[SECURITY] Fedora 22 Update: prosody-0.9.9-2.fc22

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

[SECURITY] Fedora 23 Update: prosody-0.9.9-2.fc23

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

Fast Packet Networking Toolkit: Snabb Switch

Snabb Switch is open source software for solving novel problems in networking. Blending the latest techniques for high-performance x86 packet processing together with a high-level LuaJIT programming interface. The goal is to offer the easiest way to create and deploy new network functions in larg...

Mageia: Security Advisory (MGASA-2015-0283)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache HTTP Server 2.4.x < 2.4.16 Multiple Vulnerabilities

Binary data 8970.prm...

openSUSE Security Update : redis (openSUSE-2015-634)

redis was updated to version 2.8.22 boo934048 to fix a LUA sandbox update. CVE-2015-4335 Details can be found on http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-esc ape/ For the other changes see in the package: /usr/share/doc/packages/redis/00-RELEASENOTES %NASLMINLEVEL 70300 ...

Gentoo Security Advisory GLSA 201402-07

Gentoo Linux Local Security Checks GLSA 201402-07 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-402)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: redis security advisory

Updated redis packages that fix a security issues are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

redis: Lua sandbox escape and arbitrary code execution

A flaw was discovered in redis that could allow an authenticated user, who was able to use the EVAL command to run Lua code, to break out of the Lua sandbox and execute arbitrary code on the system...

Debian DLA-297-1 : wesnoth-1.8 security update

Wesnoth implements a text preprocessing language that is used in conjunction with its own game scripting language. It also has a built-in Lua interpreter and API. Both the Lua API and the preprocessor make use of the same function filesystem::getwmllocation to resolve file paths so that only...

[SECURITY] [DLA 297-1] wesnoth-1.8 security update

Package : wesnoth-1.8 Version : 1:1.8.5-1+deb6u2 CVE ID : CVE-2015-5069 CVE-2015-5070 Wesnoth implements a text preprocessing language that is used in conjunction with its own game scripting language. It also has a built-in Lua interpreter and API. Both the Lua API and the preprocessor make use o...

DLA-297-1 wesnoth-1.8 - security update

Bulletin has no description...

The vulnerability of the Apache HTTP Server web server allows attackers to trigger a service failure.

The vulnerability of the luawebsocketread function in the luarequest.c component of the Apache HTTP Server exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failure by sending a specially crafted WebSocket Ping reques...

MGASA-2015-0283 Updated wesnoth packages fix security vulnerability

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed in...

MGASA-2015-0282 Updated wesnoth packages fix security vulnerability

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed usi...

Updated wesnoth packages fix security vulnerability

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed usi...

Updated wesnoth packages fix security vulnerability

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed in...

Fedora 21 : redis-2.8.21-1.fc21 (2015-9488)

Upstream 2.8.21 RHBZ 1228245 - Fix Lua sandbox escape and arbitrary code execution RHBZ 1228331 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora 22 : redis-2.8.21-1.fc22 (2015-9498)

Upstream 2.8.21 - Fix Lua sandbox escape and arbitrary code execution RHBZ 1228331 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...