10 matches found
EUVD-2018-11324
Malware in sbrugna...
systemd security, bug fix, and enhancement update
239-40.0.1 - backport upstream pstore tmpfiles patch Orabug: 31420486 - udev rules: fix memory hot add and remove Orabug: 31310273 - fix to enable systemd-pstore.service Orabug: 30951066 - journal: change support URL shown in the catalog entries Orabug: 30853009 - fix to generate...
grub2 security update
2.02-81.0.4 - Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 Orabug: 31225072 - Update signing certificate for efi binaries 2.02-0.81.0.2 - Enable common subpackage build for aarch64 - Disable RHEL patch...
mod_auth_mellon security, bug fix, and enhancement update
0.14.0-9 - Just bump the release number - Related: rhbz1718238 - modauthmellon-diagnostics RPM not in product listings 0.14.0-8 - Resolves: rhbz1691894 - RFE Config option to change modauthmellon prefix 0.14.0-7 - Apply the patch from the previous commit - Resolves: rhbz1692471 - CVE-2019-3877...
Command injection
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...
CVE-2018-19639
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...
CVE-2018-19639
CVE-2018-19639 affects supportutils before 3.1-5.7.1; when run with -v to verify RPMs, an attacker who can manipulate the RPM listing could execute arbitrary commands as root. OpenSUSE/SUSE advisories (openSUSE-2019-1351, SUSE-SU-2019:13976-1) state this vulnerability is fixed in the respective s...
CVE-2018-19639 Code execution if run with command line switch -v
If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing e.g. with CVE-2018-19638 he can execute arbitrary commands as root...
Important: Red Hat Security Advisory: tomcat6 security and bug fix update
An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: qemu-kvm-rhev, qemu-kvm-rhev-tools, qemu-img-rhev security and bug fix update
Updated qemu-kvm-rhev, qemu-kvm-rhev-tools, and qemu-img-rhev packages are now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...