Month: abril 2018

Two vulnerabilities were discovered in LibreOffices code to parseMS Word and Structured Storage files, which could result in denial ofservice and potentially the execution of arbitrary code if a malformedfile is opened. More info: https://www.debian.org/security/2018/dsa-4178

Multiple vulnerabilities have been discovered in the image loadinglibrary for Simple DirectMedia Layer 2, which could result in denial ofservice or the execution of arbitrary code if malformed image files areopened. More info: https://www.debian.org/security/2018/dsa-4177

Several issues have been discovered in the MySQL database server. Thevulnerabilities are addressed by upgrading MySQL to the new upstreamversion 5.5.60, which includes additional changes. Please see the MySQL5.5 Release Notes and Oracles Critical Patch Update advisory forfurther details: More info: https://www.debian.org/security/2018/dsa-4176

Today VMware has released the following new security advisory: “VMSA-2018-0010 – Horizon DaaS update addresses a broken authentication issue” This documents the remediation of a moderate severity issue (CVE-2018-6960) in VMware Horizon DaaS that may allow an attacker to bypass two-factor authentication. In order to exploit this issue, an attacker must have a legitimate account […]The post New VMware Security Advisory VMSA-2018-0010 appeared first on VMware Security More info: https://blogs.vmware.com/security/2018/04/new-vmware-security-advisory-vmsa-2018-0010.html

OpenSSL vulnerability CVE-2016-2105. Security Advisory. Security Advisory Description. Integer overflow in the EVP_EncodeUpdate ... More info: https://support.f5.com/csp/article/K51920288

PHP vulnerability CVE-2016-5767. Security Advisory. Security Advisory Description. Integer overflow in the gdImageCreate ... More info: https://support.f5.com/csp/article/K03534020

Red Hat Enterprise Linux: An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux7.Red Hat Product Security has rated this update as having a security impact ofCritical. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, More info: http://rhn.redhat.com/errata/RHSA-2018-1191.html

OpenSSL vulnerability CVE-2016-2182. Security Advisory. Security Advisory Description. The BN_bn2dec function in crypto ... More info: https://support.f5.com/csp/article/K01276005

Linux kernel vulnerability CVE-2018-6412. Security Advisory. Security Advisory Description. In the function sbusfb_ioctl_helper ... More info: https://support.f5.com/csp/article/K23372179

OpenSSL vulnerability CVE-2016-2107. Security Advisory. Security Advisory Description. The AES-NI implementation in ... More info: https://support.f5.com/csp/article/K93600123