openSUSE: Security Advisory for kernel (openSUSE-SU-2018:0781-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2018:0786-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.120 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver. bnc1072865. - CVE-2017-15951: The KEYS subsystem did not correctly...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.120 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-8087: Memory leak in the hwsimnewradionl function in drivers/net/wireless/mac80211hwsim.c allowed local users to cause a denial of service memory...

Updated clamav packages fix security vulnerabilities

Clamav has been updated to fix 2 security issues and also contains a lot of bugfixes. Out-of-bounds access in the PDF parser CVE-2018-0202 Out-of-bounds heap read in XAR parser CVE-2018-1000085...

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0660-1) (Spectre)

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information...

SUSE-SU-2018:0660-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information ...

Fedora 27 : knot-resolver (2018-fe5a6ed3b7)

Knot Resolver 2.1.0 2018-02-16 ================================ Incompatible changes -------------------- - stats: remove tracking of expiring records predict uses another way - systemd: re-use a single kresd.socket and kresd-tls.socket - tasentinel: implement protocol...

Fedora 26 : knot-resolver (2018-844a1e9778)

Knot Resolver 2.1.0 2018-02-16 ================================ Incompatible changes -------------------- - stats: remove tracking of expiring records predict uses another way - systemd: re-use a single kresd.socket and kresd-tls.socket - tasentinel: implement protocol...

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0555-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to a...

ntp -- multiple vulnerabilities

Network Time Foundation reports: The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack INFO/MEDIUM: Sec 3412 / CVE-2018-7182 /...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0525-1) (Spectre)

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information...

SUSE-SU-2018:0482-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 Realtime kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0437-1) (Spectre)

The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information ...

HTTP Proxy header vulnerability

Bugfixes Mitigate HTTPoxy vulnerability 23...

HTTP Proxy header vulnerability

Bugfixes Mitigate HTTPoxy vulnerability 23...

openSUSE Security Update : the Linux Kernel (openSUSE-2018-153) (Spectre)

The openSUSE Leap 42.3 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to ...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0113-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. -...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0114-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes...

Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air.

Bugfixes Fixed a security issue discovered by @hernandev that enabled an attacker to impersonate any registered user in a Firebase application...

Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air.

Bugfixes Fixed a security issue discovered by @hernandev that enabled an attacker to impersonate any registered user in a Firebase application...