RHBA-2016:0160-1: kernel bug fix update
Red Hat Enterprise Linux: Updated kernel packages that fix one bug are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Source: rhn-errata
SECURITY
RHSA-2016:0158-1: Moderate: python-django security update
Red Hat Enterprise Linux: Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-8213 Source: rhn-errata
RHSA-2016:0157-1: Moderate: python-django security update
Red Hat Enterprise Linux: Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-8213 Source: rhn-errata
USN-2892-1: nginx vulnerabilities
Ubuntu Security Notice USN-2892-1 9th February, 2016 nginx vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Summary Several security issues were fixed in nginx. Software description nginx – small, powerful, scalable web/proxy server Details It was discovered that nginx incorrectly handled certain DNS serverresponses when the resolver is enabled. A remote attacker could possiblyuse this issue to cause nginx to crash, resulting in a denial of service.(CVE-2016-0742) It was discovered that nginx incorrectly handled CNAME response processingwhen the resolver is enabled. A remote attacker could use this issue tocause nginx to crash, resulting in a denial of service, or possibly executearbitrary code. (CVE-2016-0746) It was discovered that nginx incorrectly handled CNAME resolution whenthe resolver is enabled. A remote attacker could possibly use this issue tocause nginx to consume resources, resulting in [ more… ]
February 2016 Security Update Release Summary
Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC Team Source: ms-msrc