• FACEBOOK
  • TWITTER
  • MASTODON
  • VKONTAKTE
  • GITHUB

GPL(GENERAL PUBLIC LICENSE) FREEDOM 0:
The freedom to run the program as you wish, for any purpose.
FREEDOM 1:
The freedom to study how the program works, and change it so it does your computing as you wish.
FREEDOM 2:
The freedom to redistribute copies so you can help others.
FREEDOM 3:
The freedom to distribute copies of your modified versions to others.

OS: Debian LTS
Debian LTS: DLA-2034-1: davical security update

Multiple cross-site scripting and cross-site request forgery issues were discovered in the DAViCal CalDAV Server.
Debian LTS: DLA-2033-1: php-horde security update

A vulnerability has been found in php-horde, the Horde Application Framework, which may result in information disclosure via cross-site scripting.
Debian LTS: DLA-2032-1: cacti security update

It was discovered that there was unsafe deserialisation issue in cacti, server monitoring system system. Unsafe deserialisation of objects which can lead to abuse of the
Debian LTS: DLA-2030-1: jackson-databind security update

More deserialization flaws were discovered in jackson-databind which could allow an unauthenticated user to perform remote code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.
OS: Mageia
Mageia 2019-0388: kernel security update

This update provides an update to 5.4 series kernels, currently based on upstream 5.4.2, adding support for new hardware and features, and fixing atleast the following security issue: KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
Mageia 2019-0387: ncurses security update

Updated ncurses packages fix security vulnerabilities: Heap-based buffer over-read in the _nc_find_entry function (CVE-2019-17594).
Mageia 2019-0386: signing-party security update

Updated signing-party package fixes security vulnerability: The gpg-key2ps tool in signing-party contained an unsafe shell call enabling shell injection via a User ID (CVE-2019-11627).
Mageia 2019-0385: proftpd security update

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server
OS: Redhat
RedHat: RHSA-2019-4201:01 Moderate: CloudForms 5.0.1 security,

An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
RedHat: RHSA-2019-4222:01 Critical: Red Hat OpenShift Service Mesh 1.0.3

Red Hat OpenShift Service Mesh 1.0.3. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
RedHat: RHSA-2019-4205:01 Important: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
RedHat: RHSA-2019-4096:01 Moderate: OpenShift Container Platform 4.2

An update for openshift-external-storage is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
OS: Slackware
Slackware: 2019-337-01: mozilla-firefox Security Update

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
Slackware: 2019-324-01: bind Security Update

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
Slackware: 2019-320-01: Slackware 14.2 kernel Security Update

New kernel packages are available for Slackware 14.2 to fix security issues.
Slackware: 2019-311-01: Slackware 14.2 kernel Security Update

New kernel packages are available for Slackware 14.2 to fix security issues.
OS: Debian
Debian: DSA-4584-1: spamassassin security update

Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805
Debian: DSA-4565-2: intel-microcode security update

This update ships updated CPU microcode for CFL-S (Coffe Lake Desktop) models of Intel CPUs which were not yet included in the Intel microcode update released as DSA 4565-1. For details please refer to https://www.intel.com/content/dam/www/public/us/en/security-advisory/documents/IPU-2019.2-microcode-update-guidance-v1.01.pdf
Debian: DSA-4583-1: spip security update

A vulnerability was discovered in the SPIP publishing system, which could result in unauthorised writes to the database by authors. The oldstable distribution (stretch) is not affected.
Debian: DSA-4582-1: davical security update

Multiple cross-site scripting and cross-site request forgery issues were discovered in the DAViCal CalDAV Server. For the oldstable distribution (stretch), these problems have been fixed
OS: Ubuntu
Ubuntu 4214-2: RabbitMQ vulnerability

RabbitMQ could be made to execute arbitrary code if it received a specially crafted input.
Ubuntu 4217-2: Samba vulnerabilities

Several security issues were fixed in Samba.
Ubuntu 4221-1: libpcap vulnerability

Applications using libpcap could be made to crash if given specially crafted data.
Ubuntu 4202-2: Thunderbird regression

USN-4202-1 caused a regression in Thunderbird.
OS: Suse
SUSE: 2019:3294-1 important: the Linux Kernel

An update that solves 16 vulnerabilities and has 124 fixes is now available.
SUSE: 2019:3296-1 important: xen

An update that fixes 6 vulnerabilities is now available.
SUSE: 2019:3293-1 important: libssh

An update that fixes one vulnerability is now available.
SUSE: 2019:3297-1 important: xen

An update that fixes 15 vulnerabilities is now available.
OS: Scientific
SciLinux: SLSA-2019-4205-1 Important: thunderbird on SL6.x i386/x86_64

This update upgrades Thunderbird to version 68.3.0. * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (CVE-2019-17012) * Mozilla: Buffer overflow in plain text serializer (CVE-2019-17005) * Mozilla: Use-after-free when performing device orientation checks (CVE-2019-17010) * Mozilla: Use-after-free when ret [More...]
SciLinux: SLSA-2019-4152-1 Important: nss-softokn on SL6.x i386/x86_64

nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) SL6 x86_64 nss-softokn-3.44.0-6.el6_10.i686.rpm nss-softokn-3.44.0-6.el6_10.x86_64.rpm nss-softokn-debuginfo-3.44.0-6.el6_10.i686.rpm nss-softokn-debuginfo-3.44.0-6.el6_10.x86_64.rpm nss-softokn-freebl-3.44.0-6.el6_10.i686.rpm nss-softokn-freebl-3 [More...]
SciLinux: SLSA-2019-4190-1 Important: nss, nss-softokn, nss-util on SL7.x x86_64

nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) SL7 x86_64 nss-3.44.0-7.el7_7.i686.rpm nss-3.44.0-7.el7_7.x86_64.rpm nss-debuginfo-3.44.0-7.el7_7.i686.rpm nss-debuginfo-3.44.0-7.el7_7.x86_64.rpm nss-so [More...]
SciLinux: SLSA-2019-4148-1 Important: thunderbird on SL7.x x86_64

This update upgrades Thunderbird to version 68.3.0. * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (CVE-2019-17012) * Mozilla: Buffer overflow in plain text serializer (CVE-2019-17005) * Mozilla: Use-after-free when performing device orientation checks (CVE-2019-17010) * Mozilla: Use-after-free when ret [More...]
OS: Fedora
Fedora 30: knot-resolver FEDORA-2019-44ccfa9b29

- update to upstream version 4.3.0 - fixes CVE-2019-19331 - root.keys is moved to /var/lib/knot-resolver - knot-resolver no longer requires write permission to /etc/knot-resolver/
Fedora 30: xen FEDORA-2019-3d7105bd2a

Device quarantine for alternate pci assignment methods [XSA-306]
Fedora 31: knot-resolver FEDORA-2019-866dc03603

- update to upstream version 4.3.0 - fixes CVE-2019-19331 - root.keys is moved to /var/lib/knot-resolver - knot-resolver no longer requires write permission to /etc/knot-resolver/
Fedora 31: samba FEDORA-2019-be98a08835

Update to Samba 4.11.3 - Security fixes for CVE-2019-14861, CVE-2019-14870 ---- Restart winbindd on samba-winbind package upgrade
OS: CentOS
CentOS: CESA-2019-4152: Important CentOS 6 nss-softokn

Upstream details at : https://access.redhat.com/errata/RHSA-2019:4152
CentOS: CESA-2019-4108: Critical CentOS 6 firefox

Upstream details at : https://access.redhat.com/errata/RHSA-2019:4108
CentOS: CESA-2019-4024: Important CentOS 7 SDL

Upstream details at : https://access.redhat.com/errata/RHSA-2019:4024
CentOS: CESA-2019-3979: Important CentOS 7 kernel

Upstream details at : https://access.redhat.com/errata/RHSA-2019:3979
OS: OpenSuse
openSUSE: 2019:2668-1: important: clamav

An update that fixes one vulnerability is now available.
openSUSE: 2019:2669-1: moderate: dnsmasq

An update that solves two vulnerabilities and has three fixes is now available.
openSUSE: 2019:2670-1: moderate: munge

An update that fixes one vulnerability is now available.
openSUSE: 2019:2671-1: moderate: opencv

An update that solves three vulnerabilities and has one errata is now available.
OS: Arch
ArchLinux: 201912-3: crypto++: private key recovery

The package crypto++ before version 8.2.0-2 is vulnerable to private key recovery.
ArchLinux: 201912-2: thunderbird: arbitrary code execution

The package thunderbird before version 68.3.0-1 is vulnerable to arbitrary code execution.
ArchLinux: 201912-1: firefox: multiple issues

The package firefox before version 71.0-1 is vulnerable to multiple issues including arbitrary code execution, denial of service, information disclosure and privilege escalation.
ArchLinux: 201911-14: intel-ucode: multiple issues

The package intel-ucode before version 20191112-1 is vulnerable to multiple issues including information disclosure, private key recovery and denial of service.
OS: Gentoo
Gentoo: GLSA-201911-08: Expat: Multiple vulnerabilities

Multiple vulnerabilities have been found in Expat, the worst of which could result in a Denial of Service condition.
Gentoo: GLSA-201911-07: Mozilla Firefox: Multiple vulnerabilities

Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
Gentoo: GLSA-201911-06: Chromium, Google Chrome: Multiple vulnerabilities

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Gentoo: GLSA-201911-05: Adobe Flash Player: Multiple vulnerabilities

Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in the arbitrary execution of code.


Legal
[Privacy Statement]
[Terms Of Service]
[ Licenses]
[ Citation]
[ What Is Copyleft ]
Impact
[Social Benefit Award ]
[Advancement of Free Software Award]
[Open Source Organizations]
[Userspace Mission]
Resources
[Linux Founation Event List]
[EdX - Free Online Courses]
[Free Computer EBooks]
[Pastebin]

Page Design by [Daniel Yount]::: Thanks To [X10Hosting] For Free Hosting ::: Powered By [WordPress]

General Contact Email