Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base


Debian: DSA-4673-1: tomcat8 security update>

Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in HTTP request smuggling and code execution in the AJP connector (disabled by default in Debian). Continue Reading — Debian: DSA-4673-1: tomcat8 security update>


Debian LTS: DLA-2200-1: mailman security update>

A vulnerability was discovered in mailman. GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against Continue Reading — Debian LTS: DLA-2200-1: mailman security update>


Fedora 30: openvpn FEDORA-2020-969414e05b>

Update to latest upstream OpenVPN 2.4.9 release. It contains a security fix for CVE-2020-11810. This security issue is quite hard to abuse, requiring a fairly precise timing attack combined with guessing a just assigned peer-id reference. If successful… Continue Reading — Fedora 30: openvpn FEDORA-2020-969414e05b>


Fedora 30: chromium FEDORA-2020-0e7f1b663b>

Another day, another chromium update. This one fixes: CVE-2020-6458 CVE-2020-6459 CVE-2020-6460 —- Fix dependency issue introduced when switching from a “shared” build to a “static” build. —- A new major version of Chromium without any security bug… Continue Reading — Fedora 30: chromium FEDORA-2020-0e7f1b663b>


A pair of stable kernels

The 5.6.9 and 5.4.37 stable updates have been released with another set of important fixes. Note that the 4.19.120, 4.14.178, 4.9.221, and 4.4.221 updates went into the review process at the same time as 5.6.9 and 5.4.37; they will probably show… Continue Reading — A...


Get every new post delivered to your Inbox

Join other followers

Page 744 of 2989