March 2016 Security Update Release Summary Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Source: March 2016 Security Update Release Summary
RHBA-2016:0361-1: openstack-nova bug fix advisory Red Hat Enterprise Linux: Updated OpenStack Compute packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7. Source: RHBA-2016:0361-1: openstack-nova bug fix advisory
Indexing JSON documents via Virtual Columns In a previous post I took the new JSON datatype and functions for a test drive, using sample data provided by SF OpenData. Today I will extend that example to include indexing. Introducing Generated Columns MySQL 5.7 introduces a new feature called generated columns.… Source: Indexing JSON documents via Virtual Columns
USN-2922-1: Samba vulnerabilities Ubuntu Security Notice USN-2922-1 8th March, 2016 samba vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Samba. Software description samba – SMB/CIFS file, print, and login server for Unix Details Jeremy Allison discovered that Samba incorrectly handled ACLs on symlinkpaths. A remote attacker could use this issue to overwrite the ownership ofACLs using symlinks. (CVE-2015-7560) Garming Sam and Douglas Bagnall discovered that the Samba internal DNSserver incorrectly handled certain DNS TXT records. A remote attacker coulduse this issue to cause Samba to crash, resulting in a denial of service,or possibly obtain uninitialized memory contents. This issue only appliedto Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2016-0771) It was discovered that the Samba Web Administration Tool (SWAT) wasvulnerable to clickjacking [ more… ]
USN-2923-1: BeanShell vulnerability Ubuntu Security Notice USN-2923-1 8th March, 2016 bsh vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary BeanShell could be made to run programs if it processed specially crafted input. Software description bsh – Java scripting environment Details Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectlyhandled deserialization. A remote attacker could possibly use this issueto execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: libbsh-java 2.0b4-15ubuntu0.15.10.1 bsh 2.0b4-15ubuntu0.15.10.1 Ubuntu 14.04 LTS: libbsh-java 2.0b4-15ubuntu0.14.04.1 bsh 2.0b4-15ubuntu0.14.04.1 Ubuntu 12.04 LTS: bsh 2.0b4-12ubuntu0.1 bsh-gcj 2.0b4-12ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2016-2510 Source: USN-2923-1: BeanShell vulnerability
Copyright © 2024 | WordPress Theme by MH Themes
