Feed aggregator

next-20170817: linux-next

Linux Kernel Updates - August 17, 2017 - 1:34am
Version:next-20170817 (linux-next) Released:2017-08-17

[SECURITY] [DSA 3928-2] firefox-esr security update

BugTraq Latest Security Advisories - August 17, 2017 - 1:13am

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-3928-2 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2017-7753 CVE-2017-7779...
Categories:

Bugtraq: CVE-2017-9802: Apache Sling XSS vulnerability

Security Focus Latest Security Advisories - August 17, 2017 - 1:00am
CVE-2017-9802: Apache Sling XSS vulnerability
Categories:

Vuln: Git CVE-2017-1000117 Remote Command Injection Vulnerability

Security Focus Latest Security Advisories - August 16, 2017 - 11:00pm
Git CVE-2017-1000117 Remote Command Injection Vulnerability
Categories:

Vuln: Mozilla Firefox CVE-2017-7753 Information Disclosure Vulnerability

Security Focus Latest Security Advisories - August 16, 2017 - 11:00pm
Mozilla Firefox CVE-2017-7753 Information Disclosure Vulnerability
Categories:

Vuln: Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability

Security Focus Latest Security Advisories - August 16, 2017 - 11:00pm
Mozilla Firefox and Firefox ESR CVE-2017-7809 Use After Free Remote Code Execution Vulnerability
Categories:

4.12.8: stable

Linux Kernel Updates - August 16, 2017 - 3:47pm
Version:4.12.8 (stable) Released:2017-08-16 Source:linux-4.12.8.tar.xz PGP Signature:linux-4.12.8.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.12.8

4.9.44: longterm

Linux Kernel Updates - August 16, 2017 - 3:44pm
Version:4.9.44 (longterm) Released:2017-08-16 Source:linux-4.9.44.tar.xz PGP Signature:linux-4.9.44.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.9.44

4.4.83: longterm

Linux Kernel Updates - August 16, 2017 - 3:40pm
Version:4.4.83 (longterm) Released:2017-08-16 Source:linux-4.4.83.tar.xz PGP Signature:linux-4.4.83.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.4.83

3.18.66: longterm

Linux Kernel Updates - August 16, 2017 - 3:35pm
Version:3.18.66 (EOL) (longterm) Released:2017-08-16 Source:linux-3.18.66.tar.xz PGP Signature:linux-3.18.66.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-3.18.66

Microsoft Resnet - DNS Configuration Web Vulnerability

BugTraq Latest Security Advisories - August 16, 2017 - 1:31pm

Posted by Vulnerability Lab on Aug 16

Document Title:
===============
Microsoft Resnet - DNS Configuration Web Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2087

Acknowledgements: https://technet.microsoft.com/en-us/security/cc308589.aspx

Release Date:
=============
2017-08-16

Vulnerability Laboratory ID (VL-ID):
====================================
2087

Common Vulnerability Scoring System:...
Categories:

FreeBSD <= 10.3 jail SHM hole

BugTraq Latest Security Advisories - August 16, 2017 - 5:13am

Posted by WhiteWinterWolf on Aug 16

AFFECTED PRODUCTS

This issue affects FreeBSD from 7.0 to 10.3 included.

DESCRIPTION

FreeBSD jail incompletely protects the access to the IPC primitives.

The 'allow.sysvipc' setting only affects IPC queues, leaving other IPC
objects unprotected, making them reachable system-wide independently of
the system configuration.

This creates two main weaknesses:

- An attacker able to execute commands in one jail can attack processes...
Categories: