Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
200

Scientific Linux 7: SLSA-2014:1801-1 Moderate: Shim Heap Overflow Fix

Moderate: shim security update. Date: Tue, 10 Feb 2015 09:37:35 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 7x x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to x86_64: libvirt-1.1.1-29.el7_0.7.x86_64.rpm libvirt-client-1.1.1-29.el7_0.7.i686.rpm libvirt-client-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-config-network-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-interface-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-lxc-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-network-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-qemu-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-secret-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-driver-storage-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-kvm-1.1.1-29.el7_0.7.x86_64.rpm libvirt-daemon-lxc-1.1.1-29.el7_0.7.x86_64.rpm libvirt-devel-1.1.1-29.el7_0.7.i686.rpm libvirt-devel-1.1.1-29.el7_0.7.x86_64.rpm libvirt-docs-1.1.1-29.el7_0.7.x86_64.rpm libvirt-lock-sanlock-1.1.1-29.el7_0.7.x86_64.rpm libvirt-login-shell-1.1.1-29.el7_0.7.x86_64.rpm libvirt-python-1.1.1-29.el7_0.7.x86_64.rpm resource-agents-3.9.5-26.el7_0.7.x86_64.rpm tzdata-2015a-1.el7.noarch.rpm tzdata-java-2015a-1.el7.noarch.rpm Date: Tue, 10 Feb 2015 21:57:39 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: Security ERRATA Moderate: shim on SL7.x x86_64 MIME-Version: 1.0 Synopsis: Moderate: shim security update Advisory ID: SLSA-2014:1801-1 Issue Date: 2014-11-04 CVE Numbers: CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 -- A heap-based buffer overflow flaw was found the way shim parsed certain IPv6 addresses. If IPv6 network booting was enabled, a malicious server could supply a crafted IPv6 address thatwould cause shim to crash or, potentially, execute arbitrary code. (CVE-2014-3676) An out-of-bounds memory write flaw was found in the way shim processed certain Machine Owner Keys (MOKs). A local attacker could potentially use this flaw to execute arbitrary code on the system. (CVE-2014-3677) An out-of-bounds memory read flaw was found in the way shim parsed certain IPv6 packets. A specially crafted DHCPv6 packet could possibly cause shim to crash, preventing the system from booting if IPv6 booting was enabled. (CVE-2014-3675) The system must be rebooted for this update to take effect. -- SL7 x86_64 mokutil-0.7-8.el7_0.x86_64.rpm shim-0.7-8.el7_0.x86_64.rpm shim-debuginfo-0.7-8.el7_0.x86_64.rpm shim-unsigned-0.7-8.el7_0.x86_64.rpm - Scientific Linux Development Team . Routine shim patch for Scientific Linux resolves buffer overflow and memory vulnerabilities. Restart required.. Scientific Linux, Shim Update, Heap Overflow, Network Boot, Local Attack. . LinuxSecurity.com Team

Calendar%202 Feb 10, 2015 Scientific Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200