RHBA-2017:3157-1: Red Hat OpenStack Platform 9 director images Bug Fix Advisory Red Hat Enterprise Linux: Updated deployment images are now available for Red Hat OpenStack Platform 9.0 director for RHEL 7. Source: RHBA-2017:3157-1: Red Hat OpenStack Platform 9 director images Bug Fix Advisory
RHBA-2017:3152-1: openstack-neutron bug fix advisory Red Hat Enterprise Linux: Updated OpenStack Networking packages that resolve various issues are now available for Red Hat OpenStack Platform 9.0 (Mitaka) for RHEL 7. Source: RHBA-2017:3152-1: openstack-neutron bug fix advisory
4053440 – Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields – Version: 1.0 Revision Note: V1.0 (November 8, 2017): Advisory published.Summary: Microsoft is releasing this security advisory to provide information regarding security settings for Microsoft Office applications. This advisory provides guidance on what users can do to ensure that these applications are properly secured when processing Dynamic Data Exchange (DDE) fields. Source: 4053440 – Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields – Version: 1.0
USN-3346-3: Bind vulnerabilities Ubuntu Security Notice USN-3346-3 8th November, 2017 bind9 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Bind could be made to serve incorrect information or expose sensitive information over the network. Software description bind9 – Internet Domain Name Server Details USN-3346-1 and USN-3346-2 fixed two vulnerabilities in Bind and a regression,respectively. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Clément Berthaux discovered that Bind did not correctly check TSIG authentication for zone update requests. An attacker could use this to improperly perform zone updates. (CVE-2017-3143) Clément Berthaux discovered that Bind did not correctly check TSIG authentication for zone transfer requests. An attacker could use this to improperly transfer entire zones. (CVE-2017-3142) In addition, this update adds the new root zone key signing key (KSK). [ more… ]
USN-3473-1: OpenJDK 8 vulnerabilities Ubuntu Security Notice USN-3473-1 8th November, 2017 openjdk-8 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Summary Several security issues were fixed in OpenJDK 8. Software description openjdk-8 – Open Source Java implementation Details It was discovered that the Smart Card IO subsystem in OpenJDK did notproperly maintain state. An attacker could use this to specially constructan untrusted Java application or applet to gain access to a smart card,bypassing sandbox restrictions. (CVE-2017-10274) Gaston Traberg discovered that the Serialization component of OpenJDK didnot properly limit the amount of memory allocated when performingdeserializations. An attacker could use this to cause a denial of service(memory exhaustion). (CVE-2017-10281) It was discovered that the Remote Method Invocation (RMI) component inOpenJDK did not properly handle unreferenced objects. An attacker could usethis [ more… ]
Copyright © 2026 | WordPress Theme by MH Themes
