SECURITY

No Image

RHSA-2018:3644-1: Critical: flash-plugin security update

2018-11-21 KENNETH 0

RHSA-2018:3644-1: Critical: flash-plugin security update Red Hat Enterprise Linux: An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2018-15981 Source: RHSA-2018:3644-1: Critical: flash-plugin security update

No Image

USN-3816-2: systemd vulnerability

2018-11-20 KENNETH 0

USN-3816-2: systemd vulnerability systemd vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary systemd-tmpfiles could be made to change ownership of arbitrary files. Software Description systemd – system and service manager Details USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686) Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu [ more… ]