Fedora 25 : php-horde-kronolith (2017-692c05119d)

kronolith 4.2.22 - jan SECURITY: Fix open redirects. - mjr Prevent broken iCalendar files from causing fatal errors Bug 14672. - jan Work around calendar servers advertising as CalDAV-capable, but ignoring CalDAV requests Bug 14662. - jan Fix displaying yesterday's event in Prior Events portal...

Fedora 26 : php-horde-kronolith (2017-ceb60ebf8f)

kronolith 4.2.22 - jan SECURITY: Fix open redirects. - mjr Prevent broken iCalendar files from causing fatal errors Bug 14672. - jan Work around calendar servers advertising as CalDAV-capable, but ignoring CalDAV requests Bug 14662. - jan Fix displaying yesterday's event in Prior Events portal...

[SECURITY] [DSA 3928-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3928-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq -...

The vulnerability of the ReadOneJNGImage function in the coder/png.c file of the console image editing tool ImageMagick allows a hacker to cause a service failure.

The vulnerability of the ReadOneJNGImage function in the coder/png.c file of the console image editing tool ImageMagick is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially crafted file...

The vulnerability of the ReadOneJNGImage function in the console-based ImageMagick graphics editor allows a hacker to cause a service failure.

The vulnerability of the ReadOneJNGImage function in the console-based ImageMagick graphics editor is related to resource management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure resulting in wasted computing resources by using a...

Debian: Security Advisory (DSA-3928-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Certificate Based Authentication : General issues

This document specifically addresses some common troubleshooting tips and guidelines that would help in tackling certain issues related with the Certificate based authenticationCBA. Please ensure that the initial configuration is set as per the article: https://support.citrix.com/article/CTX22047...

Certificate Based Authentication : Troubleshooting Tips

This document specifically addresses some common troubleshooting tips and guidelines that would help in tackling certain issues related with the Certificate based authenticationCBA. Please ensure that the initial configuration is set as per the article: https://support.citrix.com/article/CTX22047...

App Layering: No connection to Layering Service and other web errors

You get unexpected errors and disconnects in the App Layering Management Console. While logged in, you may see "Connectivity Failure" or a status of the ELM saying "No connection to Layering Service"...

Troubleshooting DTLS and EDT on Citrix Gateway

In Citrix Virtual Apps and Desktopsenvironment with EDT enabled and DTLS enabled on the Citrix Gateway VPN vServer, an error may occur when trying to launch an application or desktop.Depending on the scenario, errors message may be : "Cannot connect to the Citrix XenApp Server. Protocol Driver...

Race condition

Race condition in the ioctl implementation in the Samsung Graphics 2D driver aka /dev/fimg2d in Samsung devices with Android L5.0/5.1 allows local users to trigger memory errors by leveraging definition of g2dlock and g2dunlock lock macros as no-ops, aka SVE-2015-4598...

CVE-2015-7891

Race condition in the ioctl implementation in the Samsung Graphics 2D driver aka /dev/fimg2d in Samsung devices with Android L5.0/5.1 allows local users to trigger memory errors by leveraging definition of g2dlock and g2dunlock lock macros as no-ops, aka SVE-2015-4598...

CVE-2015-7891

Race condition in the ioctl implementation in the Samsung Graphics 2D driver aka /dev/fimg2d in Samsung devices with Android L5.0/5.1 allows local users to trigger memory errors by leveraging definition of g2dlock and g2dunlock lock macros as no-ops, aka SVE-2015-4598...

Juniper Junos SRX Cluster Synchronization Failover Errors (JSA10806)

According to its self-reported version number and configuration, the remote Juniper Junos device is affected by a flaw in the handling of cluster synchronization and failover operations whenever the root account has been locked out. An unauthenticated, remote attacker can exploit this, via a seri...

XSS vulnerability in code example

SECURITY Fix XSS vulnerability in one of the code examples, CVE-2017-11503. The codegenerator.phps example did not filter user input prior to output. This file is distributed with a .phps extension, so it it not normally executable unless it is explicitly renamed, so it is safe by default. There...

Troubleshooting Certificate and Connection Errors in Cloud Connect

Challenge When adding a Service Provider on the tenant's Veeam Backup & Replication, either of the following errors occurs: Certificate validation failed. Unable to connect to the service provider. Certificate validation failed. Authentication failed because the remote party has closed the...

Apple iTunes < 12.6.2 Multiple Vulnerabilities (macOS) (credentialed check)

The version of Apple iTunes installed on the remote macOS or Mac OS X host is prior to 12.6.2. It is, therefore, affected by multiple vulnerabilities : - Multiple out-of-bounds read errors exist in the libxml2 component due to improper handling of specially crafted XML documents. An...

The vulnerability of the DBD::mysql driver’s DBD::mysql module allows a attacker to cause a service failure or exert other effects.

The vulnerability of the DBD::mysql driver’s module is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or other effects such as the termination of the application through MySQL server error messages or by losing...

krb5 -- Multiple vulnerabilities

MIT reports: CVE-2017-11368: In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request. CVE-2017-11462: RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or subseque...

Errors while launching HDX apps from Receiver/Secure Hub

When trying to launch any HDX applications from iOSor Android devices below error message is displayed. Error Message on iOS Devices:- Connection Error: Server Error; The Server disconnected the session. Error Message on Android devices: Cannot Connect : Error Connecting to the session reliabilit...