30 matches found
sysstat security update
11.7.3-5 - Rebuild 11.7.3-4 - Package onboarded to gating 11.7.3-3 - Fix memory corruption bug due to integer overflow 1790608...
cups security and bug fix update
1:2.2.6-38 - 1775590 - rastertoepson filter crashes with paper size A6 1:2.2.6-37 - forgot to enable optimization - 1833516 1:2.2.6-36 - 1838449 - ipp/socket backends connect to turned off device for eternity contimeout is not applied - 1689207 - Add failover backend - 1833516 - DirtyCleanInterva...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: container-tools:rhel8 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 HTTP/2: flood using HEADERS frames results in unbounded memory growth CVE-2019-9514...
CVE-2017-9049
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398...
CVE-2017-9049
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398...
Drupal 5 / 6 / 7 Cross Site Scripting
Hi, There is a persistent XSS in Drupal versions 5.x, 6.x and 7.x I have not yet tested Drupal 8.x due to not being fully released . The function which is vulnerable is the watchdog function, where the $message parameter does not get sanitized and you can pass through arbitrary code to be execute...
http TRACE cross-site attacks a vulnerability test with the defense fix-bug warning-the black bar safety net
From the bad wolf's blog Web Presence: http TRACE cross-site attack vulnerabilities. Scan results: http TRACE cross-site attacks His webserver supports the TRACE and/or TRACK methods. TRACE and TRACK is used to debugweb serverthe connection to the HTTP way. Support the way of a presence Server...
Fedora 11 : samba-3.4.5-0.47.fc11 (2010-1190)
Tue Jan 26 2010 Guenther Deschner - 3.4.5-0.47 - Security Release, fixes CVE-2009-3297 - resolves: 532940 - Tue Jan 19 2010 Guenther Deschner - 3.4.5-0.46 - Update to 3.4.5 - Thu Jan 7 2010 Guenther Deschner - 3.4.4-0.45 - Update to 3.4.4 - Thu Oct 29 2009 Guenther Deschner - 3.4.3-0.44 - Update...
[SECURITY] [ANNOUNCE] Apache 2.0.46 released
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache 2.0.46 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the ninth public release of the Apache 2.0 HTTP Server. This Announcement notes the significant changes in 2.0.46 as compared to 2.0.45...