No Image

USN-4609-1: GOsa vulnerabilities

2020-10-29 KENNETH 0

USN-4609-1: GOsa vulnerabilities Fabian Henneke discovered that GOsa incorrectly handled client cookies. An authenticated user could exploit this with a crafted cookie to perform file deletions in the context of the user account that runs the web server. (CVE-2019-14466) It was discovered that GOsa incorrectly handled user access control. A remote attacker could use this issue to log into any account with a username containing the word “success”. (CVE-2019-11187) Fabian Henneke discovered that GOsa was vulnerable to cross-site scripting attacks via the change password form. A remote attacker could use this flaw to run arbitrary web scripts. (CVE-2018-1000528) Source: USN-4609-1: GOsa vulnerabilities

No Image

Latest Sea of Thieves update available now for free: Fate of the Damned

2020-10-29 KENNETH 0

Latest Sea of Thieves update available now for free: Fate of the Damned The latest Sea of Thieves monthly update is available now and free for all players across Windows 10, Xbox One, Xbox Game Pass and Steam. In “Fate of the Damned,” skeletal Shadows of Fate are besieging the seas, and pirates must seek out fateful Flames to fight back against a threat that changes weekly. In a nod to the scariest season, a Skeleton Cat and Dog rattle into the Pirate Emporium, along with the spectral Soulflame Ship Set. If you prefer to travel by firelight, you can also acquire the free, irreverent Lantern Dance Emote that helps lighten even the gloomiest moments. Get all the details over at Xbox Wire. Source: Latest Sea of Thieves update available now for free: Fate of the Damned

No Image

USN-4552-3: Pam-python regression

2020-10-29 KENNETH 0

USN-4552-3: Pam-python regression USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update introduced a regression which prevented PAM modules written in Python from importing python modules from site-specific directories. We apologize for the inconvenience. Original advisory details: Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Source: USN-4552-3: Pam-python regression

No Image

Minecraft Marketplace celebrates Halloween

2020-10-28 KENNETH 0

Minecraft Marketplace celebrates Halloween Halloween Collections in both Character Creator and Minecraft Marketplace are now available. There will also be a free Character Creator item and a free Halloween skin pack, but make sure to snap them up now because it will cost more after Nov. 2. Get more details at Minecraft.net. Source: Minecraft Marketplace celebrates Halloween

No Image

USN-4608-1: ca-certificates update

2020-10-28 KENNETH 0

USN-4608-1: ca-certificates update The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.44 version of the Mozilla certificate authority bundle. Source: USN-4608-1: ca-certificates update