74 matches found
Low: Red Hat Bug Fix Advisory: Red Hat Virtualization Engine security, bug fix 4.3.10
An update is now available for Red Hat Virtualization Engine 4.3. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features...
SUSE-RU-2020:0671-1 Recommended update for SUSE Manager Proxy 4.0
This update fixes the following issues: mgr-osad: - Take care that osad is not disabled nor deactivated during update bsc1157700, bsc1158697 patterns-suse-manager: - Add recommends for virtualization-host-formula to sumaserver pattern - Add recommends for virtualization-host-formula to retail...
SUSE-SU-2019:2192-1 Security update for qemu
This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ipreass on big packet input bsc1143794. - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources bsc1135902. - CVE-2019-13164: Security fi...
CVE-2017-15706
As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a...
SUSE SLED12 / SLES12 Security Update : samba (SUSE-SU-2017:3104-1)
This update for samba fixes the following issues: Security issues fixed : - CVE-2017-14746: Use-after-free vulnerability bsc1060427. - CVE-2017-15275: Server heap memory information leak bsc1063008. Bug fixes : - Update 'winbind expand groups' doc in smb.conf man page bsc1027593. Note that Tenabl...
SUSE-SU-2017:3104-1 Security update for samba
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Use-after-free vulnerability bsc1060427. - CVE-2017-15275: Server heap memory information leak bsc1063008. Bug fixes: - Update 'winbind expand groups' doc in smb.conf man page bsc1027593...
java-1.8.0-openjdk security update
1:1.8.0.71-1.b15 - Add patch to turn off strict overflow on IndicRearrangementProcessor,2.cpp - Resolves: rhbz1295751 1:1.8.0.71-0.b15 - January 2016 security update to u71b15. - Improve verbosity and helpfulness of tarball generation script. - Update patch documentation using version originally...
SUSE-SU-2015:1682-1 Security update for icedtea-web
The Java IcedTea-Web Plugin was updated to 1.6.1 bringing various features, bug- and securityfixes. Enabled Entry-Point attribute check permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not t all. fixed DownloadService comments in...
Fedora 21 : webkitgtk-2.4.8-1.fc21 / webkitgtk3-2.4.8-1.fc21 (2015-0500)
Fix SSL connection issues with some websites after the POODLE vulnerability fix. - Fix a crash when loading flash plugins. - Fix build on GNU Hurd - Fix build on OS X. - Fix documentation of webkitprintoperationgetpagesetup. - Security fixes: CVE-2014-1344, CVE-2014-1384, CVE-2014-1385,...
SSLv3 Is Not Disabled When sslProtocol is Set to TLS, Vulnerable to POODLE
The default connector as written in /conf/server.xml uses sslProtocol="TLS". This should only enable TLS connectors, but it also enables SSLv3. Our documentation and the included server.xml need to be updated to reflect the correct settings to enable only TLS. h3. Reproduction steps: Follow the...
openSUSE Security Update : dbus-1 (openSUSE-SU-2014:1228-1)
DBUS-1 was upgraded to upstream release 1.8. This brings the version of dbus to the latest stable release from an unstable snapshot 1.7.4 that is know to have several regressions - Upstream changes since 1.7.4 : + Security fixes : - Do not accept an extra fd in the padding of a cmsg message, whic...
CVE-2013-5750: Security issue in FOSUserBundle login form
Django recently released a new version of their framework to address a possible DOS attack when an attacker uses a very long password on a login form. One of the best practices for passwords is to store a hash of the password instead of the raw value. In Symfony, the encoders are responsible for...
Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt1
Jan. 1, 2008 Konstantin Lepikhov 5.0.51-alt1 - 5.0.51. - Security fixes: + CVE-2007-5969 RENAME TABLE System Table Overwrite Vulnerability + CVE-2007-6303 CVE-2007-6304 Server Privilege Escalation And Denial Of Service Vulnerabilities - Update html documentation to 9232 revision...
openSUSE 10 Security Update : spamassassin (spamassassin-3077)
This upgrade brings spamassassin to version 3.1.8 with following changes : - fix for CVE-2007-0451: possible DoS due to incredibly long URIs found in the message content. - disable perl module usage in update channels unless --allowplugins is specified - files with names starting/ending in...