February 19, 2019—KB4487029 (OS Build 17134.619)

February 19, 2019—KB4487029 OS Build 17134.619 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Enables media content to play e-learning content with plug and play USB adapter cables on...

February 19, 2019—KB4487021 (OS Build 16299.1004)

February 19, 2019—KB4487021 OS Build 16299.1004 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Updates time zone information for Chile. Improves performance related to case-insensitive...

Security Updates for Microsoft Office Viewers And Compatibility Products (February 2019)

The Microsoft Office Viewers and Compatibility Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Microsoft Office does not validate URLs. An attacker could send a victim a specially crafted file,...

SUSE-SU-2019:0341-1 Security update for SUSE Manager Server 3.2

This update fixes the following issues: branch-network-formula: - Netconfig update requires bind directory to exists for bind forward, ensure it bsc1116365 - Rework network update in branch-network formula bsc1116365 py26-compat-salt: - Remove arch from name when pkg.listpkgs is called with 'attr...

[SECURITY] Fedora 29 Update: xerces-c27-2.7.0-28.fc29

Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and wri te XML data. A shared library is provided for parsing, generating, manipulatin g, and validating XML documents. Xerces-C is faithful to the XML 1.0...

Microsoft Office Security Feature Bypass Vulnerabilities (KB4092465)

This host is missing an important security update according to Microsoft KB4092465 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Microsoft Office Compatibility Pack Service Pack 3 Security Feature Bypass Vulnerability (KB4461607)

This host is missing an important security update according to Microsoft KB4461607 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Description of the security update for Microsoft Office Viewers and Office Compatibility Pack: February 12, 2019

Description of the security update for Microsoft Office Viewers and Office Compatibility Pack: February 12, 2019 Summary This security update resolves a security feature bypass vulnerability that exists when Microsoft Office does not validate URLs. To learn more about the vulnerability, see...

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: February 12, 2019

Description of the security update for Microsoft Office Compatibility Pack Service Pack 3: February 12, 2019 Summary This security update resolves an information disclosure vulnerability that exists when Microsoft Excel incorrectly discloses the contents of its memory. To learn more about the...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware. Vulnerability Details Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM Fl...

Security Bulletin: Vulnerability in sblim-sfcb affects IBM System Networking Products (CVE-2015-5185)

Summary IBM System Networking products have addressed the following vulnerability in sblim-sfcvb. Vulnerability Details Summary IBM System Networking products have addressed the following vulnerability in sblim-sfcb. Vulnerability Details CVE-ID: CVE-2015-5185 Description: SBLIM-SFCB is vulnerabl...

Security Bulletin: Vulnerability libxml2 affects IBM System Networking RackSwitch products (CVE-2015-8710)

Summary IBM System Networking RackSwitch products have addressed the following vulnerability in libxml2. Vulnerability Details Summary IBM System Networking RackSwitch products have addressed the following vulnerability in libxml2. Vulnerability Details CVE-ID: CVE-2015-8710 Description: Libxml2 ...

Security Bulletin: Vulnerability in RC4 stream cipher affects MegaRAID Storage Manager (CVE-2015-2808)

Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the vulnerability. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects MegaRAID Storage Manager. MegaRAID Storage Manager has addressed the...

Security Bulletin: Vulnerabilities in OpenSSL affect Upward Integration Modules (UIM) (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Upward Integration Modules UIM. Upward Integration Modules UIM has addressed the applicableCVEs and included the SSL 3.0 Fallback...

Security Bulletin: Vulnerability in SSLv3 affects Integrated Management Module 2 (IMM2) (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Integrated Management Module 2 IMM2. Vulnerability Details Summary SSLv3 contains a vulnerability that has been referred to as the Padding Orac...

Security Bulletin: Vulnerability in SSLv3 affects affects IBM Global Console Manager (GCM) and Local Console Manager (LCM) Switches (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Global Console Manager GCM and Local Console Manager LCM Switches. Vulnerability Details Summary SSLv3 contains a vulnerability that has be...

Security Bulletin: Vulnerability in RC4 stream cipher affects Integrated Management Module 2 (IMM2) (CVE-2015-2808)

Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects Integrated Management Module 2 IMM2. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects Integrated Management Module 2 IMM2. Vulnerability Details CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM ToolsCenter (CVE-2015-2808)

Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM ToolsCenter. Vulnerability Details Summary The RC4 "Bar Mitzvah" Attack for SSL/TLS affects IBM ToolsCenter. Vulnerability Details: CVE-ID: CVE-2015-2808 Description: The RC4 algorithm, as used in the TLS protocol and SSL protocol, coul...

MGASA-2019-0053 Updated php-tcpdf packages fix security vulnerabilities

Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data. - Merge various fixes for PHP 7.3 compatibility and security...

Updated php-tcpdf packages fix security vulnerabilities

- Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data. - Merge various fixes for PHP 7.3 compatibility and security...