[SECURITY] Fedora 28 Update: slurm-17.11.5-2.fc28

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters...

[SECURITY] Fedora 27 Update: slurm-17.02.10-1.fc27

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters...

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

Apache Ranger Security Bypass Vulnerability

Apache Ranger is the Apache Software Foundation's architecture for implementing comprehensive security measures for Hadoop clusters, which provides centralized security policy management for core enterprise security requirements such as authorization, billing, and data protection.Hive Authorizer ...

[SECURITY] Fedora 26 Update: heketi-5.0.1-1.fc26

Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will...

Unauthorized Read Access

geode-core is vulnerable to unauthorized read access. An OQL bind parameter vulnerability allows users to gain read access to objects contained in unauthorized regions of the Geode clusters...

[SECURITY] Fedora 27 Update: slurm-17.02.9-3.fc27

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters...

[SECURITY] Fedora 27 Update: slurm-17.02.9-2.fc27

Slurm is an open source, fault-tolerant, and highly scalable cluster management and job scheduling system for large and small Linux clusters...

Unbreakable Enterprise kernel security update

2.6.39-400.297.12 - xsigo: backport Fix race in freeing aged Forwarding tables Pradeep Gopanapalli Orabug: 24823234 - ocfs2: fix deadlock issue when taking inode lock at vfs entry points Eric Ren Orabug: 25671723 - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock Eric Ren...

CVE-2017-6165

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between...

Cisco Meeting Server Traversal Using Relay NAT Server Unauthorized Access Vulnerability

Cisco Meeting Server formerly known as Acano Conferencing Server, CMS is the United States Cisco Cisco company's set of audio and video conferencing server software.Traversal Using Relay NAT TURN server is one of the multimedia application traversal server. A security vulnerability in the TURN...

BASS - BASS Automated Signature Synthesizer

This blog post was authored by Jonas Zaddach and Mariano Graziano.Executive SummaryGiven the rapid pace of change in the threat landscape with new threats emerging and existing ones evolving, there are bound to be challenges defenders face. These challenges can manifest in multiple ways, such as...

Insecure Hadoop Clusters Expose Over 5,000 Terabytes of Data

Until last year, cyber criminals were only targeting computers of individuals and organisations with ransomware and holding them for ransom, but then they started targeting unprotected online databases and servers around the globe for ransom as well. Earlier this year, we saw notorious incidents...

Design/Logic Flaw

On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a...

CVE-2017-2300

On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a...

CVE-2017-2300

On Juniper Networks SRX Series Services Gateways chassis clusters running Junos OS 12.1X46 prior to 12.1X46-D65, 12.3X48 prior to 12.3X48-D40, 12.3X48 prior to 12.3X48-D60, flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a...

[SECURITY] Fedora 25 Update: pcs-0.9.156-2.fc25

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

[SECURITY] Fedora 24 Update: pcs-0.9.156-2.fc24

pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...

Apache Ranger Security Bypass Vulnerability (CNVD-2017-01460)

Apache Ranger is a set of architectures for implementing comprehensive security measures for Hadoop clusters, providing centralized security policy management for core enterprise security requirements such as authorization, billing and data protection. A security bypass vulnerability exists in...

Subscription Synchronization Does Not Work Among Multiple StoreFront Clusters

Subscription Synchronization does not work among multiple StoreFront clusters...