SUSE-SU-2020:3918-1 Security update for clamav

This update for clamav fixes the following issues: clamav was updated to 0.103.0 to implement jscECO-3010 and bsc1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. -...

F5 BIG-IP ASM Denial of Service Vulnerability (CNVD-2020-74866)

F5 BIG-IP ASM is a Web Application Firewall WAF from F5 USA that provides secure remote access, protects email, and simplifies Web access control while enhancing network and application performance. A denial of service vulnerability exists in F5 BIG-IP ASM, which can be exploited by an attacker t...

OPENSUSE-SU-2020:2268-1 Security update for clamav

This update for clamav fixes the following issues: clamav was updated to the new major release 0.103.0. jscECO-3010,bsc1118459 Note that libclamav was changed incompatible, if you have a 3rd party application that uses libclamav, it needs to be rebuilt. Update to 0.103.0 clamd can now reload the...

F5 BIG-IP ASM 资源管理错误漏洞

F5 BIG-IP ASM is a Web Application Firewall WAF from F5 USA that provides secure remote access, protects email, and simplifies Web access control while enhancing network and application performance. A denial of service vulnerability exists in F5 BIG-IP ASM, which can be exploited by an attacker t...

SUSE-SU-2020:3729-1 Security update for clamav

This update for clamav fixes the following issues: clamav was updated to 0.103.0 to implement jscECO-3010 and bsc1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. -...

SUSE SLES12 Security Update : clamav (SUSE-SU-2020:3729-1)

This update for clamav fixes the following issues : clamav was updated to 0.103.0 to implement jscECO-3010 and bsc1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. -...

SUSE SLES12 Security Update : libvirt (SUSE-SU-2020:3039-1)

This update for libvirt fixes the following issues : CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. qemu: Adjust max memlock on mdev hotplug bsc1177480. Xen: Don't add dom0 twice...

Cisco IOS Software PROFINET Link Layer Discovery Protocol DoS (cisco-sa-ios-profinet-dos-65qYG3W5)

According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in the PROFINET handler for Link Layer Discovery Protocol LLDP messages. An unauthenticated, adjacent attacker can exploit thisby sending ...

openGauss: Enabling the Database Auditing

After a security event occurs, audit logs are used to trace the event, locate faults, and clarify responsibilities. You are advised to set auditenabled to on. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

openGauss: Configuring the Maximum Logging Duration of An Audit Log File

The parameter auditrotationinterval specifies the maximum logging duration of an audit log file. After the time expires, another audit log file is automatically Created. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...

picketbox: JBoss EAP reload to admin-only mode allows authentication bypass

A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user...

Fedora 32 : 2:samba / krb5 (2020-939681213a)

KRB5 : - Cross-realm s4u fixes for samba 1836630 - Drop unnecessary conflict with openssl-libs = 3.0.0 - Unify kvno option documentation - Use systemctl reload to HUP the KDC during logrotate SAMBA : - Support S4U operations for Samba AD DC 1836630 - Fix lookup of users and groups when realm used...

openSUSE Security Update : libvirt (openSUSE-2020-1778)

This update for libvirt fixes the following issues : - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add do...

OPENSUSE-SU-2020:1778-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add dom...

Security update for libvirt (important)

openSUSE Security Update: Security update for libvirt Announcement ID: openSUSE-SU-2020:1778-1 Rating: important References: 1174955 1175465 1175574 1176430 1177155 1177480 Cross-References: CVE-2020-15708 CVE-2020-25637 Affected Products: openSUSE Leap 15.1 An update that solves two...

SUSE-SU-2020:3039-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add dom...

SUSE-SU-2020:3037-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros bsc1174955. - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces bsc1177155. - qemu: Adjust max memlock on mdev hotplug bsc1177480. - Xen: Don't add dom...

Cisco Adaptive Security Appliance (ASA) Software Denial of Service Vulnerability

The Cisco Adaptive Security Appliance ASA software is the core operating system that provides robust functionality for the Cisco ASA family. It has a variety of appearances and provides enterprise-class firewall functionality for ASA appliances. A denial of service vulnerability exists in the...

CVE-2020-3571

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incomplete input...

CVE-2020-3563

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could...