO backend credentials. An attacker could possibly use this issue to expose sensitive information.
1b8490e9c87c982829ed1256b1e56a6eRed Hat Security Advisory 2020-2854-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service, memory leak, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
9aa7fb6ae4c123147a93204fd3d4c120Red Hat Security Advisory 2020-2842-01 - An update for microcode_ctl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Sampling issues were addressed.
b8cfe7f0ee227572843fa15e87286610Red Hat Security Advisory 2020-2840-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Issues addressed include a file read vulnerability.
fd6aa8df8eb465aed0ae45359df80d57Red Hat Security Advisory 2020-2846-01 - The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Issues addressed include a double free vulnerability.
c4a25392ec6d7fe118fd0fbf5a6adbf2Red Hat Security Advisory 2020-2839-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
92679d78f903b676d9a0c4fa7f9945eeRed Hat Security Advisory 2020-2838-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. Issues addressed include an out of bounds read vulnerability.
b154544d7762d5e2388844db181aa82fRed Hat Security Advisory 2020-2844-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
1f5140527fa9caf61ec56f5f481eb504Red Hat Security Advisory 2020-2833-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Issues addressed include a code execution vulnerability.
c15d51965d9e7559c550cff4212cfca5Red Hat Security Advisory 2020-2835-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include an underflow vulnerability.
7d3efa23b778cb571c090b3a2406b404Red Hat Security Advisory 2020-2851-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, memory leak, and use-after-free vulnerabilities.
ab6dfbe7b66c734e8df4c1ec41536f41Red Hat Security Advisory 2020-2852-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
869187548522431e252fda15b20a6aeaRed Hat Security Advisory 2020-2848-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
b66f57420dbbeafea3b18109597a10b3Red Hat Security Advisory 2020-2849-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
69238e75b367f14377b1a9a6eec08ad8Red Hat Security Advisory 2020-2847-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
38483358dd813546fe45ebae634ca967Red Hat Security Advisory 2020-2850-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
b31de2333ed43a3c4b28d8d01d41562a
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed