|
|
Colapse all |
Post message
[security bulletin] HPESBHF03803 rev.1 - Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance, Remote Denial of Service and Execution of Code 2018-01-03 security-alert hpe com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf 03803en_us SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: hpesbhf03803en_us Version: 1 HP [ more ] [ reply ] [security bulletin] MFSBGN03793 rev.2 - Project and Portfolio Management Center, Multiple vulnerabilities 2018-01-03 cyber-psrt microfocus com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://softwaresupport.hpe.com/document/-/facetsearch/document/KM030144 26 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: KM03014426 Version: 2 MFSBGN03793 rev.2 [ more ] [ reply ] CVE-2017-6094 - Genexis GAPS Access Control Vulnerability 2018-01-03 Antoine Neuenschwander (antoine schoggi org) Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590 2018-01-03 Atlassian (security atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 This email refers to the advisory found at https://confluence.atlassian.com/x/6FcGO . CVE ID: * CVE-2017-14589. * CVE-2017-14590. Product: Bamboo. Affected Bamboo product versions: version < 6.1.6 6.2.0 <= version < 6.2.5 Fixed Bamboo product [ more ] [ reply ] APPLE-SA-2017-12-13-1 iOS 11.2.1 2017-12-13 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-12-13-1 iOS 11.2.1 iOS 11.2.1 is now available and addresses the following: HomeKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker may be able to unexpectedly alter appli [ more ] [ reply ] APPLE-SA-2017-12-13-2 tvOS 11.2.1 2017-12-13 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-12-13-2 tvOS 11.2.1 tvOS 11.2.1 is now available and addresses the following: HomeKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A remote attacker may be able to unexpectedly alter application state Description: A [ more ] [ reply ] AST-2017-012: Remote Crash Vulnerability in RTCP Stack 2017-12-13 Asterisk Security Team (security asterisk org) APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2 2017-12-13 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2 tvOS 11.2 addresses the following: IOSurface Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with k [ more ] [ reply ] ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524 2017-12-14 tim kretschmann pallas com 1. ADVISORY SUMMARY Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data Risk: high Application: Kemp Load Balancers - Module Application Firewall Pack (AFP) Versions Affected: 7.1.30 (Nov 2015) to 7.2.40 (Oct 2017) // Older [ more ] [ reply ] APPLE-SA-2017-12-13-5 Safari 11.0.2 2017-12-13 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-12-13-5 Safari 11.0.2 Safari 11.0.2 addresses the following: WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2 Impact: Processing maliciously crafted web content may lead to arbitrary co [ more ] [ reply ] [SECURITY] [DSA 4064-1] chromium-browser security update 2017-12-12 Michael Gilbert (mgilbert debian org) Advisory - Fisheye and Crucible - CVE-2017-14591 2017-12-10 Atlassian (security atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 This email refers to the advisory found at https://confluence.atlassian.com/x/qVcGO and https://confluence.atlassian.com/x/plcGO . CVE ID: * CVE-2017-14591. Product: Fisheye and Crucible. Affected Fisheye and Crucible product versions: version [ more ] [ reply ] [slackware-security] openssl (SSA:2017-342-01) 2017-12-09 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2017-342-01) New openssl packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openssl- [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-17:12.openssl 2017-12-09 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4059-1] libxcursor security update 2017-12-08 Salvatore Bonaccorso (carnil debian org) CISTI'2018 -- Doctoral Symposium -- Call for contributions 2017-12-08 ML (marialemos72 gmail com) ------------------------------------------------------------------ Doctoral Symposium of CISTI'2018 13th Iberian Conference on Information Systems and Technologies 13 - 16 June 2018, Caceres, Spain http://www.cisti.eu/ ------------------------------------------------------------------------ --- The [ more ] [ reply ] Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2017-12-08 Secunia Research (remove-vuln secunia com) Advisory - Hipchat Data Center, Hipchat Server - CVE-2017-14585 2017-11-29 Matthew Hart (mhart atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/MXEGO . CVE ID: CVE-2017-14585. Products: Hipchat Data Center, Hipchat Server Affected Hipchat Data Center product versions: 3.0.0 <= version < 3.1.0 Affected Hipchat S [ more ] [ reply ] Advisory - Remote code execution in HipChat for Mac desktop client - CVE-2017-14586 2017-11-29 Matthew Hart (mhart atlassian com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This email refers to the advisory found at https://confluence.atlassian.com/x/NXEGO . CVE ID: * CVE-2017-14586. Product: Hipchat for Mac desktop client. Affected Hipchat for Mac desktop client product versions: 4.0 <= version < 4.30 Fixed Hip [ more ] [ reply ] |
|
Privacy Statement |
It looks like there's Intel CPU bug, allowing prefetch from kernel
memory. It seems to be reason KASLR patches are pushed so fast to Linux.
https://mobile.twitter.com/brainsmoke/status/948561799875502080/photo/1
https://forums.freebsd.org/threads/63955/page-2#post-371276
Hmm.
Does that mean
[ more ] [ reply ]