BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 1 hour 12 sec ago

[slackware-security] mozilla-thunderbird (SSA:2019-045-01)

February 15, 2019 - 12:16am

Posted by Slackware Security Team on Feb 14

[slackware-security] mozilla-thunderbird (SSA:2019-045-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-thunderbird-60.5.1-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

[SECURITY] [DSA 4391-1] firefox-esr security update

February 15, 2019 - 12:12am

Posted by Moritz Muehlenhoff on Feb 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4391-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 14, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2018-18356 CVE-2019-5785...
Categories:

[slackware-security] mozilla-firefox (SSA:2019-044-01)

February 14, 2019 - 2:45am

Posted by Slackware Security Team on Feb 13

[slackware-security] mozilla-firefox (SSA:2019-044-01)

New mozilla-firefox packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-60.5.1esr-i686-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:...
Categories:

Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702)

February 14, 2019 - 2:42am

Posted by David Coomber on Feb 13

Qkr! with MasterPass iOS Application - MITM SSL Certificate
Vulnerability (CVE-2019-6702)
Categories:

[slackware-security] lxc (SSA:2019-043-01)

February 13, 2019 - 8:49am

Posted by Slackware Security Team on Feb 13

[slackware-security] lxc (SSA:2019-043-01)

New lxc packages are available for Slackware 14.2 and -current to
fix a security issue.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/lxc-2.0.9_d3a03247-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue where a malicious privileged container
could overwrite the host binary and thus gain root-level code execution on
the...
Categories:

CA20190212-01: Security Notice for CA Privileged Access Manager

February 13, 2019 - 8:45am

Posted by Kevin Kotas on Feb 13

CA20190212-01: Security Notice for CA Privileged Access Manager

Issued: February 12, 2019
Last Updated: February 12, 2019

CA Technologies Support is alerting customers to a potential risk
with CA Privileged Access Manager. A vulnerability exists that can
allow a remote attacker to access sensitive information or modify
configuration. CA published solutions to address the vulnerabilities.

CVE-2019-7392 describes a vulnerability resulting from...
Categories:

[SECURITY] [DSA 4390-1] flatpak security update

February 13, 2019 - 8:42am

Posted by Moritz Muehlenhoff on Feb 13

-------------------------------------------------------------------------
Debian Security Advisory DSA-4390-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 12, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : flatpak
CVE ID : not yet available
Debian Bug :...
Categories:

[SECURITY] [DSA 4377-2] rssh regression update

February 12, 2019 - 7:02am

Posted by Salvatore Bonaccorso on Feb 12

-------------------------------------------------------------------------
Debian Security Advisory DSA-4377-2 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 11, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : rssh
Debian Bug : 921655

The update for rssh issued as...
Categories:

[SECURITY] [DSA 4389-1] libu2f-host security update

February 12, 2019 - 6:59am

Posted by Sebastien Delafond on Feb 12

-------------------------------------------------------------------------
Debian Security Advisory DSA-4389-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
February 11, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : libu2f-host
CVE ID : CVE-2018-20340
Debian Bug...
Categories:

[SECURITY] [DSA 4388-1] mosquitto security update

February 11, 2019 - 12:12am

Posted by Moritz Muehlenhoff on Feb 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4388-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 10, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : mosquitto
CVE ID : CVE-2018-12546 CVE-2018-12550...
Categories:

KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.

February 11, 2019 - 12:07am

Posted by Kingkaustubh on Feb 10

========================================================
Unauthenticated Stack Overflow in Multiple Gpon Devices
========================================================

. contents:: Table Of Content

Overview
========

Title:- StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals.
CVE-ID :- CVE-2018-19524
Author: Kaustubh G. Padwad
Vendor: Shenzhen Skyworth Digital Technology Company Ltd.(...
Categories:

[SECURITY] [DSA 4387-1] openssh security update

February 11, 2019 - 12:04am

Posted by Yves-Alexis Perez on Feb 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4387-1 security () debian org
https://www.debian.org/security/ Yves-Alexis Perez
February 09, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : openssh
CVE ID : CVE-2018-20685 CVE-2019-6109...
Categories:

WebKitGTK+ and WPE WebKit Security Advisory WSA-2019-0001

February 11, 2019 - 12:01am

Posted by Michael Catanzaro on Feb 10

------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2019-0001
------------------------------------------------------------------------

Date reported : February 08, 2019
Advisory ID : WSA-2019-0001
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2019-0001.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2019-0001.html
CVE identifiers :...
Categories: