SECURITY

No Image

RHBA-2019:0370-1: openldap bug fix update

2019-02-20 KENNETH 0

RHBA-2019:0370-1: openldap bug fix update Red Hat Enterprise Linux: Updated openldap packages that fix one bug are now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Source: RHBA-2019:0370-1: openldap bug fix update

No Image

RHSA-2019:0368-1: Important: systemd security update

2019-02-19 KENNETH 0

RHSA-2019:0368-1: Important: systemd security update Red Hat Enterprise Linux: An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2019-6454 Source: RHSA-2019:0368-1: Important: systemd security update

No Image

USN-3850-2: NSS vulnerabilities

2019-02-19 KENNETH 0

USN-3850-2: NSS vulnerabilities nss vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary Several security issues were fixed in NSS. Software Description nss – Network Security Service library Details USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. (CVE-2018-0495) It was discovered that NSS incorrectly handled certain v2-compatible ClientHello messages. A remote attacker could possibly use this issue to perform a replay attack. (CVE-2018-12384) It was discovered that NSS incorrectly handled certain padding oracles. A remote attacker could possibly use this issue to perform a variant of the Bleichenbacher attack. (CVE-2018-12404) Update instructions The problem [ more… ]