No Image

RHSA-2015:2665-1: Important: chromium-browser security update

2015-12-18 KENNETH 0

Red Hat Enterprise Linux: Updated chromium-browser packages that fix two security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-6792 Source: rhn-errata

MySQL 5.8 Planning: C++11 and Native Partitioning

2015-12-17 KENNETH 0

In November we held our first MySQL 5.8 planning session in London. On behalf of the MySQL team, I would like to thank you for your feature requests and suggestions. We reviewed over 150 pieces of feedback in total, and are looking forward to prioritizing a number of suggestions: In MySQL 5.8, we are planning to make two important changes to modernize our code base.… Source: mysqlserverteam.com

No Image

USN-2840-1: Linux kernel vulnerabilities

2015-12-17 KENNETH 0

Ubuntu Security Notice USN-2840-1 17th December, 2015 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Dmitry Vyukov discovered that the Linux kernel's keyring handler attemptedto garbage collect incompletely instantiated keys. A local unprivilegedattacker could use this to cause a denial of service (system crash).(CVE-2015-7872) Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-3.2.0-96-generic 3.2.0-96.136 linux-image-3.2.0-96-powerpc-smp 3.2.0-96.136 linux-image-3.2.0-96-virtual 3.2.0-96.136 linux-image-3.2.0-96-highbank 3.2.0-96.136 linux-image-3.2.0-96-omap 3.2.0-96.136 linux-image-3.2.0-96-generic-pae [ more… ]

No Image

USN-2841-1: Linux kernel vulnerabilities

2015-12-17 KENNETH 0

Ubuntu Security Notice USN-2841-1 17th December, 2015 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) It was discovered that the driver for Digi Neo and ClassicBoard devices didnot properly initialize data structures. A local attacker could use this [ more… ]

No Image

USN-2841-2: Linux kernel (Trusty HWE) vulnerabilities

2015-12-17 KENNETH 0

Ubuntu Security Notice USN-2841-2 17th December, 2015 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty Details Jan Beulich discovered that the KVM svm hypervisor implementation in theLinux kernel did not properly catch Debug exceptions on AMD processors. Anattacker in a guest virtual machine could use this to cause a denial ofservice (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp implementation in the Linux kernel didnot ensure that certain slot numbers are valid. A local attacker with theprivilege to call ioctl() on /dev/ppp could cause a denial of service(system crash). (CVE-2015-7799) It was discovered that the driver for Digi Neo and ClassicBoard devices didnot properly initialize data structures. A local [ more… ]