Debian DLA-1053-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of...

[SECURITY] [DLA 1053-1] firefox-esr security update

Package : firefox-esr Version : 52.3.0esr-1deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7807 CVE-2017-7809 Several security issues have...

Fedora 25 : php-horde-kronolith (2017-692c05119d)

kronolith 4.2.22 - jan SECURITY: Fix open redirects. - mjr Prevent broken iCalendar files from causing fatal errors Bug 14672. - jan Work around calendar servers advertising as CalDAV-capable, but ignoring CalDAV requests Bug 14662. - jan Fix displaying yesterday's event in Prior Events portal...

Fedora 26 : php-horde-kronolith (2017-ceb60ebf8f)

kronolith 4.2.22 - jan SECURITY: Fix open redirects. - mjr Prevent broken iCalendar files from causing fatal errors Bug 14672. - jan Work around calendar servers advertising as CalDAV-capable, but ignoring CalDAV requests Bug 14662. - jan Fix displaying yesterday's event in Prior Events portal...

[SECURITY] [DSA 3928-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3928-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq -...

The vulnerability of the ReadOneJNGImage function in the coder/png.c file of the console image editing tool ImageMagick allows a hacker to cause a service failure.

The vulnerability of the ReadOneJNGImage function in the coder/png.c file of the console image editing tool ImageMagick is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially crafted file...

The vulnerability of the ReadOneJNGImage function in the console-based ImageMagick graphics editor allows a hacker to cause a service failure.

The vulnerability of the ReadOneJNGImage function in the console-based ImageMagick graphics editor is related to resource management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure resulting in wasted computing resources by using a...

Debian: Security Advisory (DSA-3928-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Certificate Based Authentication : General issues

This document specifically addresses some common troubleshooting tips and guidelines that would help in tackling certain issues related with the Certificate based authenticationCBA. Please ensure that the initial configuration is set as per the article: https://support.citrix.com/article/CTX22047...

Certificate Based Authentication : Troubleshooting Tips

This document specifically addresses some common troubleshooting tips and guidelines that would help in tackling certain issues related with the Certificate based authenticationCBA. Please ensure that the initial configuration is set as per the article: https://support.citrix.com/article/CTX22047...

App Layering: No connection to Layering Service and other web errors

You get unexpected errors and disconnects in the App Layering Management Console. While logged in, you may see "Connectivity Failure" or a status of the ELM saying "No connection to Layering Service"...

Troubleshooting DTLS and EDT on Citrix Gateway

In Citrix Virtual Apps and Desktopsenvironment with EDT enabled and DTLS enabled on the Citrix Gateway VPN vServer, an error may occur when trying to launch an application or desktop.Depending on the scenario, errors message may be : "Cannot connect to the Citrix XenApp Server. Protocol Driver...

Race condition

Race condition in the ioctl implementation in the Samsung Graphics 2D driver aka /dev/fimg2d in Samsung devices with Android L5.0/5.1 allows local users to trigger memory errors by leveraging definition of g2dlock and g2dunlock lock macros as no-ops, aka SVE-2015-4598...

CVE-2015-7891

Race condition in the ioctl implementation in the Samsung Graphics 2D driver aka /dev/fimg2d in Samsung devices with Android L5.0/5.1 allows local users to trigger memory errors by leveraging definition of g2dlock and g2dunlock lock macros as no-ops, aka SVE-2015-4598...

CVE-2015-7891

Race condition in the ioctl implementation in the Samsung Graphics 2D driver aka /dev/fimg2d in Samsung devices with Android L5.0/5.1 allows local users to trigger memory errors by leveraging definition of g2dlock and g2dunlock lock macros as no-ops, aka SVE-2015-4598...

Juniper Junos SRX Cluster Synchronization Failover Errors (JSA10806)

According to its self-reported version number and configuration, the remote Juniper Junos device is affected by a flaw in the handling of cluster synchronization and failover operations whenever the root account has been locked out. An unauthenticated, remote attacker can exploit this, via a seri...

XSS vulnerability in code example

SECURITY Fix XSS vulnerability in one of the code examples, CVE-2017-11503. The codegenerator.phps example did not filter user input prior to output. This file is distributed with a .phps extension, so it it not normally executable unless it is explicitly renamed, so it is safe by default. There...

Troubleshooting Certificate and Connection Errors in Cloud Connect

Challenge When adding a Service Provider on the tenant's Veeam Backup & Replication, either of the following errors occurs: Certificate validation failed. Unable to connect to the service provider. Certificate validation failed. Authentication failed because the remote party has closed the...

Apple iTunes < 12.6.2 Multiple Vulnerabilities (macOS) (credentialed check)

The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6.2. It is, therefore, affected by multiple vulnerabilities : - Multiple out-of-bounds read errors exist in the libxml2 component due to improper handling of specially crafted XML documents. An...

The vulnerability of the DBD::mysql driver’s DBD::mysql module allows a attacker to cause a service failure or exert other effects.

The vulnerability of the DBD::mysql driver’s module is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or other effects such as the termination of the application through MySQL server error messages or by losing...