https://kinsta.com/blog/your-connection-is-not-private/Kinsta works with thousands of different WordPress sites on a daily basis, so when it comes to different types of errors, we’ve pretty much seen it all. From database connection errors to the white screen of death, and browser/TLS related issues. Some of these for the everyday WordPress user can be downright frustrating and even […]
More info:
https://kinsta.com/blog/your-connection-is-not-private/
This update provides mitigations for the L1 Terminal Faultvulnerability affecting a range of Intel CPUs.
More info:
https://www.debian.org/security/2018/dsa-4274
August 16, 2018 2:45 PM PDT CVE Identifiers: CVE-2018-5390 (SegmentSmack), CVE-2018-5391 (FragmentSmack) AWS is aware of two recently-disclosed security issues, commonly referred to as SegmentSmack and FragmentSmack, both of which affect the TCP and IP processing subsystem of several popular operating systems including Linux. With the exception of the AWS services listed below, no customer action is required to address these issues. Customers not using Amazon Linux should contact their
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-018/
This update ships updated CPU microcode for some types of Intel CPUs andprovides SSBD support (needed to address Spectre v4) and fixes forSpectre v3a.
More info:
https://www.debian.org/security/2018/dsa-4273
Kristi Nikolla discovered an information leak in Keystone, the OpenStackidentity service, if running in a federated setup.
More info:
https://www.debian.org/security/2018/dsa-4275
CVE-2018-5391 (FragmentSmack) Juha-Matti Tilli discovered a flaw in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker can take advantage of this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially crafted packets, leading to remote denial of service.
More info:
https://www.debian.org/security/2018/dsa-4272
Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.[Updated 16th August 2018]The original errata text was missing reference to CVE-2018-5390 fix. We haveupdated the errata text to correct
More info:
http://rhn.redhat.com/errata/RHSA-2018-2390.html
BIG-IP APM client for Linux and macOS vulnerabilitiy CVE-2018-5546. Security Advisory. Security Advisory Description. The ...
More info:
https://support.f5.com/csp/article/K54431371
BIG-IP APM client for Windows vulnerability CVE-2018-5547. Security Advisory. Security Advisory Description. Windows ...
More info:
https://support.f5.com/csp/article/K10015187
August 16, 2018 2:45 PM PDT CVE Identifiers: CVE-2018-3620, CVE-2018-3646 Intel has published a security advisory (INTEL-SA-00161) regarding a new side-channel analysis method concerning their processors called "L1 Terminal Fault" (L1TF). AWS has designed and implemented its infrastructure with protections against these types of attacks, and has also deployed additional protections for L1TF. All EC2 host infrastructure has been updated with these new protections, and no customer
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-019/
