Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) * Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-68… Continue Reading — SciLinux: SLSA-2020-0905-1 Important: thunderbird on SL7.x x86_64>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
A flaw in PyYAML might allow attackers to execute arbitrary code. Continue Reading — Gentoo: GLSA-202003-45: PyYAML: Arbitrary code execution>
A heap-based buffer overflow in Binary diff might allow remote attackers to execute arbitrary code. Continue Reading — Gentoo: GLSA-202003-44: Binary diff: Heap-based buffer overflow>
The kernel’s memory-management subsystem goes to great lengths to keep the pages that are actually in use in memory. But sometimes it gets things wrong, leading to reduced performance or, in the worst cases, flat-out thrashing. We may be about… Continue Reading — [$] Working-set...
Continue Reading — How do I set up an IAM user and sign in to the AWS Management Console using IAM credentials?
Here’s a detailed blog post on how the Qubes distribution is working to isolate the graphical interface from the rest of the system. “The upcoming 4.1 release changes this protocol to a more flexible form. It will no longer use direct memory addresses, but an abstract...
Continue Reading — How can I use Sysprep to create and install custom reusable Windows AMIs?
Multiple vulnerabilities have been found in Apache Tomcat, the worst of which could lead to arbitrary code execution. Continue Reading — Gentoo: GLSA-202003-43: Apache Tomcat: Multiple vulnerabilities>