CentOS ist die dritthäufigste Distribution des Linux-Kernels. Die Abkürzung CentOS steht für „Community Enterprise Operating System“.
-
Red Hat Security Advisory 2020-3358-01
Operating System: RedHat ≈ Packet Storm Aug 6, 2020 | 17:07 pmRed Hat Security Advisory 2020-3358-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web[…]
Read more... -
Red Hat Security Advisory 2020-3343-01
Operating System: RedHat ≈ Packet Storm Aug 6, 2020 | 17:06 pmRed Hat Security Advisory 2020-3343-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.
Read more... -
Red Hat Security Advisory 2020-3342-01
Operating System: RedHat ≈ Packet Storm Aug 6, 2020 | 17:06 pmRed Hat Security Advisory 2020-3342-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.
Read more... -
Red Hat Security Advisory 2020-3341-01
Operating System: RedHat ≈ Packet Storm Aug 6, 2020 | 17:06 pmRed Hat Security Advisory 2020-3341-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.
Read more... -
Red Hat Security Advisory 2020-3344-01
Operating System: RedHat ≈ Packet Storm Aug 6, 2020 | 17:06 pmRed Hat Security Advisory 2020-3344-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.
Read more... -
Red Hat Security Advisory 2020-3345-01
Operating System: RedHat ≈ Packet Storm Aug 6, 2020 | 17:06 pmRed Hat Security Advisory 2020-3345-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Issues addressed include a use-after-free vulnerability.
Read more... -
Red Hat Security Advisory 2020-3328-01
Operating System: RedHat ≈ Packet Storm Aug 5, 2020 | 15:24 pmRed Hat Security Advisory 2020-3328-01 - Red Hat Ansible Tower 3.7.2-1 has addressed for security issues.
Read more... -
Red Hat Security Advisory 2020-3329-01
Operating System: RedHat ≈ Packet Storm Aug 5, 2020 | 15:22 pmRed Hat Security Advisory 2020-3329-01 - Red Hat Ansible Tower has had multiple bug fixes addressed including a security issue.
Read more... -
Red Hat Security Advisory 2020-3183-01
Operating System: RedHat ≈ Packet Storm Aug 5, 2020 | 15:21 pmRed Hat Security Advisory 2020-3183-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Read more... -
Red Hat Security Advisory 2020-3184-01
Operating System: RedHat ≈ Packet Storm Aug 5, 2020 | 15:21 pmRed Hat Security Advisory 2020-3184-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Read more... -
The Product Security Blog has moved!
Red Hat Security Blog Blog Posts Mar 19, 2019 | 19:38 pmRed Hat Product Security has joined forces with other security teams inside Red Hat to publish our content in a common venue using the Security channel of the Red Hat Blog.This move provides a wider variety of important Security topics,[…]
Read more... -
Security Technologies: FORTIFY_SOURCE
Red Hat Security Blog Blog Posts Sep 26, 2018 | 13:30 pmFORTIFY_SOURCE provides lightweight compile and runtime protection to some memory and string functions (original patch to gcc was submitted by Red Hat). It is supposed to have no or a very small runtime overhead and can be enabled for all[…]
Read more... -
New Red Hat Product Security OpenPGP key
Red Hat Security Blog Blog Posts Aug 22, 2018 | 13:30 pmRed Hat Product Security has transitioned from using its old 1024-bit DSA OpenPGP key to a new 4096-bit RSA OpenPGP key.This was done to improve the long-term security of our communications with our customers and also to meet current key[…]
Read more... -
Security Technologies: Stack Smashing Protection (StackGuard)
Red Hat Security Blog Blog Posts Aug 20, 2018 | 13:30 pm
Read more...
In our previous blog, we saw how arbitrary code execution resulting from stack-buffer overflows can be partly mitigated by marking segments of memory as non-executable, a technology known as Execshield. However stack-buffer overflow exploits can still effectively overwrite the function[…] -
Managing risk in the modern world
Red Hat Security Blog Blog Posts Aug 14, 2018 | 15:30 pm
Read more...
Things can be pretty scary out there today. There are a lot of things that could occur that make even the calmest amongst us take pause. Everything we do is a series of risk-based decisions that we hope leads to[…] -
How SELinux helps mitigate risk while facilitating compliance
Red Hat Security Blog Blog Posts Aug 9, 2018 | 13:30 pmLanguage EnglishMany of our customers are required to meet a variety of regulatory requirements. Red Hat Enterprise Linux includes security technologies that help meet these requirements. Improving Linux security also benefits our layered products, such as Red Hat OpenShift Container[…]
Read more... -
Security Technologies: ExecShield
Red Hat Security Blog Blog Posts Jul 25, 2018 | 13:30 pm
Read more...
The world of computer security has changed dramatically in the last few years. Keeping your operating system updated with the latest security patches is no longer sufficient. Operating system providers need to be more proactive in combating security problems. A[…] -
SPECTRE Variant 1 scanning tool
Red Hat Security Blog Blog Posts Jul 18, 2018 | 13:30 pmAs part of Red Hat's commitment to product security we have developed a tool internally that can be used to scan for variant 1 SPECTRE vulnerabilities. As part of our commitment to the wider user community, we are introducing this[…]
Read more... -
Insights Security Hardening Rules
Red Hat Security Blog Blog Posts Jul 12, 2018 | 13:30 pmMany users of Red Hat Insights are familiar with the security rules we create to alert them about security vulnerabilities on their system, especially concerning high-profile issues such as Spectre/Meltdown or Heartbleed. In this post, I'd like to talk about[…]
Read more... -
Red Hat’s disclosure process
Red Hat Security Blog Blog Posts Jul 10, 2018 | 13:00 pmLast week, a vulnerability (CVE-2018-10892) that affected CRI-O, Buildah, Podman, and Docker was made public before some affected upstream projects were notified. We regret that this was not handled in a way that lives up to our own standards around[…]
Read more... -
RHBA-2019:0500-1: nss-pem bug fix update
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updated nss-pem packages that fix one bug are now available for Red HatEnterprise Linux 7.6.
Read more... -
RHBA-2019:0499-1: resource-agents bug fix update
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updated resource-agents packages that fix one bug are now available for Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0498-1: rear bug fix update
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updated rear packages that fix several bugs are now available for Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0497-1: gnome-tweak-tool bug fix update
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updated gnome-tweak-tool packages that fix two bugs are now available for RedHat Enterprise Linux 7.
Read more... -
RHBA-2019:0496-1: tuned bug fix update
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updated tuned packages that fix two bugs are now available for Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0488-1: Red Hat Certification bug fix and enhancement update for RHEL6 and RHEL7
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:An updated redhat-certification package that fixes several bugs and adds variousenhancements is now available for Red Hat Enterprise Linux 6 and Red HatEnterprise Linux 7.
Read more... -
RHBA-2019:0484-1: dpdk bug fix update
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updated dpdk packages that fix one bug are now available in the Extras channelof Red Hat Enterprise Linux 7.
Read more... -
RHSA-2019:0544-1: Important: .NET Core on Red Hat Enterprise Linux security update for March 2019
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore,rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core onRed Hat Enterprise Linux.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score,[…]
Read more... -
RHEA-2019:0543-1: new packages: rh-jmc
Red Hat Errata Jan 1, 1970 | 00:00 amRed Hat Enterprise Linux:New rh-jmc packages are now available as a part of Red Hat Software Collections3.2 for Red Hat Enterprise Linux 7.
Read more...
Debian ist eine der am weitesten verbreiteten und auch ältesten Linux-Distributionen.
-
Debian: DSA-4742-1: firejail security update
Advisories Aug 6, 2020 | 16:16 pm
Read more...
Tim Starling discovered two vulnerabilities in firejail, a sandbox program to restrict the running environment of untrusted applications. CVE-2020-17367 -
Debian: DSA-4741-1: json-c security update
Advisories Aug 5, 2020 | 17:21 pm
Read more...
Tobias Stoeckmann discovered an integer overflow in the json-c JSON library, which could result in denial of service or potentially the execution of arbitrary code if large malformed JSON files are processed. -
Debian: DSA-4739-1: webkit2gtk security update
Advisories Aug 3, 2020 | 11:08 am
Read more...
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2020-9862 -
Debian: DSA-4740-1: thunderbird security update
Advisories Aug 2, 2020 | 13:44 pm
Read more...
Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. -
Debian: DSA-4738-1: ark security update
Advisories Jul 31, 2020 | 16:17 pm
Read more...
Dominik Penner discovered that the Ark archive manager did not sanitise extraction paths, which could result in maliciously crafted archives writing outside the extraction directory. -
Debian: DSA-4735-2: grub2 regression update
Advisories Jul 30, 2020 | 17:52 pm
Read more...
The update for grub2 released as DSA 4735-1 caused a boot-regression when chainloading another bootlaoder and breaking notably dual-boot with Windows. Updated grub2 packages are now available to correct this issue. -
Debian: DSA-4737-1: xrdp security update
Advisories Jul 29, 2020 | 16:27 pm
Read more...
Ashley Newson discovered that the XRDP sessions manager was susceptible to denial of service. A local attacker can further take advantage of this flaw to impersonate the XRDP sessions manager and capture any user credentials that are submitted to XRDP,[…] -
Debian: DSA-4735-1: grub2 security update
Advisories Jul 29, 2020 | 14:59 pm
Read more...
Several vulnerabilities have been discovered in the GRUB2 bootloader. CVE-2020-10713 -
Debian: DSA-4736-1: firefox-esr security update
Advisories Jul 29, 2020 | 14:04 pm
Read more...
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or an information leak. -
Debian Security Advisory 4633-1
Operating System: Debian ≈ Packet Storm Feb 25, 2020 | 15:20 pmDebian Linux Security Advisory 4633-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
Read more... -
Debian Security Advisory 4629-1
Operating System: Debian ≈ Packet Storm Feb 19, 2020 | 15:38 pmDebian Linux Security Advisory 4629-1 - Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module. A remote attacker could leverage this to perform SQL injection attacks.
Read more... -
Debian Security Advisory 4628-1
Operating System: Debian ≈ Packet Storm Feb 19, 2020 | 15:28 pmDebian Linux Security Advisory 4628-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
Read more... -
Debian Security Advisory 4626-1
Operating System: Debian ≈ Packet Storm Feb 18, 2020 | 15:05 pmDebian Linux Security Advisory 4626-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
Read more... -
Debian Security Advisory 4627-1
Operating System: Debian ≈ Packet Storm Feb 18, 2020 | 15:04 pmDebian Linux Security Advisory 4627-1 - Cross site scripting, denial of service, and various other vulnerabilities have been discovered in the webkit2gtk web engine.
Read more... -
Debian Security Advisory 4625-1
Operating System: Debian ≈ Packet Storm Feb 17, 2020 | 18:02 pmDebian Linux Security Advisory 4625-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service.
Read more... -
Debian Security Advisory 4624-1
Operating System: Debian ≈ Packet Storm Feb 17, 2020 | 17:31 pmDebian Linux Security Advisory 4624-1 - Several vulnerabilities were discovered in evince, a simple multi-page document viewer.
Read more... -
Debian Security Advisory 4620-1
Operating System: Debian ≈ Packet Storm Feb 17, 2020 | 16:41 pmDebian Linux Security Advisory 4620-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Read more... -
Debian Security Advisory 4621-1
Operating System: Debian ≈ Packet Storm Feb 17, 2020 | 16:41 pmDebian Linux Security Advisory 4621-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of Kerberos GSSAPI and TGS requests or incorrect TLS handshakes.
Read more... -
Debian Security Advisory 4623-1
Operating System: Debian ≈ Packet Storm Feb 14, 2020 | 15:25 pmDebian Linux Security Advisory 4623-1 - Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks.
Read more...
Fedora ist eine Linux-Distribution, die für eine möglichst vielfältige Zielgruppe entwickelt wurde.
-
netkit-telnet 0.17 Remote Code Execution
Operating System: Fedora ≈ Packet Storm Mar 5, 2020 | 20:57 pmnetkit-telnet version 0.17 telnetd on Fedora 31 BraveStarr remote code execution exploit.
Read more... -
vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
Operating System: Fedora ≈ Packet Storm Dec 23, 2019 | 21:02 pmThis Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and[…]
Read more... -
Grub2 grub2-set-bootflag Environment Corruption
Operating System: Fedora ≈ Packet Storm Nov 27, 2019 | 23:02 pmGrub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.
Read more... -
SystemTap 1.3 MODPROBE_OPTIONS Privilege Escalation
Operating System: Fedora ≈ Packet Storm Apr 19, 2019 | 13:28 pmThis Metasploit module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be[…]
Read more... -
Linux Nested User Namespace idmap Limit Local Privilege Escalation
Operating System: Fedora ≈ Packet Storm Nov 28, 2018 | 01:51 amThis Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root (CVE-2018-18955). The target system must have unprivileged user[…]
Read more... -
Linux Kernel Local Privilege Escalation
Operating System: Fedora ≈ Packet Storm Jul 12, 2018 | 21:43 pmLinux kernels prior to version 4.13.9 (Ubuntu 16.04/Fedora 27) local privilege escalation exploit.
Read more... -
DHCP Client Command Injection (DynoRoot)
Operating System: Fedora ≈ Packet Storm Jun 12, 2018 | 23:58 pmThis Metasploit module exploits the DynoRoot vulnerability, a flaw in how the NetworkManager integration script included in the DHCP client in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier processes DHCP options. A malicious DHCP server, or[…]
Read more... -
Reliable Datagram Sockets (RDS) Privilege Escalation
Operating System: Fedora ≈ Packet Storm May 19, 2018 | 06:48 amThis Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This Metasploit module has been tested successfully on Fedora 13 (i686) with kernel version[…]
Read more... -
Libuser roothelper Privilege Escalation
Operating System: Fedora ≈ Packet Storm May 13, 2018 | 21:49 pmThis Metasploit module attempts to gain root privileges on Red Hat based Linux systems, including RHEL, Fedora and CentOS, by exploiting a newline injection vulnerability in libuser and userhelper versions prior to 0.56.13-8 and version 0.60 before 0.60-7. This Metasploit[…]
Read more... -
MagniComp SysInfo mcsiwrapper Privilege Escalation
Operating System: Fedora ≈ Packet Storm Feb 20, 2018 | 14:09 pmThis Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the '--configfile' argument. The 'ExecPath' config directive is used to set the executable[…]
Read more...
FreeBSD ist ein freies Betriebssystem, welches hauptsächlich für Server und Appliances entwickelt wird, aber auch auf Desktop-Systemen verwendet werden kann und wird.
-
go -- encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
FreeBSD VuXML Aug 6, 2020 | 00:00 am
Read more... -
Gitlab -- Multiple Vulnerabilities
FreeBSD VuXML Aug 6, 2020 | 00:00 am
Read more... -
FreeBSD -- sendmsg(2) privilege escalation
FreeBSD VuXML Aug 6, 2020 | 00:00 am
Read more... -
FreeBSD -- Potential memory corruption in USB network device drivers
FreeBSD VuXML Aug 6, 2020 | 00:00 am
Read more... -
typo3 -- multiple vulnerabilities
FreeBSD VuXML Aug 4, 2020 | 00:00 am
Read more... -
xorg-server -- Pixel Data Uninitialized Memory Information Disclosure
FreeBSD VuXML Aug 1, 2020 | 00:00 am
Read more... -
libX11 -- Heap corruption in the X input method client in libX11
FreeBSD VuXML Aug 1, 2020 | 00:00 am
Read more... -
Python -- multiple vulnerabilities
FreeBSD VuXML Jul 31, 2020 | 00:00 am
Read more...
Bei openSUSE handelt es sich um eine Linux-Distribution der SuSE GmbH, die auch in Deutschland weit verbreitet ist. OpenSUSE richtet sich vor allem an Privatpersonen und ist äußerst benutzerfreundlich und stabil.