USN-3480-2: Apport regressions

USN-3480-1 fixed vulnerabilities in Apport. The fix for CVE-2017-14177 introduced a regression in the ability to handle crashes for users that configured their systems to use the Upstart init system in Ubuntu 16.04 LTS and Ubuntu 17.04. The fix for CVE-2017-14180 temporarily disabled crash...

Kernel security update: CVE-2017-15265; new kernel 2.6.32-042stab126.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 kernel 2.6.32-042stab126.1 based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.16.1.el6. The new kernel inherits several non-security bugfixes from the RHEL kernel as we have already fixed the security...

LXC: Remote security bypass

Background LinuX Containers userspace utilities Description Previous versions of lxc-attach ran a shell or the specified command without allocating a pseudo terminal making it vulnerable to input faking via a TIOCSTI ioctl call. Impact Remote attackers can escape the container and perform...

Kernel security update: CVE-2017-15274; new kernel 2.6.32-042stab125.5 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new Virtuozzo Containers for Linux 4.7 kernel 2.6.32-042stab125.5 based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.10.2.el6. The new kernel introduces security and stability fixes. Vulnerability id: CVE-2017-15274 A flaw was found in the implementation of...

CVE-2017-15219

The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting XSS affecting a vanity-urls Title field, a containers Description field, and a templates Description field...

CVE-2017-15219

The dotCMS 4.1.1 application is vulnerable to Stored Cross-Site Scripting XSS affecting a vanity-urls Title field, a containers Description field, and a templates Description field...

CVE-2017-15219

The CVE-2017-15219 entry concerns the dotCMS 4.1.1 application with a Stored Cross-Site Scripting (XSS) vulnerability. Affected fields include vanity-urls Title, containers Description, and templates Description, with exploitation arising from insufficient input filtering of user-submitted conten...

Important kernel security update: CVE-2017-1000253; new kernel 2.6.32-042stab125.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides the new kernel 2.6.32-042stab125.3 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0 based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.10.2.el6. The new kernel introduces a security fix. Vulnerability id: CVE-2017-1000253 A flaw was found in the way the...

Important kernel security update: CVE-2017-1000253; new kernel 2.6.18-028stab122.4 for Virtuozzo Containers for Linux 4.6

This update provides the new kernel 2.6.18-028stab122.4 for Virtuozzo Containers for Linux 4.6 based on the Red Hat Enterprise Linux 5 kernel 2.6.18-419.el5. The new kernel introduces a security fix. Vulnerability id: CVE-2017-1000253 A flaw was found in the way the Linux kernel loaded ELF...

Important kernel security update: CVE-2017-1000251 and other; new kernel 2.6.32-042stab125.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides the new kernel 2.6.32-042stab125.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0 based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.10.2.el6. This update inherits a security fix from the original RHEL kernel and provides internal security fixes...

Product update: Virtuozzo 7.0 Update 5 Hotfix 2 (7.0.5-642)

The Hotfix 2 for Virtuozzo 7.0 Update 5 provides stability and usability bug fixes. Vulnerability id: PSBM-70653 Unable to connect network adapter to a running VM. Vulnerability id: PSBM-70557 Ghost file limit was ignored when migrating containers. Vulnerability id: PSBM-70551 plooptrim could ent...

PT-2018-3455 · Linux Containers +3 · Lxc +3

Name of the Vulnerable Software and Affected Versions: LXC versions 2.0.9 and above LXC versions 3.0.0 and above, prior to 3.0.2 Description: The issue is related to the lxc-user-nic when deleting a network interface, which unconditionally opens a user-provided path. This can be used by an...

Important kernel security update: CVE-2017-7542 and other; new kernel 2.6.32-042stab124.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab124.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0 and is a rebase to the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.10.1.el6. It inherits fixes from the original RHEL kernel and provides internal security and stability fixes...

Extend Protection to VMWare Cloud on AWS with Trend Micro™ Deep Security™

On August 28th at VMworld 2017 in Las Vegas, VMware announced initial availability for their unique offering called 'VMware Cloud on AWS' allowing customers to run VMware workloads on the AWS cloud. This means customers can take advantage of agile cloud infrastructure all the while maintaining...

Onion Decoy Server

A platform to run private unannounced Honeypots as Tor Hidden Services aka Onion Decoys inside the Tor Network. The Onion Decoys are implemented with Docker containers as honeypots. The reason to choose Docker is that it is good at process and filesystem isolation, which ultimately gives the...

USN-3375-1 lxc vulnerability

It was discovered that LXC incorrectly handled the TIOCSTI ioctl. An attacker could possibly use this issue to escape LXC containers...

USN-3375-1: LXC vulnerability

It was discovered that LXC incorrectly handled the TIOCSTI ioctl. An attacker could possibly use this issue to escape LXC containers...

[SECURITY] Fedora 25 Update: runc-1.0.1-1.gitc5ec254.fc25

The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...

Conversations on Securing Microservices, API Gateways and Containers

Last month, I met James name changed while at AWS Summit in London. As I was managing Imperva's booth, he walked over to me with a query about what we do. A conversation ensued and James described his company for me. They were into financial-legal intermediation between underwriters, insurance...

Important kernel security update: updated fix for CVE-2017-1000364; new kernel 2.6.32-042stab123.9 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.9 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and introduces an update for a security fix. Vulnerability id: OVZ-6911 An updated fix for...