Multiple Shadow utilities were installed with setuid permissions, allowing possible root privilege escalation. Continue Reading — Gentoo: GLSA-202008-09: Shadow: Privilege escalation>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rati… Continue Reading —...
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity r… Continue Reading —...
It was discovered that there was an issue where kmail would default to using unencrypted POP3 communication despite the UI indicating that encryption was in use (CVE-2020-15954). References: Continue Reading — Mageia 2020-0346: kdepim-runtime and kmail-account-wizard security update>
Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability ca… Continue Reading — Mageia 2020-0345: mysql-connector-python security update>
The updated packages fix security vulnerabilities: A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. (CVE-2… Continue Reading — Mageia 2020-0344: ghostscript security update>
Hash collisions in IPv4Interface and IPv6Interface could lead to DOS (CVE-2020-14422). References: – https://bugs.mageia.org/show_bug.cgi?id=27056 Continue Reading — Mageia 2020-0343: python-ipaddress security update>