No Image

USN-2872-2: Linux kernel (Wily HWE) vulnerability

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2872-2 19th January, 2016 linux-lts-wily vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux-lts-wily – Linux hardware enablement kernel from Wily Details Yevgeny Pats discovered that the session keyring implementation in theLinux kernel did not properly reference count when joining an existingsession keyring. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code withadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: linux-image-4.2.0-25-powerpc64-emb 4.2.0-25.30~14.04.1 linux-image-4.2.0-25-powerpc-smp 4.2.0-25.30~14.04.1 linux-image-4.2.0-25-lowlatency 4.2.0-25.30~14.04.1 linux-image-4.2.0-25-powerpc-e500mc 4.2.0-25.30~14.04.1 linux-image-4.2.0-25-generic-lpae 4.2.0-25.30~14.04.1 linux-image-4.2.0-25-powerpc64-smp 4.2.0-25.30~14.04.1 linux-image-4.2.0-25-generic 4.2.0-25.30~14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot [ more… ]

No Image

USN-2872-3: Linux kernel (Raspberry Pi 2) vulnerability

2016-01-20 KENNETH 0

Ubuntu Security Notice USN-2872-3 19th January, 2016 linux-raspi2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary The system could be made to crash or run programs as an administrator. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Yevgeny Pats discovered that the session keyring implementation in theLinux kernel did not properly reference count when joining an existingsession keyring. A local attacker could use this to cause a denial ofservice (system crash) or possibly execute arbitrary code withadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: linux-image-4.2.0-1020-raspi2 4.2.0-1020.27 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to an unavoidable ABI change [ more… ]

No Image

An update on default_password_lifetime

2016-01-19 KENNETH 0

With MySQL 5.7, our goal is to be secure by default. This means that without having to change configuration settings or perform any additional steps, your fresh installation should be safe for production use. As part of this security initiative, MySQL 5.7 shipped with a new feature where user accounts will be disabled if the password has not been changed in a number of days.… Source: mysqlserverteam.com

No Image

RHSA-2016:0046-1: Important: kernel security update

2016-01-19 KENNETH 0

Red Hat Enterprise Linux: Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-5307, CVE-2015-8104 Source: rhn-errata

No Image

RHSA-2016:0045-1: Important: kernel security update

2016-01-19 KENNETH 0

Red Hat Enterprise Linux: Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-5364, CVE-2015-5366 Source: rhn-errata