[SECURITY] Fedora 26 Update: clamav-0.99.2-18.fc26

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

[SECURITY] Fedora 26 Update: mariadb-10.1.30-1.fc26

MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...

OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)

It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out...

Brother Debut http Denial Of Service

The Debut embedded HTTP server 'Brother Debut http Denial Of Service', 'Description' = %q The Debut embedded HTTP server MSFLICENSE, 'Author' = 'z00n ', vulnerability disclosure 'h00die' metasploit module , 'References' = 'CVE', '2017-16249' , 'URL',...

Fedora 26 : SDL2 (2017-5b132e3803)

Added audio stream conversion functions : - SDLNewAudioStream - SDLAudioStreamPut - SDLAudioStreamGet - SDLAudioStreamAvailable - SDLAudioStreamFlush - SDLAudioStreamClear - SDLFreeAudioStream - Added functions to query and set the SDL memory allocation functions : - SDLGetMemoryFunctions -...

Vanquish - Kali Linux based Enumeration Orchestrator

Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged f...

dcrawl - Simple, But Smart, Multi-Threaded Web Crawler For Randomly Gathering Huge Lists Of Unique Domain Names

dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site's body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...

PYSEC-2017-83

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...

UBUNTU-CVE-2017-14158

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...

Simple multi-threaded web crawler: dcrawl

dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site’s body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...

Python Multi Threaded Tor Proxy: pyMultitor

Python Multi Threaded Tor Proxy Installation Prerequisites Python 2.7+. A C compiler, Python headers, etc. are needed to compile several dependencies. On Ubuntu, sudo apt-get install -y build-essential libssl-dev python-setuptools python-pip python-wheel python-dev On Fedora, sudo dnf install -y...

[SECURITY] Fedora 24 Update: community-mysql-5.7.18-2.fc24

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

[SECURITY] Fedora 26 Update: community-mysql-5.7.18-2.fc26

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

[SECURITY] Fedora 25 Update: mingw-gtk-vnc-0.7.0-1.fc25

gtk-vnc is a VNC viewer widget for GTK. It is built using coroutines allowing it to be completely asynchronous while remaining single threaded...

[SECURITY] Fedora 24 Update: gtk-vnc-0.7.0-1.fc24

gtk-vnc is a VNC viewer widget for GTK2. It is built using coroutines allowing it to be completely asynchronous while remaining single threaded...

Linux kernel local denial of service vulnerability (CNVD-2017-02604)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in Linux kernel prior to version 4.10.1, where a local attacker can cause a denial of service invalid unlock and double release...

openssl security update

1.0.1e-48.4 - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher - fix CVE-2016-8610 - DoS of single-threaded servers via excessive alerts...

[SECURITY] Fedora 25 Update: mariadb-10.1.21-1.fc25

MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client...

Side Channel Attack On Modular Exponentiation

OpenSSL is vulnerable to side channel attacks. The vulnerability exploits cache-bank conflicts on the Intel Sandy-Bridge microarchitecture, exposing RSA keys. However, an attacker can only exploit this only if he has control of code in a thread running on the same hyper-threaded core as the victi...

OpenSSL: Race condition handling PSK identify hint

A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key PSK identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL...