Slackware Security Advisory - New mariadb packages are available for Slackware 14.1 and 14.2 to fix security issues.
8494b6e5870b54c828b503fd02261fe5Debian Linux Security Advisory 4380-1 - A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery.
3c7a4b267f664a8b381e91fadc76ff2fDebian Linux Security Advisory 4379-1 - A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery.
042e23f8429e38a3191437a80484ed10Ubuntu Security Notice 3871-2 - USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the meta_bg option enabled. This update fixes the problems. Various other issues were also addressed.
d3ca658be731003b0ef82d34ce144c18Ubuntu Security Notice 3877-1 - It was discovered that LibVNCServer incorrectly handled certain operations. A remote attacker able to connect to applications using LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code.
6fb253f483153258a7a8b318e95d47c4Red Hat Security Advisory 2019-0237-01 - The etcd packages provide a highly available key-value store for shared configuration. Issues addressed include an improper authentication vulnerability.
06f169e3cf56de5b84066d007de7c6bfRed Hat Security Advisory 2019-0230-01 - The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Issues addressed include an auth hijacking vulnerability.
0cb68189c1051c375c2b461d61874125Red Hat Security Advisory 2019-0229-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Issues addressed include bypass and use-after-free vulnerabilities.
6e1e7d88f9cb72b2d5f893781e6d62deRed Hat Security Advisory 2019-0231-01 - The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Issues addressed include an off-by-one error.
bf49aa0d7011fd44e6ae90c9e3a3ed8bRed Hat Security Advisory 2019-0232-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include an off-by-one error.
6bd2c72e10e34603f44739b69e3975a7Ubuntu Security Notice 3876-2 - USN-3876-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 12.04 ESM. Chad Seaman discovered that Avahi incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
bffe343a307881c081e730473287bac3Ubuntu Security Notice 3876-1 - Chad Seaman discovered that Avahi incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service.
3053032456fd1f606835ab8e8dfcadd4Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.
8236617ae0607e51011029f4f742813eUbuntu Security Notice 3875-1 - It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions.
e6366345906d6bbd49cbdad568a23604Ubuntu Security Notice 3874-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, gain additional privileges by escaping the sandbox, or execute arbitrary code. It was discovered that Firefox allowed PAC files to specify that requests to localhost are sent through the proxy to another server. If proxy auto-detection is enabled, an attacker could potentially exploit this to conduct attacks on local services and tools. Various other issues were also addressed.
0610de62126292ee797c34a48f213f8aDebian Linux Security Advisory 4378-1 - Fariskhi Vidyan discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code.
eaa1c640aaefdbb4400c736c327d0918Ubuntu Security Notice 3873-1 - It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
c64884c083b0675f3c16512fc6f79f70Slackware Security Advisory - New mozilla-firefox packages are available for 14.2 and -current to fix security issues.
2027021e96a537c0ec3eb50615699f0eDebian Linux Security Advisory 4375-1 - Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code.
8b8adcd24817c0030b39a7417c0c0149Red Hat Security Advisory 2019-0162-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a buffer overflow vulnerability.
0c6ae65ae510d261f454609c0030d2fcDebian Linux Security Advisory 4376-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.
4f6aa00ae290ef84a9bacd66a05ee470Debian Linux Security Advisory 4377-1 - The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the scp support could result in the bypass of this restriction, allowing the execution of arbitrary shell commands.
0f3abdb1f9aef1a11fc5a00e69af7d17Red Hat Security Advisory 2019-0218-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.0 ESR. Issues addressed include a use-after-free vulnerability.
472c1e9e4e6475993b99796d2537e4bbRed Hat Security Advisory 2019-0219-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.5.0 ESR. Issues addressed include a use-after-free vulnerability.
119e1b6a27103d046f02037acf1a4063Red Hat Security Advisory 2019-0194-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a crash related vulnerability.
23a935d3cc45e9eb550e93f162aede7a
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed