Ubuntu Security Notice 4230-2 - USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
c6be35a15063cde7ea70940962dd6cf7e7c4be37bb06f6a5cf42df85454b62a6Ubuntu Security Notice 4233-2 - USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm. Various other issues were also addressed.
48627f3cc778abc3900d704a88a95b86bedcd0d00322dce1949996ff7b442159Red Hat Security Advisory 2020-0215-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
ba8e323dd6d82fc2d86718cf85c1a492bd14b69f8df1602e71372949e8344871Red Hat Security Advisory 2020-0218-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
54d99b79d75f732352fa6bc9a398477f7e84660f5e7b58d876aabfb708693860Red Hat Security Advisory 2020-0216-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
bd2b6102033df520889ec0fe2dc6729b30132e7283e5688c2e9a705dbe51979dRed Hat Security Advisory 2020-0217-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
22a7bda176a19136b6c9b8837bcad7df12774171071b10980fe883a9cc31eab7Ubuntu Security Notice 4247-3 - USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Various other issues were also addressed.
8bddca56dbb4a79bec4c879b8ff74ac63d10d8587c17c8bd9ba9567aefc29c61Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
87c60273c35d544256e471b403497be33f24df662673338236ec92ba3fc1f8b7qdPM version 9.1 suffers from a remote code execution vulnerability.
7e38839c57fb28f501a4b08fba6935a0fba1a06153b69a44056f7c139d22ed77Umbraco CMS version 8.2.2 suffers from cross site request forgery vulnerabilities.
98445d4e93cc2900f5594fe3e8c8583a070898d56bfa6014bb215a90ebac81beRed Hat Security Advisory 2020-0214-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 79.0.3945.130. Issues addressed include a use-after-free vulnerability.
46df82a1d7951b5aab18e5614c1e38da7df43eefffeda0cbefb8901f600af955Ubuntu Security Notice 4249-1 - It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.
c7e01c28f33f62032e35e64564b339e695d3b0b58a8fe882259ddd8e841dbe52Ubuntu Security Notice 4247-2 - USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. Various other issues were also addressed.
c5c90b310d7f5f0416773ced5efb38ab57d54948ec0f54e9541ce80aac0c7b0fPachev FTP Server version 1.0 suffers from a path traversal vulnerability.
fce413bdfabb6b3915f35ab909f61f24a643c6aa052c9135d2737a1eb83f5a47BOOTP Turbo version 2.0 SEH denial of service proof of concept exploit.
4db8d480c1490e0ceaf69100cf1cbe4af9a7ab18d90d91ad177474fee888fd2aRed Hat Security Advisory 2020-0204-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, heap overflow, and use-after-free vulnerabilities.
b8530fb9276e80ebe2fec5b38a7dd5cf3a19b3a0b32577a66ec4d709877292f7Ubuntu Security Notice 4246-1 - It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
96fd07ce458fb8e61373e902d959b958850935f8f23a8cce5911e7b2eb804982Ubuntu Security Notice 4248-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
d69fb75ca770c778259412c98fe692a2c6aebc454b35f7d0332f43a9069ad63fUbuntu Security Notice 4247-1 - It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations.
402fb2d1cf0e095a11a20ae7a60a1b22d65ad8b15259576de22ffc2b62eddc30
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed