RedHat Update for 389-ds-base RHSA-2017:2569-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: 389-ds-base security and bug fix update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Amazon Linux AMI : mysql56 (ALAS-2017-888)

Server: Charsets unspecified vulnerability CPU Jul 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows...

Apache Solr Inter-Node Communication Vulnerability (SOLR-10031) - Linux

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readabl...

Path traversal

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

DEBIAN-CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

UBUNTU-CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

CVE-2017-3163

CVE-2017-3163 affects Apache Solr when using the Index Replication feature. The vulnerability arises because Solr did not validate the file name in the HTTP API used to pull index files from a master/leader, enabling path traversal and exposing files readable by the Solr server process. Affected ...

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

CVE-2017-3163

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path...

Oracle MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities

Binary data 700186.prm...

Oracle MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities

Binary data 700185.prm...

Fedora 25 : community-mysql (2017-7c039552fa)

Update to version 5.7.19 Replication tests in the testsuite enabled, they don't fail anymore Resolves: 1462688; /run 1406172; random failures of the testsuite 1417880, 1417883, 1417885, 1417887, 1417890, 1417891, 1417893, 1417894, 1417896; replication tests CVE fixes: 1472716 CVE-2017-3633,...

Fedora 26 : community-mysql (2017-ee93493bea)

Update to version 5.7.19 Replication tests in the testsuite enabled, they don't fail anymore Resolves: 1462688; /run 1406172; random failures of the testsuite 1417880, 1417883, 1417885, 1417887, 1417890, 1417891, 1417893, 1417894, 1417896; replication tests CVE fixes: 1472716 CVE-2017-3633,...

vCenter Server Appliance - Backup/Restore Recommendations

Native File-Based Backup and Restore Recommended vCenter Server Appliance Data Integrity Best Practices recommends using the native file-based backup and restore operations to protect the vCenter Server Appliance. Review: VMware vSphere User Guide: Considerations and Limitations for File-Based...

CVE-2017-3647

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2017-3649

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...