Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
527978ed4a1118975c628678ef407d626092edebb007c69f960a688a6649e7afDebian Linux Security Advisory 4232-1 - This update provides mitigations for the "lazy FPU" vulnerability affecting a range of Intel CPUs, which could result in leaking CPU register states belonging to another vCPU previously scheduled on the same CPU.
ecd7deca21d0686873a63c4503fef255e8192dbf5a7c7f582012727ce32d5451Red Hat Security Advisory 2018-1954-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include an access control issue.
4694bbb79e047c677cb14f89d98aa40b564882a3fdf2304df93962e0c63a1a02Red Hat Security Advisory 2018-1955-01 - GlusterFS is a key building block of Red Hat Gluster Storage. It is based on a stackable user-space design and can deliver exceptional performance for diverse workloads. GlusterFS aggregates various storage servers over network interconnections into one large, parallel network file system. Issues addressed include an access control issue.
8a91a5ccbd82515976a205855cf865c2508e8d7bd565b5a5f1b8d1629d3c8ad8Ubuntu Security Notice 3690-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides the microcode updates for AMD 17H family processors required for the corresponding Linux kernel updates.
dbbc8dce79a5282b27fd3fb78d0efddf1ef858502146cec75d8be9335af01447Malbait is a honeypot written in perl. It creates fake servers and supports both TCP and UDP protocols, either singly or in combination. It outputs in CSV format as well as giving more detailed text reports. You can serve fake Telnet, FTP, SMTP, POP3, HTTP, TR-69, IMAP, asciitime, systat and echo servers, as well as serving blank or random output.
b2a5e5f4099d997913c7d6ba4a2ddc6d239ed821741525eeaddd41a93f11d30eRed Hat Security Advisory 2018-1957-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.
c0ccd2c712ca6f64979bef634b0b2d12e09be3bcba785dab1cd5951dc3890edbRed Hat Security Advisory 2018-1932-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.
6e92fa4a1f8faa6cbbfe11a277ce8dde91c2e66563b8ac7239e71ab8260f24adRed Hat Security Advisory 2018-1927-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a bypass vulnerability.
9fee2fee4ce741ec158d6c6d377344294455aa99280340438629c30c41171488Red Hat Security Advisory 2018-1877-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. The ding-libs packages contain a set of libraries used by the System Security Services Daemon as well as other projects, and provide functions to manipulate file system path names, a hash table to manage storage and access time properties, a data type to collect data in a hierarchical structure, a dynamically growing, reference-counted array, and a library to process configuration files in initialization format into a library collection data structure . Issues addressed include an unsanitized input vulnerability.
c71225130bd3ab1c0a26635e211bffd670b8726cc8a92cc1f60dca7d398961cbRed Hat Security Advisory 2018-1883-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Issues addressed include a null pointer vulnerability.
8012e6113e8535d6b09d7c051bd545c0ae5179f584291b41b214ec31f2a9c08bRed Hat Security Advisory 2018-1860-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include a null pointer vulnerability.
5fc351b819842f938d109d630b3b72013ddd2bd28059603ad23e2ee5f5e32e30Red Hat Security Advisory 2018-1929-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a resource exhaustion vulnerability.
a22fcf91b1a25f0218b6cf05d957422e71b31f08cce0e0c611b3582aa4c39494Red Hat Security Advisory 2018-1933-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 67.0.3396.87. Issues addressed include an out of bounds write vulnerability.
3f5a45020603be5902094fecf7e0b13c9294fa97da5f02fa3df728e440f1353dThe handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for CVE-2018-0880 (MSRC case 42755) did not cover all similar cases which were reported at the same time in the issue.
7b7af078798b5964467bf7757383127c12dad481c4522e1f5ea6e8b1a37d710a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed