Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
| |
(Jul 9) |
| |
Security Report Summary
|
| |
(Jul 9) |
| |
Security Report Summary
|
| |
(Jul 8) |
| |
Security Report Summary
|
| |
(Jul 7) |
| |
Security Report Summary
|
| |
(Jul 7) |
| |
Security Report Summary
|
| |
(Jul 6) |
| |
Security Report Summary
|
| |
(Jul 5) |
| |
Security Report Summary
|
| |
(Jul 3) |
| |
Security Report Summary
|
| |
(Jul 2) |
| |
Security Report Summary
|
|
|
| |
(Jul 5) |
| |
Update to 1.9.2. Fixes CVE-2015-3908 (hostname and cert matching in some modules and plugins) and another not yet issued CVE on chroot/jail/zone connection plugins as well as a number of bugfixes.
|
| |
(Jul 5) |
| |
Update to 1.9.2. Fixes CVE-2015-3908 (hostname and cert matching in some modules and plugins) and another not yet issued CVE on chroot/jail/zone connection plugins as well as a number of bugfixes.
|
| |
(Jul 3) |
| |
This is an update to most recent version 10.0.20, that also fixes CVE-2015-3152.
|
| |
(Jul 3) |
| |
Update fixing a minor security issue CVE-2015-3238.
|
| |
(Jul 3) |
| |
https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x
|
| |
(Jul 3) |
| |
https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x
|
| |
(Jul 2) |
| |
- Release 7.38 is a security fix release- Upstream release notes: https://www.drupal.org/drupal-7.38-release-notes
|
| |
(Jul 2) |
| |
- Release 7.38 is a security fix release- Upstream release notes: https://www.drupal.org/drupal-7.38-release-notes
|
| |
(Jul 2) |
| |
- Release 6.36 is a security fix release- Upstream release notes: https://www.drupal.org/drupal-6.36-release-notes
|
| |
(Jul 2) |
| |
- Release 6.36 is a security fix release- Upstream release notes: https://www.drupal.org/drupal-6.36-release-notes
|
|
|
| |
(Jul 10) |
| |
A vulnerability in Perl allows a remote attacker to cause Denial of Service.
|
| |
(Jul 10) |
| |
A buffer overflow in t1utils could result in execution of arbitrary code or Denial of Service.
|
| |
(Jul 9) |
| |
A double free vulnerability in PyPAM could result in execution of arbitrary code or Denial of Service.
|
| |
(Jul 7) |
| |
A vulnerability in libxml2 allows a remote attacker to cause Denial of Service.
|
| |
(Jul 7) |
| |
Multiple vulnerabilities have been found in LibVNCServer, the worst of which could result in execution of arbitrary code or Denial of Service.
|
| |
(Jul 7) |
| |
Multiple vulnerabilities have been found in UnRTF, the worst of which may result in execution of arbitrary code.
|
| |
(Jul 7) |
| |
Multiple vulnerabilities have been found in SQLite, allowing context-dependent attackers to cause a Denial of Service condition.
|
| |
(Jul 7) |
| |
Multiple vulnerabilities have been found in International Components for Unicode, allowing attackers to execute arbitrary code or cause a Denial of Service condition.
|
| |
(Jul 7) |
| |
A vulnerability in Exiv2 could lead to Denial of Service condition.
|
| |
(Jul 6) |
| |
Two vulnerabilities have been found in Tor, the worst of which can allow remote attackers to cause a Denial of Service condition.
|
| |
(Jul 5) |
| |
Multiple vulnerabilities have been found in chrony, the worst of which can cause arbitrary code execution.
|
|
|
| |
Red Hat: 2015:1219-01: php54-php: Moderate Advisory (Jul 9) |
| |
Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]
|
| |
Red Hat: 2015:1218-01: php: Moderate Advisory (Jul 9) |
| |
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
|
| |
Red Hat: 2015:1214-01: flash-plugin: Critical Advisory (Jul 8) |
| |
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
|
| |
Red Hat: 2015:1211-01: kernel: Important Advisory (Jul 7) |
| |
Updated kernel packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having Important security [More...]
|
| |
Red Hat: 2015:1210-01: abrt: Moderate Advisory (Jul 7) |
| |
Updated abrt packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
|
| |
Red Hat: 2015:1207-01: firefox: Critical Advisory (Jul 3) |
| |
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security [More...]
|
|
|
| |
(Jul 9) |
| |
New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. [More Info...]
|
| |
(Jul 7) |
| |
New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
|
| |
(Jul 7) |
| |
New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. [More Info...]
|
| |
(Jul 7) |
| |
New cups packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. [More Info...]
|
| |
(Jul 7) |
| |
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. [More Info...]
|
|
|
| |
Ubuntu: 2656-1: Firefox vulnerabilities (Jul 9) |
| |
Firefox could be made to crash or run programs as your login if itopened a malicious website.
|
| |
Ubuntu: 2672-1: NSS vulnerabilities (Jul 9) |
| |
Several security issues were fixed in NSS.
|
| |
Ubuntu: 2671-1: Django vulnerabilities (Jul 9) |
| |
Several security issues were fixed in Django.
|
| |
Ubuntu: 2670-1: libwmf vulnerabilities (Jul 8) |
| |
libwmf could be made to crash or run programs as your login if it opened aspecially crafted file.
|
| |
Ubuntu: 2669-1: Bind vulnerability (Jul 7) |
| |
Bind could be made to crash if it received specially crafted networktraffic.
|
| |
Ubuntu: 2668-1: HAProxy vulnerability (Jul 7) |
| |
HAProxy could be made to expose sensitive information over the network.
|
| |
Ubuntu: 2667-1: Linux kernel vulnerabilities (Jul 7) |
| |
Several security issues were fixed in the kernel.
|
| |
Ubuntu: 2666-1: Linux kernel vulnerabilities (Jul 7) |
| |
Several security issues were fixed in the kernel.
|
| |
Ubuntu: 2660-1: Linux kernel vulnerability (Jul 7) |
| |
The system could be made to expose sensitive information to localapplications.
|
| |
Ubuntu: 2664-1: Linux kernel (Utopic HWE) vulnerabilities (Jul 7) |
| |
Several security issues were fixed in the kernel.
|
| |
Ubuntu: 2665-1: Linux kernel (Vivid HWE) vulnerabilities (Jul 7) |
| |
Several security issues were fixed in the kernel.
|
| |
Ubuntu: 2663-1: Linux kernel vulnerabilities (Jul 7) |
| |
Several security issues were fixed in the kernel.
|
| |
Ubuntu: 2662-1: Linux kernel (Trusty HWE) vulnerabilities (Jul 7) |
| |
Several security issues were fixed in the kernel.
|
| |
Ubuntu: 2661-1: Linux kernel (OMAP4) vulnerability (Jul 7) |
| |
The system could be made to expose sensitive information to localapplications.
|
| |
Ubuntu: 2658-1: PHP vulnerabilities (Jul 6) |
| |
Several security issues were fixed in PHP.
|
| |
Ubuntu: 2659-1: cups-filters vulnerabilities (Jul 6) |
| |
cups-filters could be made to crash or run programs as the lp user if itprocessed a specially crafted print job.
|
