|
|
Colapse all |
Post message
[SECURITY] [DSA 4140-1] libvorbis security update 2018-03-16 Salvatore Bonaccorso (carnil debian org) [CVE-2017-1205] IBM Spectrum LSF Privilege Escalation 2018-03-16 john fitzpatrick mwrinfosecurity com ###[IBM Spectrum LSF Privilege Escalation]### * Software: IBM Spectrum LSF * Affected Versions: IBM Spectrum LSF 8.3, 9.1.1, 9.1.2, 9.1.3, 10.1, 10.1.0.1 * CVE Reference: CVE-2017-1205 * Author: John Fitzpatrick (@j0hn__f) * Severity: CVSS 9.3 * Vendor: IBM * Vendor Response: Fixes provided * Date: [ more ] [ reply ] [slackware-security] curl (SSA:2018-074-01) 2018-03-16 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2018-074-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/c [ more ] [ reply ] Secunia Research: LibRaw Multiple Denial of Service Vulnerabilities 2018-03-15 Secunia Research (remove-vuln secunia com) SEC Consult SA-20180314-0 :: Arbitrary Shortcode Execution & Local File Inclusion in WooCommerce Products Filter (PluginUs.Net) 2018-03-14 SEC Consult Vulnerability Lab (research sec-consult com) FreeBSD Security Advisory FreeBSD-SA-18:03.speculative_execution 2018-03-14 FreeBSD Security Advisories (security-advisories freebsd org) [slackware-security] mozilla-firefox (SSA:2018-072-01) 2018-03-13 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2018-072-01) New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/p [ more ] [ reply ] [slackware-security] samba (SSA:2018-072-02) 2018-03-13 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] samba (SSA:2018-072-02) New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security a issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/package [ more ] [ reply ] [RT-SA-2017-012] Shopware Cart Accessible by Third-Party Websites 2018-03-13 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Shopware Cart Accessible by Third-Party Websites RedTeam Pentesting discovered that the shopping cart implemented by Shopware offers an insecure API. Malicious, third-party websites may abuse this API to list, add or remove products from a user's cart. Details ======= Product: Shopware [ more ] [ reply ] SEC Consult SA-20180312-0 :: Multiple Critical Vulnerabilities in SecurEnvoy SecurMail 2018-03-12 SEC Consult Vulnerability Lab (research sec-consult com) [SECURITY] [DSA 4134-1] util-linux security update 2018-03-10 Salvatore Bonaccorso (carnil debian org) [RT-SA-2018-001] Arbitrary Redirect in Tuleap 2018-03-08 RedTeam Pentesting GmbH (release redteam-pentesting de) Advisory: Arbitrary Redirect in Tuleap RedTeam Pentesting discovered an arbitrary redirect vulnerability in the redirect mechanism of the application lifecycle management platform Tuleap. Details ======= Product: Tuleap Affected Versions: > 9.17.99.93 Fixed Versions: >= 9.17.99.93 Vulnerability [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec [REVISED] 2018-03-08 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4133-1] isc-dhcp security update 2018-03-07 Salvatore Bonaccorso (carnil debian org) FreeBSD Security Advisory FreeBSD-SA-18:01.ipsec 2018-03-07 FreeBSD Security Advisories (security-advisories freebsd org) [SECURITY] [DSA 4128-1] trafficserver security update 2018-03-02 Sebastien Delafond (seb debian org) DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06 Defense Code (defensecode defensecode com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service 2018-03-02 KoreLogic Disclosures (disclosures korelogic com) KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt 1. Vul [ more ] [ reply ] DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Product Attributes 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Stored Cross-Site Scripting â?? Downloadable Products 2018-03-06 Defense Code (defensecode defensecode com) DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery 2018-03-06 Defense Code (defensecode defensecode com) |
|
Privacy Statement |
Hash: SHA512
- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-4140-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 16, 2018
[ more ] [ reply ]