Red Hat Security Advisory 2019-1301-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Update Services for SAP Solutions and Telecommunications Update Service for Red Hat Enterprise Linux 7.2 will retire as of November 30, 2019, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.2 E4S/TUS after November 30, 2019.
759b4037201532950516a35b8ca30f4471a3018e586e9b5a6350034e5afb51c2Ubuntu Security Notice 4001-2 - USN-4001-1 fixed a vulnerability in libseccomp. This update provides the corresponding update for Ubuntu 14.04 ESM. Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators. An attacker could use this to bypass intended access restrictions for argument-filtered system calls. Various other issues were also addressed.
3783ae85bece13ddc1bd387465ffc67476ccb3ef43cf43c7d11db72875308e08Microsoft Windows Remote Desktop BlueKeep denial of service exploit.
12f1ce90327e477e2b6666c24b8434b49b8d09e8fc972915cbc601e0c5244dffUbuntu Security Notice 4001-1 - Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators. An attacker could use this to bypass intended access restrictions for argument-filtered system calls.
23b5565883c626d654d99f5b47bd16b675b6316293fe57bab66ec2f2bf383ccfApple Security Advisory 2019-5-30-1 - AirPort Base Station Firmware Update 7.9.1 is now available and addresses denial of service and null pointer vulnerabilities.
ead3e64a1df5a23dbae0304aa37b171e1b4cd8638f201614e6039b89d97eb71cRed Hat Security Advisory 2019-1300-01 - The golang packages provide the Go programming language compiler. A CRLF injection vulnerability was addressed.
fcfb9b11e754de6acde5f5711738b28db0b8c980db8ae55a1bed6f1751c95b3dRed Hat Security Advisory 2019-1297-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.29 Service Pack 2 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.29, and includes bug fixes for CVEs which are linked to in the References section. It addresses denial of service and privilege escalation vulnerabilities.
1d3819c3a795696655f8712247c8df410655f69b1a073bb7b1b32d9271562472Ubuntu Security Notice 3999-1 - Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tavis Ormandy discovered that GnuTLS incorrectly handled memory when verifying certain X.509 certificates. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. Various other issues were also addressed.
b8834a0c4a4415f7835754310e5da31860dabee4b26c193e7e1297853870b1e3Ubuntu Security Notice 3998-1 - Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted.
a09e5bf9ba77f79e2d94d072ce94f1565e935907c3b4ee8590c752d4ac31390aRed Hat Security Advisory 2019-1294-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A rate limiting control is bind has been addressed.
00804d19c6027ea6b15b335ac6ef1890c2ac42d72398e97a5a536f4bdaf742abUbuntu Security Notice 3968-2 - USN-3968-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions. Various other issues were also addressed.
0093bfbeb408adc4537ce742a490ea2bd368c94a73c936eeb203d7ba7b8ad128Serv-U FTP Server version 15.1.6.25 suffers from a local privilege escalation vulnerability via authentication bypass.
9520e5100bd633aacd33186e92020821a17ae8024fc9d8d2d19c57caa1bceb16Ubuntu Security Notice 4000-1 - It was discovered that Corosync incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
ce5d4a0577521ada333b48609c10e67b091710bd990d956eb5d017d136689042Debian Linux Security Advisory 4453-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass.
3b1d45ee7bed0b1843338b8c5affa7db9159c74e5f49693308722e8631ba1213Red Hat Security Advisory 2019-1296-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering. It serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. It addresses denial of service and privilege escalation vulnerabilities.
5ed148ee5c1aa1a8483ec13ffbf8a1df403d3b3e5e5aa321f31d0c7e9dc09b53
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed