The 5.8.12, 5.4.68, and 4.19.148 stable kernels have been released; each contains another set of important fixes. Continue Reading — A small set of stable kernels
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
The mount.cifs utility has a shell injection issue where one can embed shell commands via the username mount option. Those commands will be run via popen() in the context of the user calling mount (CVE-2020-14342). References: Continue Reading — Mageia 2020-0376: cifs-utils security update>
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting d… Continue...
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. (CVE-2017-18635) References: Continue Reading — Mageia 2020-0374:...
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. (CVE-2020-25219) Continue Reading — Mageia 2020-0373: libproxy security update>
The nodejs package has been updated to the latest version in the 10.x branch, which is 10.22.1 at this time. It fixes several security issues and other bugs. See the upstream changelog and advisories for details. References: Continue Reading — Mageia 2020-0372: nodejs security update>
fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of the password (CVE-2020-12755). Continue Reading — Mageia 2020-0371: kio-extras security update>
An update that solves one vulnerability and has 6 fixes is now available. Continue Reading — openSUSE: 2020:1552-1: moderate: conmon, fuse-overlayfs, libcontainers-common, podman>
Calibre, the popular eBook manager, editor, and reader recently gained some new features. We look at what’s new in Calibre 5.0.1 and show you how to get it. This post, Calibre 5 Released with eBook Highlighting, Switches to Python 3 is from OMG! Ubuntu… Continue...