No Image

RHSA-2015:2657-1: Critical: firefox security update

2015-12-17 KENNETH 0

Red Hat Enterprise Linux: Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-7201, CVE-2015-7205, CVE-2015-7210, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214, CVE-2015-7222 Source: rhn-errata

No Image

USN-2838-1: cups-filters vulnerability

2015-12-17 KENNETH 0

Ubuntu Security Notice USN-2838-1 16th December, 2015 cups-filters vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Summary cups-filters could be made to run programs as the lp user if it processed a specially crafted print job. Software description cups-filters – OpenPrinting CUPS Filters Details Adam Chester discovered that the cups-filters foomatic-rip filterincorrectly stripped shell escape characters. A remote attacker couldpossibly use this issue to execute arbitrary code as the lp user. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: cups-filters 1.0.76-1ubuntu0.2 Ubuntu 15.04: cups-filters 1.0.67-0ubuntu2.6 Ubuntu 14.04 LTS: cups-filters 1.0.52-0ubuntu1.7 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2015-8560 Source: ubuntu-usn

No Image

USN-2838-2: foomatic-filters vulnerability

2015-12-17 KENNETH 0

Ubuntu Security Notice USN-2838-2 16th December, 2015 foomatic-filters vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary foomatic-filters could be made to run programs as the lp user if it processed a specially crafted print job. Software description foomatic-filters – OpenPrinting printer support – filters Details Adam Chester discovered that the foomatic-filters foomatic-rip filterincorrectly stripped shell escape characters. A remote attacker couldpossibly use this issue to execute arbitrary code as the lp user. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: foomatic-filters 4.0.16-0ubuntu0.4 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2015-8560 Source: ubuntu-usn

No Image

USN-2839-1: CUPS update

2015-12-17 KENNETH 0

Ubuntu Security Notice USN-2839-1 16th December, 2015 cups update A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary A security improvement has been made to CUPS. Software description cups – Common UNIX Printing System(tm) Details As a security improvement against the POODLE attack, this update disablesSSLv3 support in the CUPS web interface. For legacy environments where SSLv3 support is still required, it can bere-enabled by adding "SSLOptions AllowSSL3" to /etc/cups/cupsd.conf. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: cups 1.7.2-0ubuntu1.7 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References LP: 1505328 Source: ubuntu-usn

No Image

RHSA-2015:2658-1: Important: bind97 security update

2015-12-17 KENNETH 0

Red Hat Enterprise Linux: Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. CVE-2015-8000 Source: rhn-errata