SECURITY

No Image

USN-3075-1: Imlib2 vulnerabilities

2016-09-09 KENNETH 0

USN-3075-1: Imlib2 vulnerabilities Ubuntu Security Notice USN-3075-1 8th September, 2016 imlib2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Imlib2. Software description imlib2 – Image manipulation and rendering library Details Jakub Wilk discovered an out of bounds read in the GIF loaderimplementation in Imlib2. An attacker could use this to cause adenial of service (application crash) or possibly obtain sensitiveinformation. (CVE-2016-3994) Yuriy M. Kaminskiy discovered an off-by-one error when handlingcoordinates in Imlib2. An attacker could use this to cause a denial ofservice (application crash). (CVE-2016-3993) Yuriy M. Kaminskiy discovered that integer overflows existed in Imlib2when handling images with large dimensions. An attacker could usethis to cause a denial of service (memory exhaustion or applicationcrash). (CVE-2014-9771, CVE-2016-4024) Kevin Ryde discovered that [ more… ]

No Image

USN-3074-1: File Roller vulnerability

2016-09-09 KENNETH 0

USN-3074-1: File Roller vulnerability Ubuntu Security Notice USN-3074-1 8th September, 2016 file-roller vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary File Roller could be made to delete files. Software description file-roller – archive manager for GNOME Details It was discovered that File Roller incorrectly handled symlinks. If a user weretricked into extracting a specially-crafted archive, an attacker could deletefiles outside of the extraction directory. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: file-roller 3.16.5-0ubuntu1.2 Ubuntu 14.04 LTS: file-roller 3.10.2.1-0ubuntu4.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2016-7162, LP: 1171236 Source: USN-3074-1: File Roller vulnerability

No Image

RHBA-2016:1826-1: jboss-ec2-eap enhancement update for EAP 6.4.10

2016-09-08 KENNETH 0

RHBA-2016:1826-1: jboss-ec2-eap enhancement update for EAP 6.4.10 Red Hat Enterprise Linux: Updated jboss-ec2-eap packages that add an enhancement are now available for Red Hat JBoss Enterprise Application Platform 6.4.10 on Red Hat Enterprise Linux 6. Source: RHBA-2016:1826-1: jboss-ec2-eap enhancement update for EAP 6.4.10

No Image

RHEA-2016:1823-1: Red Hat JBoss Enterprise Application Platform 6.4.10 update on RHEL 5

2016-09-08 KENNETH 0

RHEA-2016:1823-1: Red Hat JBoss Enterprise Application Platform 6.4.10 update on RHEL 5 Red Hat Enterprise Linux: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. Source: RHEA-2016:1823-1: Red Hat JBoss Enterprise Application Platform 6.4.10 update on RHEL 5

No Image

RHEA-2016:1824-1: Red Hat JBoss Enterprise Application Platform 6.4.10 update on RHEL 6

2016-09-08 KENNETH 0

RHEA-2016:1824-1: Red Hat JBoss Enterprise Application Platform 6.4.10 update on RHEL 6 Red Hat Enterprise Linux: Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Source: RHEA-2016:1824-1: Red Hat JBoss Enterprise Application Platform 6.4.10 update on RHEL 6