RHBA-2016:1620-1: openstack-nova bug fix advisory Red Hat Enterprise Linux: Updated OpenStack Compute packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7. Source: RHBA-2016:1620-1: openstack-nova bug fix advisory
USN-3062-1: OpenJDK 7 vulnerabilities Ubuntu Security Notice USN-3062-1 16th August, 2016 openjdk-7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in OpenJDK 7. Software description openjdk-7 – Open Source Java implementation Details Multiple vulnerabilities were discovered in the OpenJDK JRE related toinformation disclosure, data integrity, and availability. An attackercould exploit these to cause a denial of service, expose sensitive dataover the network, or possibly execute arbitrary code. (CVE-2016-3598,CVE-2016-3606, CVE-2016-3610) A vulnerability was discovered in the OpenJDK JRE related to dataintegrity. An attacker could exploit this to expose sensitive dataover the network or possibly execute arbitrary code. (CVE-2016-3458) Multiple vulnerabilities were discovered in the OpenJDK JRE relatedto availability. An attacker could exploit these to cause a denialof service. (CVE-2016-3500, CVE-2016-3508) A vulnerability was discovered in the OpenJDK JRE [ more… ]
RHSA-2016:1617-1: Important: kernel security update Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Source: RHSA-2016:1617-1: Important: kernel security update
USN-3061-1: OpenSSH vulnerabilities Ubuntu Security Notice USN-3061-1 15th August, 2016 openssh vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in OpenSSH. Software description openssh – secure shell (SSH) for secure access to remote machines Details Eddie Harari discovered that OpenSSH incorrectly handled password hashingwhen authenticating non-existing users. A remote attacker could perform atiming attack and enumerate valid users. (CVE-2016-6210) Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH didnot limit password lengths. A remote attacker could use this issue to causeOpenSSH to consume resources, leading to a denial of service.(CVE-2016-6515) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: openssh-server 1:7.2p2-4ubuntu2.1 Ubuntu 14.04 LTS: openssh-server 1:6.6p1-2ubuntu2.8 Ubuntu 12.04 LTS: openssh-server [ more… ]
USN-3047-2: QEMU regression Ubuntu Security Notice USN-3047-2 12th August, 2016 qemu, qemu-kvm regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-3047-1 introduced a regression in QEMU. Software description qemu – Machine emulator and virtualizer qemu-kvm – Machine emulator and virtualizer Details USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403caused a regression which resulted in save/restore failures when virtiomemory balloon statistics are enabled. This update temporarily reverts thesecurity fix for CVE-2016-5403 pending further investigation. We apologizefor the inconvenience. Original advisory details: Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default [ more… ]
Copyright © 2026 | WordPress Theme by MH Themes
