Several security improvements were added to Samba. Continue Reading — Ubuntu 4559-1: Samba update>

Several security issues were fixed in Tomcat. Continue Reading — Ubuntu 4557-1: Tomcat vulnerabilities>

Updated Satellite 6.7 packages that fix several bugs are now available for Red Hat Satellite. 2. Relevant releases/architectures: Red Hat Satellite 6.7 – noarch Continue Reading — RedHat: RHSA-2020-4127:01 Important: Satellite 6.7.4 Async Bug Fix Update>

Multiple security issues were discovered in MediaWiki: SpecialUserRights could leak whether a user existed or not, multiple code paths lacked HTML sanitisation allowing for cross-site scripting and TOTP validation applied insufficient rate limiting aga… Continue Reading — Mageia 2020-0381: mediawiki security update>

When Samba is used as a domain controller, an unauthenticated attacker on the network can gain administrator access by exploiting a netlogon protocol flaw (CVE-2020-1472). Note that Samba installations are not vulnerable unless they have the smb.conf Continue Reading — Mageia 2020-0380: samba security update>

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the appli… Continue Reading...

AppCache manifest poisoning due to url encoded character processing (CVE-2020-12415). Use-after-free in WebRTC VideoBroadcaster (CVE-2020-12416). Continue Reading — Mageia 2020-0378: Thunderbird security update>

Mozilla developer Jason Kratzer reported memory safety bugs present in Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2… Continue Reading — Mageia...

An update for openvswitch2.11, ovirt-ansible-repositories, ovn2.11, and python-ovirt-engine-sdk4 is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this… Continue Reading — RedHat: RHSA-2020-4114:01 Moderate: Red Hat Virtualization security...

An update for squid is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ratin… Continue Reading —...