SUSE-SU-2018:3074-1 Security update for postgresql10

This update for brings postgresql10 version 10.5 to SUSE Linux Enterprise 12 SP3. FATE325659 bnc1108308 This release marks the change of the versioning scheme for PostgreSQL to a 'x.y' format. This means the next minor releases of PostgreSQL will be 10.1, 10.2, ... and the next major release will...

March 22, 2018—KB4088889 (OS Build 14393.2155)

March 22, 2018—KB4088889 OS Build 14393.2155 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue where WMI stops responding to queries and WMI-dependent operations fail afte...

EulerOS 2.0 SP3 : mariadb (EulerOS-SA-2018-1303)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mysql: Client programs unspecified vulnerability CPU Jul 2017 CVE-2017-3636 - mysql: Server: DML unspecified vulnerability CPU Jul 2017...

EulerOS 2.0 SP2 : mariadb (EulerOS-SA-2018-1302)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - mysql: Client programs unspecified vulnerability CPU Jul 2017 CVE-2017-3636 - mysql: Server: DML unspecified vulnerability CPU Jul 2017...

Veeam Service Provider Console – Compile and Upload Management Agent Logs

Challenge This article covers how to Management Agent logs for both client agents and the Cloud Connect agent. Solution Export Management Agent Logs To export Veeam Service Provider Console Management Agent logs for one or more client agents, please: 1. Log into the Veeam Service Provider Console...

September 19, 2017—KB4038774 (Preview of Monthly Rollup)

September 19, 2017—KB4038774 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4038792released September 12, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresse...

November 27, 2017—KB4050946 (Preview of Monthly Rollup)

November 27, 2017—KB4050946 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4048958 released November 14, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addressed...

mysql: Server: Replication unspecified vulnerability (CPU Apr 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure wher...

mysql: Server: Replication unspecified vulnerability (CPU Oct 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

HPE XP P9000 Command View Advanced Edition Software Cross-Site Scripting Vulnerability

HPE XP P9000 Command View Advanced Edition Software CVAE is a suite of device management software from Hewlett Packard Enterprise HPE that enables storage management for HPE XP P9000 disk array products.DevMgr , TSMgr, and RepMgr are among the management modules. A cross-site scripting...

HPE XP P9000 Command View Advanced Edition Software Open URL Redirection Vulnerability

HPE XP P9000 Command View Advanced Edition Software is a full-featured device manager for HPE XP P9500 and XP disk array products. An open URL redirection vulnerability exists in DevMgr, TSMgr, and RepMgr in HPE XP P9000 Command View Advanced Edition Software CVAE 7.0.0-00 - 8.60-00 excluding...

CVE-2018-7090

HPE XP P9000 Command View Advanced Edition Software CVAE has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr...

Oracle MySQL Server Component Denial of Service Vulnerability (CNVD-2019-07346)

Oracle MySQL is an open source relational database management system from Oracle. The database system is characterized by high performance, low cost, good reliability, etc. MySQL Server is one of the server components. A security vulnerability exists in the Server: Replication subcomponent of the...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

Apache Kafka Security Bypass Vulnerability

Apache Kafka is an open source distributed streaming platform developed by the Apache Apache Software Foundation in the United States. The platform is capable of acquiring real-time data for building applications that react in real time to changes in the data stream. A security bypass vulnerabili...

Data Loss

Apache Kafka is vulnerable to data loss. An authenticated malicious user can send a fetch request during data replication to perform Broker reserved actions, causing data to be lost...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

Design/Logic Flaw

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...