SUSE-SU-2020:2650-1 Security update for SUSE Manager Server 4.0

This update fixes the following issues: hibernate5: - Address CVE-2019-14900 bsc1172079 image-sync-formula: - Allow image-sync state on regular minion. Image sync state requires branch-network pillars to get the directory where to sync images. Use default /srv/saltboot if that pillar is missing s...

CVE-2019-3777

Pivotal Application Service PAS, versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could...

DEBIAN-CVE-2017-2299

Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the sslca parameter but do not specify the sslcertsdir parameter, a default will be provided for the sslcertsdir that will trust certificates from any of the...

Fedora 20 : libuv-0.10.34-1.fc20 / nodejs-0.10.36-3.fc20 / v8-3.14.5.10-17.fc20 (2015-2310)

nodejs - tls: re-add 1024-bit SSL certs removed by f9456a2 Chris Dickinson - timers: don't close interval timers when unrefd Julien Gilli - timers: don't mutate unref list while iterating it Julien Gilli - childprocess: check execFile args is an array Sam Roberts - childprocess: check fork args i...

Apache CloudStack Information Disclosure Vulnerability

Apache CloudStack is an open source cloud computing solution. An information disclosure vulnerability exists in Apache CloudStack, which allows remote attackers to exploit this vulnerability to obtain private keys via listSslCerts API calls...

openSUSE Security Update : libserf / subversion (openSUSE-SU-2014:1059-1)

This subversion and libserf update fixes several security and non security issues : - subversion: guard against md5 hash collisions when finding cached credentials bnc889849 CVE-2014-3528 - subversion: raserf: properly match wildcards in SSL certs. bnc890511 CVE-2014-3522 - libserf: Handle NUL...

Fedora 17 : python-pip-1.3.1-4.fc17 (2013-13213)

Fix potential DOS with specially crafted malicious SSL certs. Backing out rename of pip binary to fix 958377 and updating package summary to match upstream's description. Backing out rename of pip binary to fix 958377 and updating package summary to match upstream's description. Note that Tenable...

Fedora 19 : python-pip-1.3.1-4.fc19 (2013-13216)

Fix potential DOS with specially crafted malicious SSL certs. Backing out rename of pip binary to fix 958377 and updating package summary to match upstream's description. Backing out rename of pip binary to fix 958377 and updating package summary to match upstream's description. Note that Tenable...

Fedora 18 : python-pip-1.3.1-4.fc18 (2013-13140)

Fix potential DOS with specially crafted malicious SSL certs. Backing out rename of pip binary to fix 958377 and updating package summary to match upstream's description. Backing out rename of pip binary to fix 958377 and updating package summary to match upstream's description. Note that Tenable...

Firefox wyciwyg:// cache zone bypass

There is an interesting vulnerability in how Mozilla Firefox handles internal wyciwyg:// pseudo-URIs. These cache-related resource identifiers are meant to be inaccessible by the user - but there are at least three routes to bypass these restrictionss, one of which - HTTP 302 redirect - also...