SECURITY

No Image

RHSA-2016:0724-1: Important: qemu-kvm security update

2016-05-10 KENNETH 0

RHSA-2016:0724-1: Important: qemu-kvm security update Red Hat Enterprise Linux: An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-3710 Source: RHSA-2016:0724-1: Important: qemu-kvm security update

No Image

RHSA-2016:0723-1: Critical: java-1.6.0-openjdk security update

2016-05-09 KENNETH 0

RHSA-2016:0723-1: Critical: java-1.6.0-openjdk security update Red Hat Enterprise Linux: An update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427 Source: RHSA-2016:0723-1: Critical: java-1.6.0-openjdk security update

No Image

RHSA-2016:0722-1: Important: openssl security update

2016-05-09 KENNETH 0

RHSA-2016:0722-1: Important: openssl security update Red Hat Enterprise Linux: An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2842 Source: RHSA-2016:0722-1: Important: openssl security update

No Image

USN-2965-1: Linux kernel vulnerabilities

2016-05-07 KENNETH 0

USN-2965-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2965-1 6th May, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Jann Horn discovered that the extended Berkeley Packet Filter (eBPF)implementation in the Linux kernel did not properly reference count filedescriptors, leading to a use-after-free. A local unprivileged attackercould use this to gain administrative privileges. (CVE-2016-4557) Ralf Spenneberg discovered that the USB sound subsystem in the Linux kerneldid not properly validate USB device descriptors. An attacker with physicalaccess could use this to cause a denial of service (system crash).(CVE-2016-2184) Ralf Spenneberg discovered that the ATI Wonder Remote II USB driver in theLinux kernel did not properly validate USB device descriptors. An attackerwith physical access could use this to [ more… ]

No Image

USN-2965-4: Linux kernel (Qualcomm Snapdragon) vulnerability

2016-05-07 KENNETH 0

USN-2965-4: Linux kernel (Qualcomm Snapdragon) vulnerability Ubuntu Security Notice USN-2965-4 6th May, 2016 linux-snapdragon vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-snapdragon – Linux kernel for Snapdragon Processors Details Jann Horn discovered that the extended Berkeley Packet Filter (eBPF)implementation in the Linux kernel did not properly reference count filedescriptors, leading to a use-after-free. A local unprivileged attackercould use this to gain administrative privileges. Ralf Spenneberg discovered that the USB sound subsystem in the Linux kerneldid not properly validate USB device descriptors. An attacker with physicalaccess could use this to cause a denial of service (system crash).(CVE-2016-2184) Ralf Spenneberg discovered that the ATI Wonder Remote II USB driver in theLinux kernel did not properly validate USB device descriptors. An attackerwith physical access [ more… ]