SECURITY

No Image

RHSA-2017:2424-1: Critical: java-1.7.0-openjdk security update

2017-08-07 KENNETH 0

RHSA-2017:2424-1: Critical: java-1.7.0-openjdk security update Red Hat Enterprise Linux: An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10243 Source: RHSA-2017:2424-1: Critical: java-1.7.0-openjdk security update

No Image

RHSA-2017:2423-1: Important: log4j security update

2017-08-07 KENNETH 0

RHSA-2017:2423-1: Important: log4j security update Red Hat Enterprise Linux: An update for log4j is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-5645 Source: RHSA-2017:2423-1: Important: log4j security update

No Image

RHBA-2017:2422-1: ovirt-hosted-engine-setup bug fix update

2017-08-04 KENNETH 0

RHBA-2017:2422-1: ovirt-hosted-engine-setup bug fix update Red Hat Enterprise Linux: Updated ovirt-hosted-engine-setup packages that fix several bugs and add various enhancements are now available. Source: RHBA-2017:2422-1: ovirt-hosted-engine-setup bug fix update

No Image

USN-3378-2: Linux kernel (Xenial HWE) vulnerabilities

2017-08-04 KENNETH 0

USN-3378-2: Linux kernel (Xenial HWE) vulnerabilities Ubuntu Security Notice USN-3378-2 3rd August, 2017 linux-lts-xenial vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04LTS. This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify eventsand vfs rename operations in the Linux kernel. An unprivileged localattacker could use this to cause a denial of service (system crash) orexecute arbitrary code. (CVE-2017-7533) It was discovered that the Linux kernel did not properly restrictRLIMIT_STACK size. A local attacker could use this in conjunction withanother vulnerability [ more… ]

No Image

USN-3377-2: Linux kernel (HWE) vulnerabilities

2017-08-04 KENNETH 0

USN-3377-2: Linux kernel (HWE) vulnerabilities Ubuntu Security Notice USN-3377-2 3rd August, 2017 linux-hwe vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-hwe – Linux hardware enablement (HWE) kernel Details USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify eventsand vfs rename operations in the Linux kernel. An unprivileged localattacker could use this to cause a denial of service (system crash) orexecute arbitrary code. (CVE-2017-7533) It was discovered that the Linux kernel did not properly restrictRLIMIT_STACK size. A local attacker could use this in conjunction withanother vulnerability to possibly execute arbitrary code.(CVE-2017-1000365) 李强 [ more… ]