kernel: ovl: fix null pointer dereference in ovl_permission()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...

CVE-2022-36109

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...

container-tools:ol8 security update

buildah 1.19.7-2.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.19.7-2 - revert changes to the state of 3.0-8.4.0 - Related: 1954702 conmon 2:2.0.26-3 - fix 'Permission on /dev/null are changing from 666 to 777 after running podman as root rhel-8.4.0.z' - Resolves: 1961682...

openSUSE Security Update : roundcubemail (openSUSE-2020-1516)

This update for roundcubemail fixes the following issues : roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 - Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 - Security: Fix cross-site scripting XS...

SUSE-SU-2020:0434-1 Security update for pdsh, slurm_18_08

This update for pdsh, slurm1808 fixes the following issues: Slurm was included in the 18.08 release, as 'slurm1808' package. The version 18.08.9 contains all recent security fixes, including: - CVE-2019-19728: Fixed a privilege escalation with srun, where --uid might have unintended side effects...

Security update for otrs (moderate)

This update for otrs to version 4.0.32 fixes the following issues: These security issues were fixed: - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources...

Fedora 27 : community-mysql (2017-9e28c78e07)

A quarter year regular dose of fixed CVE's. https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.html . rhbz1497694 : Fix owner and perms on log file in post script CVE fixes: rhbz1503701 CVE-2017-10155 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-102...

SUSE-SU-2017:1763-1 Security update for clamav

This update for clamav fixes the following issues: Security issue fixed: - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 Non security issue fixed: - Fix permissions of /var/spool/amavis. bsc815106...

Mandriva Linux Security Advisory : setup (MDVSA-2015:184)

Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...

Oracle Linux 5 : bind (ELSA-2012-1267)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-1267 advisory. 30:9.3.6-20.P1.4 - bind-chroot-admin: set correct permissions on /etc/named.conf during update 30:9.3.6-20.P1.3 - fix CVE-2012-4244 Tenable has extracted the...