[SECURITY] Fedora 20 Update: csync2-1.34-15.fc20

Csync2 is a cluster synchronization tool. It can be used to keep files on multiple hosts in a cluster in sync. Csync2 can handle complex setups with much more than just 2 hosts, handle file deletions and can detect conflicts. It is expedient for HA-clusters, HPC-clusters, COWs and server farms...

postgresql: loss of frontend/backend protocol synchronization after an error

A flaw was found in the way PostgreSQL handled certain errors that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection...

[SECURITY] Fedora 22 Update: csync2-1.34-15.fc22

Csync2 is a cluster synchronization tool. It can be used to keep files on multiple hosts in a cluster in sync. Csync2 can handle complex setups with much more than just 2 hosts, handle file deletions and can detect conflicts. It is expedient for HA-clusters, HPC-clusters, COWs and server farms...

Amazon Linux AMI : postgresql93 (ALAS-2015-485)

A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. CVE-2015-0243 A flaw was found in way PostgreSQL...

SUSE-SU-2015:0639-1 Security update for postgresql91

The PostgreSQL database server was updated to 9.1.15, fixing bugs and security issues: Fix buffer overruns in tochar CVE-2015-0241. Fix buffer overrun in replacement printf functions CVE-2015-0242. Fix buffer overruns in contrib/pgcrypto CVE-2015-0243. Fix possible loss of frontend/backend protoc...

Medium: postgresql93

Issue Overview: A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. CVE-2015-0243 A flaw was found in wa...

SUSE-SU-2015:0478-1 Security update for postgresql93

postgresql93 was updated to version 9.3.6 to fix four security issues. These security issues were fixed: - CVE-2015-0241: Fix buffer overruns in tochar bnc916953. - CVE-2015-0243: Fix buffer overruns in contrib/pgcrypto bnc916953. - CVE-2015-0244: Fix possible loss of frontend/backend protocol...

Rsync Arbitrary File Write Vulnerability

rsync is a data mirroring backup application for Unix-like systems developed by Australian software developers Andrew Tridgell and Paul Mackerras that synchronizes file and directory updates between two computers and uses differential encoding to reduce data transfers. An arbitrary file write...

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-27.fc21

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 20 Update: ntp-4.2.6p5-20.fc20

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

DEBIAN-CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

Moderate: Red Hat Security Advisory: rhevm-spice-client security and bug fix update

Updated rhevm-spice-client packages that fix two security issues and several bugs are now available for Red Hat Enterprise Virtualization Manager 3. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

PT-2015-3447 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the subsequent get user pages fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher recvmsg of crypto/algif skcipher.c function...

[SECURITY] [DSA 3130-1] lsyncd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3130-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 16, 2015 http://www.debian.org/security/faq -...

Important: Red Hat Bug Fix Advisory: Red Hat Satellite 6 server bug fix update

Updated the following packages to fix several bugs in Red Hat Satellite 6: foreman foreman-proxy katello-agent pulp pulp-nodes pulp-puppet pulp-rpm ruby193-rubygem-fog ruby193-rubygem-foreman-tasks packages. These packages are now available in Red Hat Satellite 6. Red Hat Satellite is a system...

[SECURITY] Fedora 19 Update: ntp-4.2.6p5-13.fc19

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

For patch NTP-Network Time Protocol vulnerabilities, Apple released the first Auto-Update Patch-vulnerability warning-the black bar safety net

Last night, Apple released its first automated patch, used to repair Appleoperating systemon the keyNetwork Time Protocol（NTP）vulnerabilitiesthe. The patch can be automatically patched, and does not require the user to restart the operation. NTP Network TimeProtocol, the Network Time Protocol, is...