1. Vulnerabilities in Google Chrome
[22/01/2016] Vulnerabilities were identified in the Google Chrome. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. These vulnerabilities affect versions prior to
49.0.2623.0 of the mentioned product. Security patches are available to resolve
these
vulnerabilities.
URL:googlechromereleases.blogspot.hk/2016/01/stable-channel-update_20.html
URL:www.us-cert.gov/ncas/current-activity/2016/01/20/Google-Releases-Security-Update-Chrome
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109995
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109996
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109997
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109998
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109999
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110000
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110001
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110002
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110003
2. Vulnerabilities in F5 Products (SOL02360853,
SOL49580002, SOL53445000, SOL60352002, SOL62700573)
[22/01/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud and
Orchestration and Traffix SDC. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and crash the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/02/sol02360853.html
URL:support.f5.com/kb/en-us/solutions/public/k/49/sol49580002.html
URL:support.f5.com/kb/en-us/solutions/public/k/53/sol53445000.html
URL:support.f5.com/kb/en-us/solutions/public/k/60/sol60352002.html
URL:support.f5.com/kb/en-us/solutions/public/k/62/sol62700573.html
3. Vulnerability in CAREL PlantVisor Enhanced
(ICSA-16-021-01)
[22/01/2016] Vulnerability was identified in the CAREL PlantVisor
Enhanced. An attacker could bypass security restrictions. This vulnerability
affects ALL versions of the mentioned
product.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-021-01
4. Vulnerability in Hospira Products
(ICSA-15-337-02)
[22/01/2016] Vulnerability was identified in the multiple Hospira
products. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code and compromise the
system. This vulnerability affects multiple versions of the mentioned products.
Security patches are available to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-337-02
5. Vulnerability in Harman AMX multimedia devices
(VU#992624)
[22/01/2016] Vulnerability was identified in the Harman AMX multimedia
devices. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code and compromise the
system. This vulnerability affects multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/992624
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110011
6. Security Updates in Oracle Linux (ELSA-2016-0053,
ELSA-2016-0054)
[22/01/2016] Oracle has
released security update packages for fixing the vulnerabilities identified in
the java-1.7.0-openjdk packages for Oracle Linux 5, 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2016-0053.html
URL:linux.oracle.com/errata/ELSA-2016-0054.html
7. Security Updates in Mageia (MGASA-2016-0025,
MGASA-2016-0026, MGASA-2016-0027, MGASA-2016-0028, MGASA-2016-0029,
MGASA-2016-0030, MGASA-2016-0031, MGASA-2016-0032, MGASA-2016-0033,
MGASA-2016-0034)
[22/01/2016] Mageia has
released security update packages for fixing the vulnerability identified in the
cacti, encfs, perl, perl-PathTools, dhcp, moodle, bind, kernel-linus,
kernel-tmb, kernel, kernel-userspace-headers, kmod-vboxadditions,
kmod-virtualbox, kmod-xtables-addons, kmod-broadcom-wl, kmod-fglrx,
kmod-nvidia304, kmod-nvidia340, kmod-nvidia-current and dhcpcd packages for
multiple versions of Mageia. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0025.html
URL:advisories.mageia.org/MGASA-2016-0026.html
URL:advisories.mageia.org/MGASA-2016-0027.html
URL:advisories.mageia.org/MGASA-2016-0028.html
URL:advisories.mageia.org/MGASA-2016-0029.html
URL:advisories.mageia.org/MGASA-2016-0030.html
URL:advisories.mageia.org/MGASA-2016-0031.html
URL:advisories.mageia.org/MGASA-2016-0032.html
URL:advisories.mageia.org/MGASA-2016-0033.html
URL:advisories.mageia.org/MGASA-2016-0034.html
8. Security Updates in Red Hat Enterprise Linux
(RHSA-2016:0053-1, RHSA-2016:0054-1, RHSA-2016:0055-1, RHSA-2016:0056-1,
RHSA-2016:0057-1, RHSA-2016:0061-1)
[22/01/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.7.0-openjdk, java-1.8.0-oracle, java-1.7.0-oracle, java-1.6.0-sun,
httpd and httpd22 packages for Red Hat Enterprise Linux 5, 6 and 7, Red Hat
JBoss Web Server 2.1.0 for Red Hat Enterprise Linux 5, 6, and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0053.html
URL:rhn.redhat.com/errata/RHSA-2016-0054.html
URL:rhn.redhat.com/errata/RHSA-2016-0055.html
URL:rhn.redhat.com/errata/RHSA-2016-0056.html
URL:rhn.redhat.com/errata/RHSA-2016-0057.html
URL:rhn.redhat.com/errata/RHSA-2016-0061.html
9. Security Updates in Ubuntu GNU/Linux (USN-2878-1,
USN-2879-1)
[22/01/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the perl and rsync packages for versions 12.04 LTS, 14.04 LTS, 15.04 and 15.10.
Due to multiple errors, an attacker could bypass security restrictions and
obtain sensitive
information.
URL:www.ubuntu.com/usn/usn-2878-1/
URL:www.ubuntu.com/usn/usn-2879-1/
10.
Vulnerabilities in Cisco Products
(cisco-sa-20160120-d9036, cisco-sa-20160120-ucsm)
[21/01/2016] Vulnerability was identified in the Cisco Modular Encoding
Platform D9036 Software, Cisco Unified Computing System (UCS) Manager and the
Cisco Firepower 9000 Series appliance. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-d9036
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160120-ucsm
URL:www.hkcert.org/my_url/en/alert/16012102
URL:www.us-cert.gov/ncas/current-activity/2016/01/20/Cisco-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109741
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109742
11.
Vulnerability in BlueControl
(109710)
[21/01/2016]
Vulnerability was identified in the BlueControl.
An attacker could bypass security restrictions, execute arbitrary code and
compromise the system. This vulnerability affects version 3.5.SR5 of the
mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109710
12.
Vulnerability in Intel Driver Update
Utility (109706)
[21/01/2016] Vulnerability was identified in the Intel Driver Update
Utility. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects versions prior to 3 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109706
13.
Vulnerability in Panda Security installer
(109732)
[21/01/2016]
Vulnerability was identified in the Panda
Security installer. An attacker could bypass security restrictions, execute
arbitrary code and compromise the system. This vulnerability affects version
2016 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109732
14.
Vulnerabilities in Xen (XSA-167,
XSA-168)
[21/01/2016]
Vulnerabilities were identified in the Xen. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:xenbits.xen.org/xsa/advisory-167.html
URL:xenbits.xen.org/xsa/advisory-168.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109739
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109740
15.
Security Updates in Oracle Linux
(ELSA-2016-0045, ELSA-2016-0045-1, ELSA-2016-0049, ELSA-2016-0050,
ELSA-2016-3509, ELSA-2016-3510)
[21/01/2016] Oracle has
released security update packages for fixing the vulnerabilities identified in
the kernel, java-1.8.0-openjdk and kernel-uek packages for Oracle Linux 5, 6 and
7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2016-0045.html
URL:linux.oracle.com/errata/ELSA-2016-0045-1.html
URL:linux.oracle.com/errata/ELSA-2016-0049.html
URL:linux.oracle.com/errata/ELSA-2016-0050.html
URL:linux.oracle.com/errata/ELSA-2016-3509.html
URL:linux.oracle.com/errata/ELSA-2016-3510.html
16.
Security Updates in Debian
(DSA-3450-1)
[21/01/2016] Debian has
released security update packages for fixing the vulnerability identified in the
ecryptfs-utils packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions and gain
elevated
privileges.
URL:www.debian.org/security/2016/dsa-3450
17.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0049-1, RHSA-2016:0050-1)
[21/01/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.8.0-openjdk packages for Red Hat Enterprise Linux 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0049.html
URL:rhn.redhat.com/errata/RHSA-2016-0050.html
18.
Security Updates in SUSE
(SUSE-SU-2016:0180-1, SUSE-SU-2016:0186-1)
[21/01/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the bind and kernel packages of SUSE Linux Enterprise 12. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00020.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00021.html
19.
Security Updates in Ubuntu GNU/Linux
(USN-2876-1)
[21/01/2016] Ubuntu has
released security update packages for fixing the vulnerability identified in the
ecryptfs-utils packages for versions 12.04 LTS, 14.04 LTS, 15.04 and 15.10. An
attacker could bypass security restrictions and gain elevated
privileges.
URL:www.ubuntu.com/usn/usn-2876-1/
20.
Vulnerabilities in ISC BIND9 (AA-01335,
AA-01336)
[20/01/2016]
Vulnerabilities were identified in the ISC
BIND9. An attacker could bypass security restrictions, cause a denial of service
condition and crash the system. These vulnerabilities affect versions prior to
9.9.8-P3, 9.9.8-S4 or 9.10.3-P3 of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:kb.isc.org/article/AA-01335
URL:kb.isc.org/article/AA-01336
URL:www.hkcert.org/my_url/en/alert/16012002
21.
Security Updates in Oracle
Products
[20/01/2016]
Oracle has released security update packages for
fixing the vulnerabilities identified in Oracle Java SE and multiple Oracle
Products. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the system.
Security patches are available to resolve these
vulnerabilities.
URL:www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html
URL:www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
URL:www.hkcert.org/my_url/en/alert/16012001
URL:www.us-cert.gov/ncas/current-activity/2016/01/19/Oracle-Releases-Security-Bulletin
22.
Vulnerabilities in Apple Products
(HT205730, HT205731, HT205732)
[20/01/2016] Vulnerabilities were identified in the Apple Safari, OS X El
Capitan and iOS. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:support.apple.com/en-hk/HT205730
URL:support.apple.com/en-hk/HT205731
URL:support.apple.com/en-hk/HT205732
URL:prod.lists.apple.com/archives/security-announce/2016/Jan/msg00002.html
URL:prod.lists.apple.com/archives/security-announce/2016/Jan/msg00003.html
URL:prod.lists.apple.com/archives/security-announce/2016/Jan/msg00004.html
23.
Vulnerability in Cisco Web Security
Appliance (cisco-sa-20160119-wsa)
[20/01/2016] Vulnerability was identified in the Cisco Web Security
Appliance (WSA). An attacker could bypass security restrictions. This
vulnerability affects versions 8.5.3-055, 9.1.0-000 and 9.5.0-235 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109697
24.
Vulnerability in Pivotal Cloud Foundry
(109694)
[20/01/2016]
Vulnerability was identified in the Pivotal
Cloud Foundry. An attacker could bypass security restrictions and obtain
sensitive information. This vulnerability affects versions prior to 1.5.11 or
1.6.11 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109694
25.
Vulnerability in Linux Kernel
(109695)
[20/01/2016]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system. This vulnerability affects versions 3.8, 3.9 rc1 and
4.0.5 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109695
26.
Vulnerability in OpenStack Heat
(109698)
[20/01/2016]
Vulnerability was identified in the OpenStack
Heat. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. This vulnerability
affects version 2015.1.2 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109698
27.
Security Updates in Debian (DSA-3448-1,
DSA-3449-1)
[20/01/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the linux and bind9 packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3448
URL:www.debian.org/security/2016/dsa-3449
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0045-1, RHSA-2016:0046-1)
[20/01/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel packages for Red Hat Enterprise Linux 5 and 6. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0045.html
URL:rhn.redhat.com/errata/RHSA-2016-0046.html
29.
Security Updates in SUSE
(SUSE-SU-2016:0164-1, SUSE-SU-2016:0168-1,
SUSE-SU-2016:0174-1)
[20/01/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the samba, kernel and bind packages of SUSE Linux Enterprise 11 and 12. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00017.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00018.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00019.html
30.
Security Updates in Ubuntu GNU/Linux
(USN-2870-1, USN-2870-2, USN-2871-1, USN-2871-2, USN-2872-1, USN-2872-3,
USN-2873-1, USN-2874-1, USN-2875-1)
[20/01/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the linux, linux-lts-trusty, linux-lts-vivid, linux-lts-wily, linux-raspi2,
linux-lts-utopic, bind9 and libxml2 packages for versions 12.04 LTS, 14.04 LTS,
15.04 and 15.10. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2870-1/
URL:www.ubuntu.com/usn/usn-2870-2/
URL:www.ubuntu.com/usn/usn-2871-1/
URL:www.ubuntu.com/usn/usn-2871-2/
URL:www.ubuntu.com/usn/usn-2872-1/
URL:www.ubuntu.com/usn/usn-2872-2/
URL:www.ubuntu.com/usn/usn-2872-3/
URL:www.ubuntu.com/usn/usn-2873-1/
URL:www.ubuntu.com/usn/usn-2874-1/
URL:www.ubuntu.com/usn/usn-2875-1/
31.
Vulnerability in SevOne NMS
(109659)
[19/01/2016]
Vulnerability was identified in the SevOne NMS.
An attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects version 5.3.6.0 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109659
32.
Vulnerability in Seeds acmailer
(109653)
[19/01/2016]
Vulnerability was identified in the Seeds
acmailer. An attacker could execute arbitrary code on the system. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109653
33.
Vulnerabilities in Cisco Products
(cisco-sa-20160115-FireSIGHT, cisco-sa-20160115-fmc1,
cisco-sa-20160115-asa)
[18/01/2016] Vulnerabilities were identified in the Cisco FireSIGHT
Management Center and Cisco Adaptive Security Appliance (ASA). An attacker could
bypass security restrictions, obtain sensitive information, execute arbitrary
code and perform cross-site scripting attacks. These vulnerabilities affect
multiple firmware versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109648
34.
Vulnerabilities in IBM Products (1973985,
1974157)
[18/01/2016]
Vulnerabilities were identified in the IBM
Rational Host On-Demand and IBM Tivoli Federated Identity Manager. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform cross-site scripting attacks. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:www-01.ibm.com/support/docview.wss?uid=swg21973985
URL:www-01.ibm.com/support/docview.wss?uid=swg21974157
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105255
URL:exchange.xforce.ibmcloud.com/vulnerabilities/106216
35.
Security Updates in Debian
(DSA-3447-1)
[18/01/2016] Debian has
released security update packages for fixing the vulnerability identified in the
tomcat7 packages for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.debian.org/security/2016/dsa-3447
36.
Security Updates in FreeBSD
(FreeBSD-SA-16:07.openssh)
[18/01/2016] FreeBSD
has released security update packages for fixing the vulnerability identified in
the openssh packages for multiple versions of FreeBSD Linux. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-16:07.openssh.asc
37.
Security Updates in Gentoo Linux (GLSA
201601-01)
[18/01/2016]
Gentoo has released security update packages for
fixing the vulnerability identified in the openssh packages for multiple
versions of Gentoo Linux. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:security.gentoo.org/glsa/201601-01
38.
Security Updates in Mageia
(MGASA-2016-0022, MGASA-2016-0023, MGASA-2016-0024)
[18/01/2016] Mageia has released security update packages for fixing the
vulnerability identified in the openssh, qemu and php packages for multiple
versions of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0022.html
URL:advisories.mageia.org/MGASA-2016-0023.html
URL:advisories.mageia.org/MGASA-2016-0024.html
39.
Security Updates in SUSE
(openSUSE-SU-2016:0144-1, openSUSE-SU-2016:0145-1)
[18/01/2016] SUSE has released security update packages for fixing the
vulnerabilities identified in the openssh packages of openSUSE Evergreen 11.4
and openSUSE 13.1. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00015.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00016.html
40.
Security Updates in Slackware
(SSA:2016-014-01)
[18/01/2016] Slackware
has released security update packages for fixing the vulnerability identified in
the openssh packages for multiple versions of Slackware Linux. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.677958
No comments:
Post a Comment