SUSE-SU-2017:3311-1 Security update for slurm

This update for slurm fixes the following issues: Slurm was updated to 17.02.9 to fix a security bug, bringing new features and bugfixes fate323998 bsc1067580. Security issue fixed: CVE-2017-15566: Fix security issue in Prolog and Epilog by always prepending SPANK to all user-set environment...

Qt for Android environment variables alteration

Overview Qt for Android contains an information alteration vulnerability. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may alter environem...

JVN#27342829: Qt for Android environment variables alteration

Qt for Android contains an information alteration vulnerability. Impact A remote attacker may alter environemt variables of the apps created using Qt. As a result, arbitrary code may be executed. Solution Update the Software Update to the latest version of software according to the information...

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

CVE-2017-1000410

Summary of CVE-2017-1000410 (Linux kernel info leak) : The vulnerability affects Linux kernel 3.3-rc1 and later in how L2CAP ConfigRequest/ConfigResponse are parsed. A stack variable (struct l2cap_conf_efs efs) is declared uninitialized and, depending on parsing flow and input, can be leaked back...

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

postgresql security update

9.2.23-3 - setup: keep PGSETUP variables after switching to not-privileged user 9.2.23-2 - fix CVE-2017-12172...

DEBIAN-CVE-2016-5713

Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...

Code injection

Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...

CVE-2016-5713

Versions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol PXP agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0...

BlackBerry QNX Software Development Platform Information Disclosure Vulnerability (CNVD-2017-37268)

The BlackBerry QNX Software Development Platform SDP is a suite of software development platforms from BlackBerry Canada dedicated to the development of software based on the QNX system. An information disclosure vulnerability exists in the default configuration of the QNX SDP in BlackBerry QNX S...

Security feature bypass

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

CVE-2017-11023

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

CVE-2017-11023

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

Information disclosure

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...

CVE-2017-9369

The CVE-2017-9369 entry describes an information-disclosure vulnerability in BlackBerry QNX Software Development Platform (SDP) versions 6.6.0 and 6.5.0 SP1 and earlier. The issue arises from the default SDP configuration, where an attacker can gain information about the memory layout of higher-p...

CVE-2017-9369

In BlackBerry QNX Software Development Platform SDP 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment...