DSA-4124 lucene-solr – security update
Two vulnerabilities have been found in Solr, a search server based onLucene, which could result in the execution of arbitrary code orpath traversal.
More info:
https://www.debian.org/security/2018/dsa-4124
RHSA-2018:0368-1: Low: erlang security update
Red Hat Enterprise Linux: An update for erlang is now available for Red Hat OpenStack Platform 10.0(Newton).Red Hat Product Security has rated this update as having a security impact ofLow. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2017-1000385
More info:
http://rhn.redhat.com/errata/RHSA-2018-0368.html
DSA-4126 xmltooling – security update
Kelby Ludwig and Scott Cantor discovered that the Shibboleth serviceprovider is vulnerable to impersonation attacks and informationdisclosure due to incorrect XML parsing. For additional details pleaserefer to the upstream advisory athttps://shibboleth.net/community/advisories/secadv_20180227.txt
More info:
https://www.debian.org/security/2018/dsa-4126
RHSA-2018:0369-1: Moderate: openstack-nova and python-novaclient security, bug fix, and enhancement update
Red Hat Enterprise Linux: An update for openstack-nova and python-novaclient is now available for Red HatOpenStack Platform 10.0 (Newton).Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2017-16239
More info:
http://rhn.redhat.com/errata/RHSA-2018-0369.html