|
Debian: DSA-3900-1: openvpn security update (Jun 27) |
|
Several issues were discovered in openvpn, a virtual private network application. CVE-2017-7479
|
|
Debian: DSA-3886-2: linux regression update (Jun 27) |
|
The security update announced as DSA-3886-1 caused regressions for some applications using Java - including jsvc, LibreOffice and Scilab - due to the fix for CVE-2017-1000364. Updated packages are now available to correct this issue. For reference, the relevant part of the original
|
|
Debian: DSA-3899-1: vlc security update (Jun 27) |
|
Several vulnerabilities have been found in VLC, the VideoLAN project's media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code.
|
|
Debian: DSA-3898-1: expat security update (Jun 25) |
|
Multiple vulnerabilities have been discovered in Expat, an XML parsing C library. The Common Vulnerabilities and Exposures project identifies the following problems:
|
|
Debian: DSA-3897-1: drupal7 security update (Jun 24) |
|
Two vulnerabilities were discovered in Drupal, a fully-featured content management framework. The Common Vulnerabilities and Exposures project identifies the following issues:
|
|
Debian: DSA-3896-1: apache2 security update (Jun 22) |
|
Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-3167
|
|
Debian: DSA-3895-1: flatpak security update (Jun 22) |
|
It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation.
|
|
Debian: DSA-3894-1: graphite2 security update (Jun 22) |
|
Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed.
|
|
Debian: DSA-3893-1: jython security update (Jun 22) |
|
Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer.
|
|
Debian: DSA-3892-1: tomcat7 security update (Jun 22) |
|
Aniket Nandkishor Kulkarni discovered that in tomcat7, a servlet and JSP engine, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results,
|
|
Debian: DSA-3891-1: tomcat8 security update (Jun 22) |
|
Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results,
|
|
|
|
Fedora 25: systemd Security Update (Jun 29) |
|
A fix for an out-of-bounds write in systemd-resolved after a crafted DNS packet (CVE-2017-9445). No need to reboot or log out.
|
|
Fedora 25: tomcat Security Update (Jun 29) |
|
This update includes a rebase from 8.0.43 up to 8.0.44 which resolves a single CVE along with various other bugs/features: * rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
|
|
Fedora 25: chromium-native_client Security Update (Jun 29) |
|
Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085
|
|
Fedora 24: tomcat Security Update (Jun 29) |
|
This update includes a rebase from 8.0.43 up to 8.0.44 which resolves a single CVE along with various other bugs/features: * rhbz#1459160 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
|
|
Fedora 26: systemd Security Update (Jun 29) |
|
A fix for an out-of-bounds write in systemd-resolved after a crafted DNS packet (CVE-2017-9445). No need to reboot or log out.
|
|
Fedora 25: c-ares Security Update (Jun 28) |
|
CVE-2017-1000381: c-ares NAPTR parser out of bounds access
|
|
Fedora 25: mercurial Security Update (Jun 26) |
|
Fixes CVE-2017-9462.
|
|
Fedora 24: mercurial Security Update (Jun 26) |
|
Fixes CVE-2017-9462.
|
|
Fedora 24: chromium Security Update (Jun 26) |
|
Update to .104. Fix mp3 playback. Security fix for CVE-2017-5087, CVE-2017-5088, CVE-2017-5089
|
|
Fedora 26: bind Security Update (Jun 26) |
|
* New upstream release * Security fix for CVE-2017-3140
|
|
Fedora 26: kdepim4 Security Update (Jun 26) |
|
Security fix for CVE-2016-7968
|
|
Fedora 26: kmail Security Update (Jun 26) |
|
CVE-2017-9604 kmail: Send Later with Delay bypasses OpenPGP
|
|
Fedora 26: kf5-messagelib Security Update (Jun 26) |
|
Security fix for CVE-2017-9604
|
|
Fedora 26: chromium-native_client Security Update (Jun 26) |
|
Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085
|
|
Fedora 25: wireshark Security Update (Jun 25) |
|
Rebase to the newest upstream release. This release contains only bug fixes, most notably fixes for many CVEs. There are no new features.
|
|
Fedora 24: glibc Security Update (Jun 24) |
|
This update addresses CVE-2017-1000366, a vulnerability in the dynamic linker allowing local privilege escalation.
|
|
Fedora 26: libsndfile Security Update (Jun 23) |
|
fix CVE-2017-6892
|
|
Fedora 26: kernel Security Update (Jun 23) |
|
The 4.11.6 update contains a number of important fixes across the tree, including the recently announced "stack clash"
|
|
Fedora 26: openvpn Security Update (Jun 23) |
|
Updates to the latest upstream OpenVPN 2.4.3, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. This update also re-enables automatic restart of OpenVPN on the next updates. For this update, the restart needs to be done manually.
|
|
Fedora 25: kernel Security Update (Jun 23) |
|
The 4.11.6 update contains a number of important fixes across the tree, including the recently announced "stack clash"
|
|
Fedora 25: openvpn Security Update (Jun 23) |
|
Updates to the latest upstream OpenVPN 2.4.3, containing security updates for CVE-2017-7508, CVE-2017-7520 and CVE-2017-7521. This update also re-enables automatic restart of OpenVPN on the next updates. For this update, the restart needs to be done manually.
|
|
Fedora 25: chromium Security Update (Jun 23) |
|
Update to .104. Fix mp3 playback. Security fix for CVE-2017-5087, CVE-2017-5088, CVE-2017-5089
|
|
Fedora 24: firefox Security Update (Jun 23) |
|
Latest update of web browser application.
|
|
Fedora 24: kernel Security Update (Jun 23) |
|
The 4.11.6 update contains a number of important fixes across the tree, including the recently announced "stack clash"
|
|
Fedora 26: webkitgtk4 Security Update (Jun 23) |
|
This update addresses the following vulnerabilities: * [CVE-2017-2538](https://www.cve.org/CVERecord?id=CVE-2017-2538) Additional fixes: * Fix web process deadlock when seeking youtube videos. * Fix blob downloads. * Improve theme rendering performance when using GTK+ >= 3.20. * Fix positioning of popup menus in Wayland. * Fix several crashes and rendering
|
|
Fedora 25: thunderbird Security Update (Jun 22) |
|
For changes see https://www.thunderbird.net/en-US/thunderbird/52.2.0/releasenotes/
|
|
Fedora 25: glibc Security Update (Jun 22) |
|
This update addresses CVE-2017-1000366, a vulnerability in the dynamic linker allowing local privilege escalation.
|
|
Fedora 26: libffi Security Update (Jun 22) |
|
Disable executable stack for aarch64 builds.
|
|
Fedora 26: glibc Security Update (Jun 22) |
|
This update addresses CVE-2017-1000366, a vulnerability in the dynamic linker allowing local privilege escalation.
|
|
Fedora 26: c-ares Security Update (Jun 22) |
|
CVE-2017-1000381: c-ares NAPTR parser out of bounds access
|
|
Fedora 26: chromium Security Update (Jun 22) |
|
Update to .104. Fix mp3 playback. Security fix for CVE-2017-5087, CVE-2017-5088, CVE-2017-5089
|
|
Fedora 26: love Security Update (Jun 22) |
|
Rebuild for new luajit
|
|
|
|
(Jun 27) |
|
A vulnerability in KAuth and KDELibs allows local users to gain root privileges.
|
|
(Jun 27) |
|
Multiple vulnerabilities have been found in LibreOffice, the worst of which allows for the remote execution of arbitrary code.
|
|
(Jun 27) |
|
A vulnerability in FreeRADIUS might allow remote attackers to bypass authentication.
|
|
(Jun 22) |
|
Multiple vulnerabilities have been found in Vim and gVim, the worst of which might allow remote attackers to execute arbitrary code.
|
|
(Jun 22) |
|
An out-of-bounds write in Graphite might allow remote attackers to execute arbitrary code.
|
|
(Jun 22) |
|
Multiple vulnerabilities have been found in jbig2dec, the worst of which might allow remote attackers to execute arbitrary code.
|
|
(Jun 22) |
|
Multiple vulnerabilities have been found in Urban Terror, the worst of which allows for the remote execution of arbitrary code.
|
|
(Jun 22) |
|
Multiple vulnerabilities have been found in libksba which might allow remote attackers to obtain sensitive information or crash an libksba-based application. [More...]
|
|
(Jun 22) |
|
A cache-related side channel vulnerability was found in nettle which might allow an attacker to obtain sensitive information.
|
|
|
|
Slackware: 2017-180-03: httpd Security Update (Jun 29) |
|
New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
|
|
Slackware: 2017-180-02: bind Security Update (Jun 29) |
|
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
|
|
Slackware: 2017-180-01: Slackware 14.1 kernel Security Update (Jun 29) |
|
New kernel packages are available for Slackware 14.1 to fix security issues.
|
|
Slackware: 2017-180-04: libgcrypt Security Update (Jun 29) |
|
New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue.
|
|
Slackware: 2017-177-01: kernel Security Update (Jun 26) |
|
New kernel packages are available for Slackware 14.2 and -current to fix security issues.
|
|
|
|
SuSE: 2017:1738-1: important: bind (Jun 29) |
|
An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available.
|
|
SuSE: 2017:1736-1: important: bind (Jun 29) |
|
An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available.
|
|
SuSE: 2017:1737-1: important: bind (Jun 29) |
|
An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available.
|
|
SuSE: 2017:1735-1: important: the Linux kernel (Jun 29) |
|
An update that contains security fixes can now be installed. An update that contains security fixes can now be installed. An update that contains security fixes can now be installed.
|
|
SuSE: 2017:1718-1: important: openvpn-openssl1 (Jun 29) |
|
An update that solves 5 vulnerabilities and has one errata An update that solves 5 vulnerabilities and has one errata An update that solves 5 vulnerabilities and has one errata is now available. is now available.
|
|
SuSE: 2017:1716-1: important: clamav (Jun 29) |
|
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.
|
|
SuSE: 2017:1715-1: important: xen (Jun 29) |
|
An update that solves three vulnerabilities and has 6 fixes An update that solves three vulnerabilities and has 6 fixes An update that solves three vulnerabilities and has 6 fixes is now available. is now available.
|
|
SuSE: 2017:1709-1: important: php53 (Jun 28) |
|
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.
|
|
SuSE: 2017:1707-1: important: the Linux kernel (Jun 28) |
|
An update that contains security fixes can now be installed. An update that contains security fixes can now be installed. An update that contains security fixes can now be installed.
|
|
SuSE: 2017:1706-1: important: the Linux Kernel (Jun 27) |
|
An update that contains security fixes can now be installed. An update that contains security fixes can now be installed. An update that contains security fixes can now be installed.
|
|
SuSE: 2017:1704-1: important: the Linux kernel (Jun 27) |
|
An update that contains security fixes can now be installed. An update that contains security fixes can now be installed. An update that contains security fixes can now be installed.
|
|
SuSE: 2017:1701-1: important: jakarta-taglibs-standard (Jun 26) |
|
An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.
|
|
openSUSE: 2017:1697-1: important: sudo (Jun 26) |
|
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.
|
|
SuSE: 2017:1696-1: important: kernel-source (Jun 26) |
|
An update that contains security fixes can now be installed. An update that contains security fixes can now be installed. An update that contains security fixes can now be installed.
|
|
openSUSE: 2017:1685-1: important: the Linux Kernel (Jun 26) |
|
An update that solves one vulnerability and has 27 fixes is An update that solves one vulnerability and has 27 fixes is An update that solves one vulnerability and has 27 fixes is now available. now available.
|
|
openSUSE: 2017:1680-1: important: openvpn (Jun 26) |
|
An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available.
|
|
SuSE: 2017:1669-1: important: MozillaFirefox, MozillaFirefox-branding-SLE (Jun 26) |
|
An update that fixes 50 vulnerabilities is now available. An update that fixes 50 vulnerabilities is now available. An update that fixes 50 vulnerabilities is now available.
|
|
SuSE: 2017:1660-1: important: tomcat (Jun 23) |
|
An update that fixes 12 vulnerabilities is now available. An update that fixes 12 vulnerabilities is now available. An update that fixes 12 vulnerabilities is now available.
|
|
|
|
Ubuntu 3346-1: bind9 vulnerabilities (Jun 29) |
|
Bind could be made to serve incorrect information or expose sensitive information over the network.
|
|
Ubuntu 3342-2: Linux kernel (HWE) vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3323-2: GNU C Library vulnerability (Jun 29) |
|
Gnu C library could be made to run programs as an administrator.
|
|
Ubuntu 3343-2: Linux kernel (Trusty HWE) vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3345-1: Linux kernel vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3338-2: Linux kernel regression (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3344-2: Linux kernel (Xenial HWE) vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3342-1: Linux kernel vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3344-1: Linux kernel vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3343-1: Linux kernel vulnerabilities (Jun 29) |
|
Several security issues were fixed in the Linux kernel.
|
|
Ubuntu 3341-1: Systemd vulnerability (Jun 27) |
|
systemd-resolved could be made to crash or run programs if it received a specially crafted DNS response.
|
|
Ubuntu 3340-1: Apache HTTP Server vulnerabilities (Jun 26) |
|
Several security issues were fixed in Apache HTTP Server.
|
|
Ubuntu 3339-1: OpenVPN vulnerabilities (Jun 22) |
|
Several security issues were fixed in OpenVPN.
|
|
Ubuntu 0024-1: Linux kernel vulnerability (Jun 22) |
|
Several security issues were fixed in the kernel.
|
Jun 30, 2017
•
Anthony Pell
PREVIOUS
NEXT
