This Week in Security News: Cyberespionage Campaigns and Botnet Malware

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a cyberespionage campaign targeting Middle Eastern countries and a botnet malware that infiltrates containers via exposed Docker...

SUSE-SU-2019:1562-1 Security update for docker

This update for docker fixes the following issues: Security issue fixed: - CVE-2018-15664: Fixed an issue which could make docker cp vulnerable to symlink-exchange race attacks bsc1096726...

SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2019:1562-1)

This update for docker fixes the following issues : Security issue fixed : CVE-2018-15664: Fixed an issue which could make docker cp vulnerable to symlink-exchange race attacks bsc1096726. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

Boosting Your Linux & Docker Security with CB LiveOps

Today we’re excited to announce Linux support for CB LiveOps, Carbon Black’s real-time endpoint query & remediation solution that helps security teams audit and change the state of their systems. This release expands the product’s footprint to cover all major operating systems, including Amazon...

SUSE-SU-2019:1514-1 Security update for docker

This update for docker fixes the following issues: Security issue fixed: - CVE-2018-15664: Fixed an issue which made docker cp vulnerable to symlink-exchange race attacks bsc1096726...

Oracle Linux 7 : docker-engine (ELSA-2019-4680)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4680 advisory. - cherry-picked fix for CVE-2018-15664 from upstream Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

[SECURITY] Fedora 29 Update: podman-1.4.0-2.fc29

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the managemen t of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

SUSE SLED15 / SLES15 Security Update : containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (SUSE-SU-2019:1234-2)

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues : Security issues fixed : CVE-2019-5736: containerd: Fixing container breakout vulnerability bsc1121967. CVE-2019-6486: go security release, fixing crypto/elliptic CPU D...

Rancher < 2.2.4 Web Parameter Tampering

The version of a Docker container of Rancher is 2.2.4 and, thus, is affected by web parameter tampering vulnerability. A vulnerability exists in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0238

An update of 'docker', 'linux', 'linux-esx' packages of Photon OS has been released...

docker-engine security update

docker-engine 18.09.1-1.0.8 - cherry-picked fix for CVE-2018-15664 from upstream 18.09.1-1.0.7 - added runc version requirement 18.09.1-1.0.6 - disable kmem accounting for UEKR4 docker-cli 18.09.1-1.0.8 - rebuild 18.09.1-1.0.7 - rebuild 18.09.1-1.0.6 - disable kmem accounting for UEKR4 runc...

Important Photon OS Security Update - PHSA-2019-3.0-0019

Updates of 'docker', 'go', 'bubblewrap' packages of Photon OS have been released...

[SECURITY] Fedora 30 Update: podman-1.4.0-2.fc30

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the managemen t of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Unauthenticated CVE-2019-0708 "BlueKeep" Scanner...

[SECURITY] Fedora 30 Update: podman-1.4.0-1.fc30

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the managemen t of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Alpine Docker Image Vulnerability (CVE-2019-5021): How to Detect and Fix

A vulnerability affecting the official Alpine Docker images version =3.3 contains a null password for the root user. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container that utilize Linux PAM, or some other mechanism that uses the system shadow...

Critical Photon OS Security Update - PHSA-2019-0162

Updates of 'linux-aws', 'docker', 'linux-secure', 'vim', 'linux-esx', 'linux', 'sqlite' packages of Photon OS have been released...

Faraday v3.8 - Collaborative Penetration Test and Vulnerability Management Platform

Here are the main new features and improvements in Faraday v3.8: Set up Faraday with a double click! We are committed to facilitate your work processes. With that in mind, we enhanced our installation phases, so now it’s easier to have Faraday on your devices: You can download our platform with...

Important Photon OS Security Update - PHSA-2019-0019

Updates of 'bubblewrap', 'docker', 'go' packages of Photon OS have been released...

Docker Desktop Detection (Windows SMB Login)

SMB login-based detection of Docker Desktop. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...