openSUSE: 2021:0043-1 moderate: tomcat>
An update that fixes one vulnerability is now available. Continue Reading — openSUSE: 2021:0043-1 moderate: tomcat>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
A Linux Admin’s Getting Started Guide to Improving PHP Security>
Running PHP on a Linux web server is a prerequisite for the use of many popular applications such as WordPress, Joomla and Drupal. Linux administrators and web developers must approach PHP with caution, as new vulnerabilities in poorly written and impl… Continue Reading — A...
Firefox 86 Will Support Next-Gen Image Format by Default
Firefox will support the AVIF image format out-of-the-box from next month. A bug report shows Mozilla devs plan to ship Firefox 86, due in February 2020, with AVIF image support by default. AVIF images used […] This post, Firefox 86 Will Support Next-Gen Image Format by...
ArchLinux: 202101-7: mbedtls: private key recovery>
The package mbedtls before version 2.25.0-1 is vulnerable to private key recovery. Continue Reading — ArchLinux: 202101-7: mbedtls: private key recovery>
ArchLinux: 202101-6: chromium: multiple issues>
The package chromium before version 87.0.4280.141-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution and insufficient validation. Continue Reading — ArchLinux: 202101-6: chromium: multiple issues>
ArchLinux: 202101-5: firefox: arbitrary code execution>
The package firefox before version 84.0.2-1 is vulnerable to arbitrary code execution. Continue Reading — ArchLinux: 202101-5: firefox: arbitrary code execution>
Mageia 2021-0021: guava security update>
A temp directory creation vulnerability exist in Guava versions prior to 30.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava com.google.common.io.Files.createTempDir(). The permi… Continue Reading — Mageia 2021-0021: guava security update>
Mageia 2021-0020: tomcat security update>
While investigating Apache issue 64830 it was discovered that Apache Tomcat could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most… Continue Reading — Mageia 2021-0020: tomcat...
Mageia 2021-0019: cherokee security update>
Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. A remote unauthenticated attacker can crash the server by sending an HTTP request to protected resources using a malformed Authorization header that is mi… Continue Reading — Mageia...
openSUSE: 2021:0041-1 important: chromium>
An update that fixes 13 vulnerabilities is now available. Continue Reading — openSUSE: 2021:0041-1 important: chromium>