RHBA-2016:0020-1: logwatch bug fix update
Red Hat Enterprise Linux: An updated logwatch package that fixes one bug is now available for Red Hat Enterprise Linux 6. Source: rhn-errata
Articles by KENNETH
RHSA-2016:0018-1: Important: openstack-nova security update
Red Hat Enterprise Linux: Updated openstack-nova packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0, 6.0, and 7.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. CVE-2015-7548 Source: rhn-errata
RHSA-2016:0017-1: Important: openstack-nova security advisory
Red Hat Enterprise Linux: Updated openstack-nova packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-7548, CVE-2015-7713 Source: rhn-errata
USN-2866-1: Firefox vulnerability
Ubuntu Security Notice USN-2866-1 8th January, 2016 firefox vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to expose sensitive information over the network. Software description firefox – Mozilla Open Source web browser Details Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectlyallowed MD5 to be used for TLS 1.2 connections. If a remote attacker wereable to perform a man-in-the-middle attack, this flaw could be exploited toview sensitive information. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: firefox 43.0.4+build3-0ubuntu0.15.10.1 Ubuntu 15.04: firefox 43.0.4+build3-0ubuntu0.15.04.1 Ubuntu 14.04 LTS: firefox 43.0.4+build3-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: firefox 43.0.4+build3-0ubuntu0.12.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart Firefox [ more… ]
USN-2865-1: GnuTLS vulnerability
Ubuntu Security Notice USN-2865-1 8th January, 2016 gnutls26, gnutls28 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary GnuTLS could be made to expose sensitive information over the network. Software description gnutls26 – GNU TLS library gnutls28 – GNU TLS library Details Karthikeyan Bhargavan and Gaetan Leurent discovered that GnuTLS incorrectlyallowed MD5 to be used for TLS 1.2 connections. If a remote attacker wereable to perform a man-in-the-middle attack, this flaw could be exploited toview sensitive information. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.04: libgnutls-openssl27 3.3.8-3ubuntu3.2 libgnutls-deb0-28 3.3.8-3ubuntu3.2 libgnutlsxx28 3.3.8-3ubuntu3.2 Ubuntu 14.04 LTS: libgnutlsxx27 2.12.23-12ubuntu2.4 libgnutls-openssl27 2.12.23-12ubuntu2.4 libgnutls26 2.12.23-12ubuntu2.4 Ubuntu 12.04 LTS: libgnutlsxx27 2.12.14-5ubuntu3.11 libgnutls-openssl27 2.12.14-5ubuntu3.11 libgnutls26 2.12.14-5ubuntu3.11 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]