Security News
Vuln: ImageMagick CVE-2018-16750 Denial of Service Vulnerability
ImageMagick CVE-2018-16750 Denial of Service Vulnerability
Vuln: OpenAFS CVE-2018-16949 Multiple Denial of Service Vulnerabilities
OpenAFS CVE-2018-16949 Multiple Denial of Service Vulnerabilities
Bugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security update
[SECURITY] [DSA 4269-1] postgresql-9.6 security update
Bugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security update
[SECURITY] [DSA 4268-1] openjdk-8 security update
Bugtraq: [SECURITY] [DSA 4267-1] kamailio security update
[SECURITY] [DSA 4267-1] kamailio security update
Bugtraq: [CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2
[CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2
More rss feeds from SecurityFocus
News, Infocus, Columns, Vulnerabilities, Bugtraq ...
APPLE-SA-2019-7-22-3 Safari 12.1.2
Posted by Apple Product Security on Jul 23
APPLE-SA-2019-7-22-3 Safari 12.1.2Safari 12.1.2 is now available and addresses the following:
Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
included in macOS Mojave 10.14.6
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2019-8670: Tsubasa FUJII (@reinforchu)
WebKit
Available for: macOS Sierra...
APPLE-SA-2019-7-22-5 tvOS 12.4
Posted by Apple Product Security on Jul 23
APPLE-SA-2019-7-22-5 tvOS 12.4tvOS 12.4 is now available and addresses the following:
Core Data
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause arbitrary code...
APPLE-SA-2019-7-22-4 watchOS 5.3
Posted by Apple Product Security on Jul 23
APPLE-SA-2019-7-22-4 watchOS 5.3watchOS 5.3 is now available and addresses the following:
Core Data
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause...
APPLE-SA-2019-7-22-1 iOS 12.4
Posted by Apple Product Security on Jul 23
APPLE-SA-2019-7-22-1 iOS 12.4iOS 12.4 is now available and addresses the following:
Core Data
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data
Available for: iPhone 5s and later, iPad Air and...
Vuln: Scapy '_RADIUSAttrPacketListField' Class Remote Denial of Service Vulnerability
Scapy '_RADIUSAttrPacketListField' Class Remote Denial of Service Vulnerability
Vuln: FFmpeg CVE-2019-12730 Security Bypass Vulnerability
FFmpeg CVE-2019-12730 Security Bypass Vulnerability
Jira Server - Template injection in various resources - CVE-2019-11581
Posted by Anton Black on Jul 22
This email refers to the advisory found athttps://confluence.atlassian.com/x/AzoGOg .
CVE ID:
* CVE-2019-11581.
Product: Jira Server and Data Center.
Affected Jira Server and Data Center product versions:
4.0.0 <= version < 7.6.14
7.13.0 <= version < 7.13.5
8.0.0 <= version < 8.0.3
8.1.0 <= version < 8.1.2
8.2.0 <= version < 8.2.3
Fixed Jira Server and Data Center product versions:
* Jira Server and Data...
[slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)
Posted by Slackware Security Team on Jul 22
[slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)New kernel packages are available for Slackware 14.2 to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4.182/*: Upgraded.
These updates fix various bugs and many minor security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be...
[SECURITY] [DSA 4486-1] openjdk-11 security update
Posted by Moritz Muehlenhoff on Jul 22
-------------------------------------------------------------------------Debian Security Advisory DSA-4486-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
July 21, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : openjdk-11
CVE ID : CVE-2019-2745 CVE-2019-2762...
[SECURITY] [DSA 4485-1] openjdk-8 security update
Posted by Moritz Muehlenhoff on Jul 22
-------------------------------------------------------------------------Debian Security Advisory DSA-4485-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
July 21, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : openjdk-8
CVE ID : CVE-2019-2745 CVE-2019-2762...
[SECURITY] [DSA 4484-1] linux security update
Posted by Salvatore Bonaccorso on Jul 22
-------------------------------------------------------------------------Debian Security Advisory DSA-4484-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
July 20, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------
Package : linux
CVE ID : CVE-2019-13272
Jann Horn discovered...
Vuln: Apple iOS CVE-2019-8699 Security Bypass Vulnerability
Apple iOS CVE-2019-8699 Security Bypass Vulnerability
Vuln: Linux Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability
Linux Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability
