LinuxSecurity.com: This is an update to the latest upstream release, which disables the UDP port by default (CVE-2018-1000115). Continue Reading — Fedora 27: memcached Security Update
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
LinuxSecurity.com: It was discovered that gunicorn, an event-based HTTP/WSGI server was susceptible to HTTP Response splitting. For the oldstable distribution (jessie), this problem has been fixed Continue Reading — Debian: DSA-4186-1: gunicorn security update
LinuxSecurity.com: Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code or bypass of JAR signature validation. Continue Reading — Debian: DSA-4185-1: openjdk-8 security update
LinuxSecurity.com: CVE-2018-7033 An issue that could be used for SQL Injection attacks against SlurmDBD has been fixed. Continue Reading — Debian LTS: DLA-1367-1: slurm-llnl security update
LinuxSecurity.com: Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened. Continue Reading — Debian: DSA-4184-1: sdl-image1.2 security update
LinuxSecurity.com: An update is now available for Red Hat OpenShift Container Platform 3.8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a d… Continue Reading — RedHat: RHSA-2018-1229:01...
LinuxSecurity.com: Late last year, R. James Woolsey and Brian Fox wrote an op-ed piece about the security benefits of open sourcing election software. Woolsey is a former director of the Central Intelligence Agency. Fox is the creator of several open s… Continue Reading — Should...
LinuxSecurity.com: A wise person once said, “Insanity is doing the same thing over and over again and expecting different results.” However, in a recent survey done by CyberArk for its Global Advanced Threat Landscape Report 2018 (registration required… Continue Reading — Despite Risks, Nearly Half...
LinuxSecurity.com: It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception (TROVE-201… Continue Reading — Debian: DSA-4183-1: tor security update
LinuxSecurity.com: Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-6056 Continue Reading — Debian: DSA-4182-1: chromium-browser security update