Feed aggregator

Bugtraq: [SECURITY] [DSA 4115-1] quagga security update

Security Focus Latest Security Advisories - February 19, 2018 - 3:00am
[SECURITY] [DSA 4115-1] quagga security update
Categories:

Bugtraq: Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

Security Focus Latest Security Advisories - February 19, 2018 - 3:00am
Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM
Categories:

Bugtraq: Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload

Security Focus Latest Security Advisories - February 19, 2018 - 3:00am
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload
Categories:

Vuln: Google Chrome CVE-2018-6056 Remote Security Vulnerability

Security Focus Latest Security Advisories - February 19, 2018 - 12:00am
Google Chrome CVE-2018-6056 Remote Security Vulnerability
Categories:

Vuln: Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability

Security Focus Latest Security Advisories - February 19, 2018 - 12:00am
Microsoft Windows Kernel CVE-2018-0810 Local Information Disclosure Vulnerability
Categories:

Vuln: GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability

Security Focus Latest Security Advisories - February 19, 2018 - 12:00am
GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
Categories:

next-20180219: linux-next

Linux Kernel Updates - February 18, 2018 - 9:12pm
Version:next-20180219 (linux-next) Released:2018-02-19

4.16-rc2: mainline

Linux Kernel Updates - February 18, 2018 - 8:29pm
Version:4.16-rc2 (mainline) Released:2018-02-19 Source:linux-4.16-rc2.tar.gz Patch:full (incremental)

4.9.82: longterm

Linux Kernel Updates - February 17, 2018 - 7:21am
Version:4.9.82 (longterm) Released:2018-02-17 Source:linux-4.9.82.tar.xz PGP Signature:linux-4.9.82.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.9.82

4.14.20: longterm

Linux Kernel Updates - February 16, 2018 - 2:23pm
Version:4.14.20 (longterm) Released:2018-02-16 Source:linux-4.14.20.tar.xz PGP Signature:linux-4.14.20.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.14.20

3.18.95: longterm

Linux Kernel Updates - February 16, 2018 - 2:15pm
Version:3.18.95 (EOL) (longterm) Released:2018-02-16 Source:linux-3.18.95.tar.xz PGP Signature:linux-3.18.95.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-3.18.95

4.4.116: longterm

Linux Kernel Updates - February 16, 2018 - 2:11pm
Version:4.4.116 (longterm) Released:2018-02-16 Source:linux-4.4.116.tar.xz PGP Signature:linux-4.4.116.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.4.116

4.15.4: stable

Linux Kernel Updates - February 16, 2018 - 2:07pm
Version:4.15.4 (stable) Released:2018-02-16 Source:linux-4.15.4.tar.xz PGP Signature:linux-4.15.4.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.15.4

[slackware-security] irssi (SSA:2018-046-01)

BugTraq Latest Security Advisories - February 16, 2018 - 3:04am

Posted by Slackware Security Team on Feb 16

[slackware-security] irssi (SSA:2018-046-01)

New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/irssi-1.0.7-i586-1_slack14.2.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://irssi.org/security/html/irssi_sa_2018_02...
Categories:

Bugtraq: Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF

Security Focus Latest Security Advisories - February 16, 2018 - 3:00am
Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF
Categories:

[SECURITY] [DSA 4115-1] quagga security update

BugTraq Latest Security Advisories - February 15, 2018 - 10:48pm

Posted by Salvatore Bonaccorso on Feb 15

-------------------------------------------------------------------------
Debian Security Advisory DSA-4115-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 15, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : quagga
CVE ID : CVE-2018-5378 CVE-2018-5379...
Categories:

Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-Unrestricted File Upload

BugTraq Latest Security Advisories - February 15, 2018 - 10:45pm

Posted by Arvind Vishwakarma on Feb 15

------------------------------------------------------------------
Vulnerability Type: Unrestricted File Upload
Vendor of Product: Tejari
Affected Product Code Base: Bravo Solution
Affected Component: Web Interface Management.
Attack Type: Local - Authenticated
Impact: Malicous File Upload
-----------------------------------------------------------------

Product description:
Brao Tejari is a strategic procurement platform that enables...
Categories:

Re: [FD] Defense in depth -- the Microsoft way (part 51): Skype's home-grown updater allows escalation of privilege to SYSTEM

BugTraq Latest Security Advisories - February 15, 2018 - 10:43pm

Posted by Stefan Kanthak on Feb 15

"Jeffrey Walton" <noloader () gmail com> wrote:

[ http://seclists.org/fulldisclosure/2018/Feb/33 ]

This is of course related: after Zack Whittacker published
<https://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/>
some hundred news outlets, bloggers etc. followed up.
Except Zack Whittacker nobody contacted me.
Many copied his article, some others added their own and wrong...
Categories:

Vulnerability Disclosure (Web Apps)-Bravo Tejari Web Portal-CSRF

BugTraq Latest Security Advisories - February 15, 2018 - 10:36pm

Posted by Arvind Vishwakarma on Feb 15

-----------------------------------------------------
Vulnerability Type: Cross Site Request Forgery (CSRF)
Vendor of Product: Tejari
Affected Product Code Base: Bravo Solution
Affected Component: Web Interface Management.
Attack Type: Local - Authenticated
Impact: Unauthorised Access
------------------------------------------

Product description:
Bravo Tejari is a strategic procurement platform that enables
organizations to generate more value,...
Categories: