Skip to content

Home
Advisory


Linux Security Update Overview (April 24, 2019)
Wednesday, 24 April 2019 12:00

The following Linux distributions have released security updates to fix vulnerabilities:
Debian: Security updates for drupal7 and ruby2.3.
Gentoo: Security updates for GLib, OpenDKIM, SQLite, Apache, Dovecot, libseccomp, and Patch.
Ubuntu: Security updates for AdvanceCOMP, PHP, Pacemaker, Dovecot, ZNC, and NTFS-3G.
Arch Linux: Security updates for dovecot.
Redhat: Security updates for kernel-rt, polkit, kernel-alt, ovmf, python27, java-1.7.0-openjdk, and java-11-openjdk.
OpenSUSE: Security updates for blueman, glibc, php5, apache2, libqt5-qtvirtualkeyboard, audiofile, and SDL2.

 
Oracle Critical Patch Update (April 2019)
Monday, 22 April 2019 12:00

Oracle has released Critical Patch Update to address vulnerabilities of multiple oracle products. This update contains 297 new security fixes, users are advised to update.

 
Drupal Patched Several Vulnerabilities in Third-Party Libraries
Monday, 22 April 2019 09:00

Drupal has release security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow a remote attacker to perform cross-site scripting, remote code execution, and authentication bypass attacks. It is advised to update to Drupal 8.6.15, 8.5.15, or 7.66.

 
Linux Security Update Overview (April 17, 2019)
Wednesday, 17 April 2019 10:00

The following Linux distributions have released security updates to fix vulnerabilities:
Debian: Security updates for ghostscript, libssh2, wpa, and spip.
Gentoo: Security updates for phpMyAdmin, libTIFF, GnuTLS, Git, ClamAV, and Portage.
Ubuntu: Security updates for Firefox, OpenJDK 11, WebKitGTK+, Libxslt, rssh, Ruby, wpa_supplicant, and Apache.
Arch Linux: Security updates for flashplugin, jenkins, beep, and ghostscript.
Redhat: Security updates for rh-python36-python, httpd24-httpd, httpd24-mod_auth_mellon, and Istio-Proxy.
OpenSUSE: Security updates for nodejs10, dovecot23, apache2, clamav, SDL, openwsman, and gnuplot.

 
Apache Tomcat Patches Remote Code Execution Vulnerability
Tuesday, 16 April 2019 09:00

A remote code execution vulnerability was discovered in Apache Tomcat. When running on Windows with enableCmdLineArguments enabled, the CGI Servlet is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows (The CGI Servlet is disabled by default and its option enableCmdLineArguments is disabled by default in Tomcat 9.0.x.). It is advised to set the CGI Servlet initialisation parameter enableCmdLineArguments to false to upgrade Apache Tomcat to the unaffected version.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 374
[YOUR IP: 3.84.182.112: 35432] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...