RHBA-2017:2279-2: sanlock bug fix update
RHBA-2017:2279-2: sanlock bug fix update Red Hat Enterprise Linux: An update for sanlock is now available for Red Hat Enterprise Linux 7. Source: RHBA-2017:2279-2: sanlock bug fix update
SECURITY
USN-3383-1: libsoup vulnerability
USN-3383-1: libsoup vulnerability Ubuntu Security Notice USN-3383-1 10th August, 2017 libsoup2.4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Applications using libsoup could be made to crash or run programs as your login if it received specially crafted network traffic. Software description libsoup2.4 – HTTP client/server library for GNOME Details Aleksandar Nikolic discovered a stack based buffer overflow whenhandling chunked encoding. An attacker could use this to cause adenial of service or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: libsoup2.4-1 2.56.0-2ubuntu0.1 gir1.2-soup-2.4 2.56.0-2ubuntu0.1 libsoup-gnome2.4-1 2.56.0-2ubuntu0.1 Ubuntu 16.04 LTS: libsoup2.4-1 2.52.2-1ubuntu0.2 gir1.2-soup-2.4 2.52.2-1ubuntu0.2 libsoup-gnome2.4-1 2.52.2-1ubuntu0.2 Ubuntu 14.04 LTS: libsoup2.4-1 2.44.2-1ubuntu2.2 gir1.2-soup-2.4 2.44.2-1ubuntu2.2 libsoup-gnome2.4-1 2.44.2-1ubuntu2.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]
USN-3382-1: PHP vulnerabilities
USN-3382-1: PHP vulnerabilities Ubuntu Security Notice USN-3382-1 10th August, 2017 php5, php7.0 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in PHP. Software description php5 – HTML-embedded scripting language interpreter php7.0 – HTML-embedded scripting language interpreter Details It was discovered that the PHP opcache created keys for files it cachedbased on their filepath. A local attacker could possibly use this issue ina shared hosting environment to obtain sensitive information. This issueonly affected Ubuntu 14.04 LTS. (CVE-2015-8994) It was discovered that the PHP URL parser incorrectly handled certain URIcomponents. A remote attacker could possibly use this issue to bypasshostname-specific URL checks. This issue only affected Ubuntu 14.04 LTS.(CVE-2016-10397) It was discovered that PHP incorrectly handled certain boolean parameterswhen unserializing data. A remote attacker [ more… ]
RHBA-2017:2464-1: redhat-virtualization-host bug fix, and enhancement update
RHBA-2017:2464-1: redhat-virtualization-host bug fix, and enhancement update Red Hat Enterprise Linux: Updated redhat-virtualization-host packages are now available. Source: RHBA-2017:2464-1: redhat-virtualization-host bug fix, and enhancement update
RHEA-2017:2462-1: RH-SSO 7.1.2 adapters for Red Hat JBoss Enterprise Application Platform 6
RHEA-2017:2462-1: RH-SSO 7.1.2 adapters for Red Hat JBoss Enterprise Application Platform 6 Red Hat Enterprise Linux: Red Hat Single Sign-On 7.1.2 adapters are now available for Red Hat JBoss Enterprise Application Platform 6. Source: RHEA-2017:2462-1: RH-SSO 7.1.2 adapters for Red Hat JBoss Enterprise Application Platform 6