SECURITY

No Image

USN-3133-1: Oxide vulnerabilities

2016-12-02 KENNETH 0

USN-3133-1: Oxide vulnerabilities Ubuntu Security Notice USN-3133-1 1st December, 2016 oxide-qt vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Oxide. Software description oxide-qt – Web browser engine for Qt (QML plugin) Details Multiple security vulnerabilities were discovered in Chromium. If a userwere tricked in to opening a specially crafted website, an attacker couldpotentially exploit these to obtain sensitive information, cause a denialof service via application crash, or execute arbitrary code.(CVE-2016-5198, CVE-2016-5200, CVE-2016-5202) A heap-corruption issue was discovered in FFmpeg. If a user were trickedin to opening a specially crafted website, an attacker could potentiallyexploit this to cause a denial of service via application crash, orexecute arbitrary code. (CVE-2016-5199) Update instructions The problem can be corrected by updating your system to the [ more… ]

No Image

RHSA-2016:2843-1: Critical: firefox security update

2016-12-02 KENNETH 0

RHSA-2016:2843-1: Critical: firefox security update Red Hat Enterprise Linux: An update for firefox is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-9079 Source: RHSA-2016:2843-1: Critical: firefox security update

No Image

RHBA-2016:2841-1: Red Hat Certification bug fix and enhancement update

2016-12-01 KENNETH 0

RHBA-2016:2841-1: Red Hat Certification bug fix and enhancement update Red Hat Enterprise Linux: An updated redhat-certification packages that fixes several bugs and adds various enhancements is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Source: RHBA-2016:2841-1: Red Hat Certification bug fix and enhancement update

No Image

USN-3141-1: Thunderbird vulnerabilities

2016-12-01 KENNETH 0

USN-3141-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3141-1 30th November, 2016 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Thunderbird. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong,Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issuesin Thunderbird. If a user were tricked in to opening a specially craftedmessage, an attacker could potentially exploit these to cause a denial ofservice via application crash, or execute arbitrary code. (CVE-2016-5290) A same-origin policy bypass was discovered with local HTML files in somecircumstances. An attacker could potentially exploit this to obtainsensitive information. (CVE-2016-5291) A heap buffer-overflow was discovered in Cairo when processing SVGcontent. If a user were [ more… ]