49 matches found
`loopdev` crate is unmaintained; use 'loopdev-3` instead.
The loopdev crate was last released in Oct, 2021. It has been unable to build in Fedora 38 and above since April, 2023. The loopdev-3 crate is a maintained fork: https://github.com/stratis-storage/loopdev-3...
Provisioning 2203 : Citrix PVS breaks with Microsoft OLEDB driver v19
When upgrading PVS 2203 servers to mitigate a Microsoft OLEDB driver vulnerability CVE-2023-36728, a customer incorrectly removed Microsoft OLE DB Driver 18 and installed Microsoft OLE DB Driver 19. PVS Server 2203 cannot use Microsoft OLE DB Driver 19 to communicate with the SQL server...
AZL-27173 CVE-2023-2976 affecting package guava for versions less than 25.0-8
Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files...
June 13, 2023—KB5027223 (OS Build 22000.2057)
None None...
April 11, 2023—KB5025239 (OS Build 22621.1555)
None None...
SUSE CVE-2022-29205
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types, which was added after migration to...
GSD-2022-1002819 arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
arm64: compat: Do not treat syscall number as ESRELx for a bad syscall This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...
SUSE-SU-2021:3643-1 Security update for binutils
This update for binutils fixes the following issues: - For compatibility on old code stream that expect 'brcl 0,label' to not be disassembled as 'jgnop label' on s390x. bsc1192267 This reverts IBM zSeries HLASM support for now. - Fixed that ppc64 optflags did not enable LTO bsc1188941. - Fix empt...
NEC Corporation CLUSTERPRO 和 EXPRESSCLUSTER 缓冲区错误漏洞
Nec Expresscluster X is a specialized high availability cluster software from Nec Corporation of Japan. It is used to initiate a fast restore function and continuously protect critical applications and data.NEC Corporation CLUSTERPRO is a HA cluster software from NEC. A buffer error vulnerability...
CVE-2021-23336
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...
SUSE-SU-2018:3253-1 Security update for libssh
This update for libssh fixes the following issues: Security issue fixed: - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. Non security issue fixed: - Fix popd syntax to be compatible with newer versions of the bash shell...
Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM MessageSight (CVE-2015-7575)
Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM MessageSight. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message durin...
Website Glitch Let Me Overstock My Coinbase
Coinbase and Overstock.com just fixed a serious glitch that allowed Overstock customers to buy any item at a tiny fraction of the listed price. Potentially more punishing, the flaw let anyone paying with bitcoin reap many times the authorized bitcoin refund amount on any canceled Overstock orders...
Microsoft Dynamics CRM 2011 Update Rollup 15
Microsoft Dynamics CRM 2011 Update Rollup 15 We have identified a compatibility issue that occurs when you use the Microsoft Dynamics CRM 2011 Client for Outlook with Update Rollup 15 applied against a Dynamics CRM 2013 server. This issue does not affect Dynamics CRM 2011 servers. A new Update...
Windows 10 VM Hyper-V Guest processing skipped on 2012 R2 Host
Challenge A Backup Job for a Windows 10 VM running on a 2012 R2 Hyper-V Host will fail to engage VSS when application-aware image processing is enabled, generating the error: Error Guest processing skipped check guest OS VSS state and integration components version System.Exception Cause This...
USN-2950-2 libsoup2.4 update
USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws ...
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS13-059 Microsof...
Scientific Linux Security Update : openssl on SL5.x i386/x86_64
OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a full-strength general purpose cryptography library. Datagram TLS DTLS is a protocol based on TLS that is capable of securing datagram transport UDP for instance. The...
Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64
A denial of service flaw was found in the Pidgin OSCAR protocol implementation. If a remote ICQ user sent a web message to a local Pidgin user using this protocol, it would cause excessive memory usage, leading to a denial of service Pidgin crash. CVE-2009-1889 These updated packages also fix the...
Critical: Red Hat Security Advisory: firefox security, bug fix, and enhancement update
Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common...