RHBA-2017:2939-2: augeas bug fix update
RHBA-2017:2939-2: augeas bug fix update Red Hat Enterprise Linux: Updated augeas packages that fix one bug are now available for Red Hat Enterprise Linux 7. Source: RHBA-2017:2939-2: augeas bug fix update
SECURITY
RHSA-2017:2788-2: Important: augeas security update
RHSA-2017:2788-2: Important: augeas security update Red Hat Enterprise Linux: An update for augeas is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-7555 Source: RHSA-2017:2788-2: Important: augeas security update
USN-3553-1: Ruby vulnerabilities
USN-3553-1: Ruby vulnerabilities Ubuntu Security Notice USN-3553-1 31st January, 2018 ruby2.3 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Summary Several security issues were fixed in Ruby. Software description ruby2.3 – Interpreter of object-oriented scripting language Ruby Details It was discovered that Ruby failed to validate specification names.An attacker could possibly use a maliciously crafted gem to potentiallyoverwrite any file on the filesystem. (CVE-2017-0901) It was discovered that Ruby was vulnerable to a DNS hijacking vulnerability.An attacker could use this to possibly force the RubyGems client to downloadand install gems from a server that the attacker controls. (CVE-2017-0902) It was discovered that Ruby incorrectly handled certain YAML files. An attacker coulduse this to possibly execute arbitrary code. (CVE-2017-0903) Update instructions The problem can be corrected by updating your system to the [ more… ]
RHEA-2018:0258-1: RH-SSO 7.2 adapters for Red Hat JBoss Enterprise Application Platform 6
RHEA-2018:0258-1: RH-SSO 7.2 adapters for Red Hat JBoss Enterprise Application Platform 6 Red Hat Enterprise Linux: Red Hat Single Sign-On 7.2 adapters are now available for Red Hat JBoss Enterprise Application Platform 6. Source: RHEA-2018:0258-1: RH-SSO 7.2 adapters for Red Hat JBoss Enterprise Application Platform 6
USN-3551-1: WebKitGTK+ vulnerabilities
USN-3551-1: WebKitGTK+ vulnerabilities Ubuntu Security Notice USN-3551-1 30th January, 2018 webkit2gtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software description webkit2gtk – Web content engine library for GTK+ Details Multiple security issues were discovered in the WebKitGTK+ Web andJavaScript engines. If a user were tricked in to opening a speciallycrafted website, an attacker could potentially exploit these to cause adenial of service, spoof the user interface, or execute arbitrary code.(CVE-2018-4088, CVE-2018-4096, CVE-2017-7153, CVE-2017-7160,CVE-2017-7161, CVE-2017-7165, CVE-2017-13884, CVE-2017-13885) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: libwebkit2gtk-4.0-37 2.18.6-0ubuntu0.17.10.1 libjavascriptcoregtk-4.0-18 2.18.6-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: libwebkit2gtk-4.0-37 2.18.6-0ubuntu0.16.04.1 libjavascriptcoregtk-4.0-18 2.18.6-0ubuntu0.16.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, which [ more… ]