Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:0249-1 Rating: important References: 1122983 1125330 Cross-References: CVE-2016-5824 CVE-2018-12405 CVE-2018-17466 CVE-2018-18335 CVE-2018-18356 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494...

openSUSE Security Update : docker (openSUSE-2019-189)

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues : Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork : - CVE-2018-16873: cmd/go: remote command execution during 'go get -u' bsc1118897 -...

openSUSE Security Update : rmt-server (openSUSE-2019-185)

This update for rmt-server to version 1.1.1 fixes the following issues : The following issues have been fixed : - Fixed migration problems which caused some extensions / modules to be dropped bsc1118584, bsc1118579 - Fixed listing of mirrored products bsc1102193 - Include online migration paths...

openSUSE Security Update : MozillaThunderbird (openSUSE-2019-182)

This update for MozillaThunderbird to version 60.5.0 fixes the following issues : Security vulnerabilities addressed MFSA 2019-03 boo1122983 MFSA 2018-31 : - CVE-2018-18500: Use-after-free parsing HTML5 stream - CVE-2018-18505: Privilege escalation through IPC channel messages - CVE-2016-5824: Do...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:0182-1 Rating: important References: 1122983 Cross-References: CVE-2016-5824 CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 CVE-2018-18500 CVE-2018-18501...

SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2019:0286-1)

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues : Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork : CVE-2018-16873: cmd/go: remote command execution during 'go get -u' bsc1118897...

SUSE-SU-2019:0272-1 Security update for rmt-server

This update for rmt-server to version 1.1.1 fixes the following issues: The following issues have been fixed: - Fixed migration problems which caused some extensions / modules to be dropped bsc1118584, bsc1118579 - Fixed listing of mirrored products bsc1102193 - Include online migration paths int...

openSUSE Security Update : systemd (openSUSE-2019-97)

This update for systemd provides the following fixes : Security issues fixed : - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas bsc1120323 - CVE-2018-16866: Fixed an information leak in journald bsc1120323 - Fixed an issue during system startup in...

Code injection

The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems...

CVE-2018-20744

The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems...

CVE-2018-20744

The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems...

Impact of 62 million devices: the interpretation I is how to find the Marvell Avastar Wi-Fi remote code execution vulnerability-vulnerability warning-the black bar safety net

One, overview In the present study, I will mainly analyze the Marvell WiFi-FullMAC SoC security. Since we have not yet completed the product with a chip of a wireless device of research, and therefore which may contain large amounts of unaudited code, which might appear serious security problems...

XenApp/ XenDesktop- Limit application to one instance per user is not working

You have limited a published application to one instance per user. However when a user clicks on an application icon in StoreFront multiple times, it still launches multiple instances of the application...

Weblate: No Rate On Add Suggest

Hello Description : I have found that there is no limit in the number of requests in place of adding suggest, which may exploit the vulnerability of the attacker to send a large number of suggestions, for example, send a million suggest may lead to cause a problem to the server Steps To Reproduce...

CVE-2018-5737

A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause...

Citrix Receiver 4.12 - App Launching issues

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. When the new app loads it appears to disconnect the existing running apps momentarily and bring all...

Smart speakers: Christmas treat or lump of coal?

Christmas is nearly upon us, and thoughts are perhaps turning to various digital presents of a “smart” nature. Home security, hubs, speakers, cameras, and mashups of all of those and more besides. With regards to speakers, the most immediate pieces of your home are theoretically at your beck and...

XenServer - Not Able to Enable HA on Pool

Not able to enable HA on pool...

Friday Squid Blogging: Problems with the Squid Emoji

The Monterey Bay Aquarium has some problems with the squid emoji. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

App Layering does not support downgrading the ELM

I just upgraded my ELM, and I'm having problems. How do I downgrade?...