|
Linux Security Update Overview (March 27, 2019) |
|
Wednesday, 27 March 2019 12:00 |
|
The following Linux distributions have released security updates to fix vulnerabilities:
Gentoo: Security updates for OpenSSH.
Ubuntu: Security updates for PHP, XMLTooling, Firefox, libsolv, snapd, p7zip, Ghostscript, and NTFS-3G.
Debian: Security updates for firefox-esr, wireshark, passenger, libapache2-mod-auth-mellon, ntfs-3g, drupal7, and openjdk-8.
Arch Linux: Security updates for firefox, powerdns, and libssh2.
Red Hat: Security updates for kernel-rt, java-1.8.0-ibm, openwsman, and ghostscript.
OpenSUSE: Security updates for kauth, aubio, and blueman. |
|
|
Mozilla Foundation Security Advisory |
|
Monday, 25 March 2019 12:00 |
|
Mozilla has released security updates for Firefox(mfsa2019-09) and Firefox ESR(mfsa2019-10). These updates resolve multiple critical vulnerabilities that could lead to arbitrary code execution and information leakage. It is advised to update. |
|
Wednesday, 20 March 2019 12:00 |
|
Libssh2 has released security updates to patch nine(9) security vulnerabilities. These vulnerabilities lead to memory corruption issues which could result in arbitary code execution on a client system in certain circumstances. Libssh2 prior to version 1.8.1 are all affected . It is advised to update. |
|
|
PuTTY Releases Version 0.71 |
|
Wednesday, 20 March 2019 12:00 |
|
PuTTY has released version 0.71 to fix multiple vulnerabilities and add other security enhancement. Users are advised to install PuTTY 0.71. |
|
PowerDNS Insufficient Validation in the HTTP Remote Backend |
|
Wednesday, 20 March 2019 12:00 |
|
An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS query. This can be used to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers. PowerDNS Authoritative up to and including 4.1.6 is affected. It is advised to upgrade to version 4.1.7 or 4.0.7. |
|
|
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
|
|
Page 6 of 376 |
Early Warning System 