Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
98
security advisoryred hatsecurity fixRed Hat Quarkus 2.7.6.SP3 Important: RHSA-2022:8957-01 Security Fix
An update is now available for Red Hat build of Quarkus Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat build of Quarkus Platform 2.7.6.SP3 and security update Advisory ID: RHSA-2022:8957-01 Product: Red Hat build of Quarkus Advisory URL: https://access.redhat.com/errata/RHSA-2022:8957 Issue date: 2022-12-13 CVE Names: CVE-2022-4116 CVE-2022-4147 CVE-2022-45047 ==================================================================== 1. Summary: An update is now available for Red Hat build of Quarkus Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section. 2. Description: This release of Red Hat build of Quarkus 2.7.6.SP3 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Security Fix(es): * CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus * CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE * CVE-2022-45047 mina-sshd: Java unsafe deserialization vulnerability For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your systemhave been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2144748 - CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE 2145194 - CVE-2022-45047 mina-sshd: Java unsafe deserialization vulnerability 2148867 - CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus 5. References: https://access.redhat.com/security/cve/CVE-2022-4116 https://access.redhat.com/security/cve/CVE-2022-4147 https://access.redhat.com/security/cve/CVE-2022-45047 https://access.redhat.com/articles/4966181 https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=redhat.quarkus&version=2.7.6.SP3 https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.7 https://bugzilla.redhat.com/show_bug.cgi?id=2148867 https://bugzilla.redhat.com/show_bug.cgi?id=2144748 https://bugzilla.redhat.com/show_bug.cgi?id=2145194 https://access.redhat.com/security/updates/classification/#important 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBY5ippNzjgjWX9erEAQitEw//aCEMjeXodioexjU4NxF9PNmmLl/GqKPc /rdKg3upMq7SvpZtpBcsFhmmeCPzug857MLB4ws4v7ZxvCZhGHSflWIhwfoaQE4+ z6ISkjimM9fy5kcUXeHmIJ8meeULiauZQ7dz3iwGwA7GIVgm96hXAorPG5iUKLe6 xarTjKCu3qN25VBkKxC9Ph56VL0V6A8X7++3ljevXlDl6AKej2rOFD4AMNyE0+i+ Mgomwz0LsnUBZ4T08LJ1E39jJUKcElCmD0fmzfnZqo9A33XZfkGk9lA5ZnGcilrr kBhWZ6XmixP3yePgTKjSQ/QLynbW27tlMWvu6aGCOj2jkQaf1SQFe1HLvVEBILTL 8TK+VJkKyW5We7w9mJTfa5Alo7tNBFJWHITBoKTPCZIXQPc5AcqImd9jOpgceocr NJ6pTftGbMuU3pgVSIT407/7v4GaEE60BfBIM4wfDRugN5o/uty20mjtw1qQiwac ii1VgY63Ruh/i+sO7LXzv9fsVv0T4OG+iViEjQmq4riZ6PccWK2E7YM0tZompMsc 5nmf1ZwklcgPPlMBySOIire2WRrPmaLHWjyeNkowaKeMO0+oJ+qv2caqHpwEOBxT A28opZP9RkJO7hHcuQ6Zfpdgpy6SWFZXDWTlD/IVvxXLXgWq8p8WSujLBTTCkppx kOci4Uw+rf4=xC3s -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Dec 13, 2022
•Important
Red Hat
202
security advisoryimportantlocal threatopenSUSE Leap 15.1: 2019:2199-1 Important: ibus Local User Threat
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ibus ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2199-1 Rating: important References: #1150011 Cross-References: CVE-2019-14822 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ibus fixes the following issues: - CVE-2019-14822: Fixed misconfiguration of the DBus server allows to unprivileged user could monitor and send method calls to the ibus bus of another user (bsc#1150011). This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2199=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): ibus-1.5.19-lp151.2.3.1 ibus-debuginfo-1.5.19-lp151.2.3.1 ibus-debugsource-1.5.19-lp151.2.3.1 ibus-devel-1.5.19-lp151.2.3.1 ibus-gtk-1.5.19-lp151.2.3.1 ibus-gtk-debuginfo-1.5.19-lp151.2.3.1 ibus-gtk3-1.5.19-lp151.2.3.1 ibus-gtk3-debuginfo-1.5.19-lp151.2.3.1 libibus-1_0-5-1.5.19-lp151.2.3.1 libibus-1_0-5-debuginfo-1.5.19-lp151.2.3.1 typelib-1_0-IBus-1_0-1.5.19-lp151.2.3.1 - openSUSE Leap 15.1 (x86_64): ibus-gtk-32bit-1.5.19-lp151.2.3.1 ibus-gtk-32bit-debuginfo-1.5.19-lp151.2.3.1 ibus-gtk3-32bit-1.5.19-lp151.2.3.1 ibus-gtk3-32bit-debuginfo-1.5.19-lp151.2.3.1 libibus-1_0-5-32bit-1.5.19-lp151.2.3.1 libibus-1_0-5-32bit-debuginfo-1.5.19-lp151.2.3.1 python-ibus-1.5.19-lp151.2.3.1 - openSUSE Leap 15.1(noarch): ibus-lang-1.5.19-lp151.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-14822.html https://bugzilla.suse.com/1150011 -- . The latest openSUSE release includes a vital security update for ibus, targeting significant misconfiguration vulnerabilities to protect user systems from threats. openSUSE Security Update, ibus patch, local user threat. . Severity: Important. LinuxSecurity.com Team
Sep 26, 2019
•Important
OpenSUSE
202
security advisoryDoSimportantopenSUSE Leap 15.0: 2019:2174-1 Important: ibus DoS Risk
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ibus ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2174-1 Rating: important References: #1150011 Cross-References: CVE-2019-14822 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user. (bsc#1150011) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2174=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): ibus-1.5.17-lp150.4.3.1 ibus-debuginfo-1.5.17-lp150.4.3.1 ibus-debugsource-1.5.17-lp150.4.3.1 ibus-devel-1.5.17-lp150.4.3.1 ibus-gtk-1.5.17-lp150.4.3.1 ibus-gtk-debuginfo-1.5.17-lp150.4.3.1 ibus-gtk3-1.5.17-lp150.4.3.1 ibus-gtk3-debuginfo-1.5.17-lp150.4.3.1 libibus-1_0-5-1.5.17-lp150.4.3.1 libibus-1_0-5-debuginfo-1.5.17-lp150.4.3.1 python-ibus-1.5.17-lp150.4.3.1 typelib-1_0-IBus-1_0-1.5.17-lp150.4.3.1 - openSUSE Leap 15.0 (noarch): ibus-branding-openSUSE-KDE-1.5.17-lp150.4.3.1 ibus-lang-1.5.17-lp150.4.3.1 - openSUSE Leap 15.0 (x86_64): ibus-gtk-32bit-1.5.17-lp150.4.3.1 ibus-gtk-32bit-debuginfo-1.5.17-lp150.4.3.1 ibus-gtk3-32bit-1.5.17-lp150.4.3.1 ibus-gtk3-32bit-debuginfo-1.5.17-lp150.4.3.1 libibus-1_0-5-32bit-1.5.17-lp150.4.3.1 libibus-1_0-5-32bit-debuginfo-1.5.17-lp150.4.3.1 python3-ibus-1.5.17-lp150.4.3.1 References: https://www.suse.com/security/cve/CVE-2019-14822.html https://bugzilla.suse.com/1150011 -- . A significant enhancement for NetworkManager in Fedora addressing a severe configuration flaw. Discover further details today.. openSUSE Security Update, ibus patch, important security fix. . Severity: Important. LinuxSecurity.com Team
Sep 24, 2019
•Important
OpenSUSE
100
security advisorySUSEserver issueSUSE: 2019:2389-1 Important: ibus DBus Misconfiguration Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for ibus ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:2389-1 Rating: important References: #1150011 Cross-References: CVE-2019-14822 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 7 SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Workstation Extension 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Desktop 12-SP5 SUSE Linux Enterprise Desktop 12-SP4 SUSE Enterprise Storage 5 SUSE Enterprise Storage 4 HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user. (bsc#1150011) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods likeYaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2019-2389=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2019-2389=1 - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2019-2389=1 - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2019-2389=1 - SUSE Linux Enterprise Workstation Extension 12-SP4: zypper in -t patch SUSE-SLE-WE-12-SP4-2019-2389=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2019-2389=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-2389=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2019-2389=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-2389=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2019-2389=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-2389=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-2389=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2019-2389=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-2389=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-2389=1 - SUSE Linux Enterprise Desktop 12-SP5: zypper in -t patch SUSE-SLE-DESKTOP-12-SP5-2019-2389=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-2389=1 - SUSE Enterprise Storage 5: zypper in -t patch SUSE-Storage-5-2019-2389=1 - SUSEEnterprise Storage 4: zypper in -t patch SUSE-Storage-4-2019-2389=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2019-2389=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE OpenStack Cloud Crowbar 8 (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE OpenStack Cloud 8 (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE OpenStack Cloud 8 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE OpenStack Cloud 7 (s390x x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE OpenStack Cloud 7 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk3-32bit-1.5.13-15.11.2 ibus-gtk3-debuginfo-32bit-1.5.13-15.11.2 libibus-1_0-5-32bit-1.5.13-15.11.2 libibus-1_0-5-debuginfo-32bit-1.5.13-15.11.2 python-ibus-1.5.13-15.11.2 - SUSE Linux Enterprise Workstation Extension 12-SP4(x86_64): ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk3-32bit-1.5.13-15.11.2 ibus-gtk3-debuginfo-32bit-1.5.13-15.11.2 libibus-1_0-5-32bit-1.5.13-15.11.2 libibus-1_0-5-debuginfo-32bit-1.5.13-15.11.2 python-ibus-1.5.13-15.11.2 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-devel-1.5.13-15.11.2 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-devel-1.5.13-15.11.2 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server for SAP 12-SP3 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP5 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP4 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP3-LTSS (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP3-BCL (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Desktop 12-SP5 (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-32bit-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 ibus-gtk3-debuginfo-32bit-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-32bit-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 libibus-1_0-5-debuginfo-32bit-1.5.13-15.11.2 python-ibus-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Desktop 12-SP5 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-32bit-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 ibus-gtk3-debuginfo-32bit-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-32bit-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 libibus-1_0-5-debuginfo-32bit-1.5.13-15.11.2 python-ibus-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Linux Enterprise Desktop 12-SP4 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Enterprise Storage 5 (aarch64 x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - SUSE Enterprise Storage 5 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Enterprise Storage 4 (noarch): ibus-lang-1.5.13-15.11.2 - SUSE Enterprise Storage 4 (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 - HPE Helion Openstack 8 (noarch): ibus-lang-1.5.13-15.11.2 - HPE Helion Openstack 8 (x86_64): ibus-1.5.13-15.11.2 ibus-debuginfo-1.5.13-15.11.2 ibus-debugsource-1.5.13-15.11.2 ibus-gtk-1.5.13-15.11.2 ibus-gtk-debuginfo-1.5.13-15.11.2 ibus-gtk3-1.5.13-15.11.2 ibus-gtk3-debuginfo-1.5.13-15.11.2 libibus-1_0-5-1.5.13-15.11.2 libibus-1_0-5-debuginfo-1.5.13-15.11.2 typelib-1_0-IBus-1_0-1.5.13-15.11.2 References: https://www.suse.com/security/cve/CVE-2019-14822.html https://bugzilla.suse.com/1150011 _______________________________________________ sle-security-updates mailing list
Sep 17, 2019
•Important
SuSE
203
security advisorycrashflawMageia: 2019-0082 Moderate: radvd Race Condition Leading to Crash
A flaw was found in radvd. In case of misconfiguration a race condition between privsep and main thread occurs. This leads to double-free and crashing of radvd (rhbz#1669297). References: . MGASA-2019-0082 - Updated radvd packages fix security vulnerability Publication date: 14 Feb 2019 URL: https://advisories.mageia.org/MGASA-2019-0082.html Type: security Affected Mageia releases: 6 A flaw was found in radvd. In case of misconfiguration a race condition between privsep and main thread occurs. This leads to double-free and crashing of radvd (rhbz#1669297). References: - https://bugs.mageia.org/show_bug.cgi?id=24288 - https://lists.fedoraproject.org/archives/list/
Feb 14, 2019
Mageia
89
security advisoryupdateFedoraFedora 27: 2018-0b48740047 Moderate: Tomcat Update Rebase to 8.0.49
This update includes a rebase from 8.0.47 to 8.0.49.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-0b48740047 2018-02-06 15:24:55.360276 --------------------------------------------------------------------------------Name : tomcat Product : Fedora 27 Version : 8.0.49 Release : 1.fc27 URL : https://tomcat.apache.org/ Summary : Apache Servlet/JSP Engine, RI for Servlet 3.1/JSP 2.3 API Description : Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. --------------------------------------------------------------------------------Update Information: This update includes a rebase from 8.0.47 to 8.0.49. --------------------------------------------------------------------------------References: [ 1 ] Bug #1541081 - CVE-2017-15706 tomcat: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1541081 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade tomcat' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Feb 06, 2018
•Important
Fedora
89
security advisorysecurity updateFedoraFedora 23 FEDORA-2015-15200 Critical: php-doctrine-cache Misconfiguration
CVE-2015-5723 https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-15200 2015-09-18 18:29:10.317553 -------------------------------------------------------------------------------- Name : php-doctrine-cache Product : Fedora 23 Version : 1.4.2 Release : 1.fc23 URL : https://github.com/doctrine/cache Summary : Doctrine Cache Description : Cache component extracted from the Doctrine Common project. Optional: * APC (php-pecl-apc) * Couchbase () * Memcache (php-pecl-memcache) * Memcached (php-pecl-memcached) * MongoDB (php-pecl-mongo) * Redis (php-pecl-redis) * Riak () * XCache (php-xcache) -------------------------------------------------------------------------------- Update Information: CVE-2015-5723 https://www.doctrine-project.org/2015/08/31/security_misconfiguration_vulnerability_in_various_doctrine_projects.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1258670 - php-doctrine-cache-v1.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1258670 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-doctrine-cache' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Sep 18, 2015
•Critical
Fedora
89
security advisorysecurity issueFedoraFedora: 2015:15206 Moderate Security Update for php-doctrine-bundle
## 1.5.2 (2015-08-31) ### Security: * Fix Security Misconfiguration Vulnerability, allowing potential local arbitrary code execution * CVE-2015-5723 * guration_vulnerability_in_various_doctrine_projects.html ## 1.5.1 (2015-08-12) ### Bugfix: * Fixed the JS expanding all queries in the profiler in case of. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-15206 2015-09-14 18:16:15.194940 -------------------------------------------------------------------------------- Name : php-doctrine-doctrine-bundle Product : Fedora 22 Version : 1.5.2 Release : 1.fc22 URL : https://github.com/doctrine/DoctrineBundle Summary : Symfony Bundle for Doctrine Description : Doctrine DBAL & ORM Bundle for the Symfony Framework. Optional: * Doctrine ORM (2.3
Sep 14, 2015
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!