Ubuntu Security Notice 3748-1 - Sander Bos discovered that the MOTD update script incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled.
652c158b387cd94a9188d0bd2a14e2e230586331a5fbc9f8c22328fc5a21ebe7
Ubuntu Security Notice 3747-1 - It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service. Various other issues were also addressed.
badf7418cc4dc5265e0b3440db9897b99af4a4d4c674bccb74a68933b0658bf9
Ubuntu Security Notice 3742-3 - USN-3742-2 introduced mitigations in the Linux Hardware Enablement kernel for Ubuntu 12.04 ESM to address L1 Terminal Fault vulnerabilities. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems. Various other issues were also addressed.
117ca5698e3423dcf9d211649ddf4777ad1e2cebd10deb52b0430ebb6315d012
Red Hat Security Advisory 2018-2533-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. Issues addressed include information exposure.
1f7e4845757f04e28a84ac3158c0829e81aa5d889c3f9fdff4ed251ad3053e46
The UISGCON14 Call For Papers has been announced. It will take place on October 26th, 2018 in Kyiv, Ukraine.
aa71b35b26ca6e7f533e8c735aee70d4c477b89ce2ac4b2d5830269bd14513b3
RSA NetWitness Platform contains fixes for a server-side template injection security vulnerability that could potentially be exploited by malicious users to compromise the affected system. RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are affected.
ff1ff693b4f8fc020e3623a1d6a24348e440610f8a9ba3e09f843f55f38409fc
RSA Archer contains a fix for a SQL injection vulnerability, in the embedded WorkPoint component that could potentially be exploited by malicious users to compromise the affected system. Versions 6.1.x, 6.2.x, 6.3.x prior to 6.3.0.7 and 6.4.x prior to 6.4.0.1 are affected.
ae3ffb7abfbc6f82288de4682def59ad6670e98ee8143dea5359658b41bdd80d
Slackware Security Advisory - New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
36a85965b96febdf3082c01e78afec713103cc52a4b3218619d5a7245a571acd
Ubuntu Security Notice 3746-1 - It was discovered that APT incorrectly handled the mirror method. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages in environments configured to use mirror:// entries.
d41d0df2ce77d07fb0513acbd332f76d74c535e174182f67b54804faa7c95fca
This Microsoft bulletin summary holds CVE updates for CVE-2018-0952.
44a3e74e56d9b97b8363365f1629fdc18ec295d7c71109bc9a44657dd7c9c663
Easylogin Pro version 1.3.0 suffers from an a deserialization issue in Encryptor.php that permits a code execution vulnerability.
828314cfcecb74b2a92f103a5383aef52ae65421c914e8e9cd0f78fc25190c8a
WordPress Tagregator plugin version 0.6 suffers from a cross site scripting vulnerability.
5e000a620ab7aca978ca7ed084590f742dea21fb74b608549fc38b2f67d04227
Prime95 version 29.4b7 suffers from a denial of service vulnerability.
3dfea2b1fee142a6d30c0215b04276c420469b53b55eddeab64aab3398a1a24e
Subrion CMS version 4.2.1 suffers from persistent cross site scripting vulnerability.
d912854591989c7facdbd0903f4384a4cbecceb9be055b7b8846f4c904653d99
Countly suffers from a persistent cross site scripting vulnerability.
f9e01ec926253e8c0cd4a3c00a85951da5ed340e345faae558b6adaf9d38ca74