Linux security Advisories

2018. december 29.

Fedora 28: nettle Security Update

LinuxSecurity.com: Security fix for CVE-2018-16869
2018. december 29.

SUSE: 2018:4300-1 important: xen

LinuxSecurity.com: An update that solves 9 vulnerabilities and has four fixes is now available.
2018. december 29.

SUSE: 2018:4298-1 moderate: wireshark

LinuxSecurity.com: An update that fixes 6 vulnerabilities is now available.
2018. december 29.

openSUSE: 2018:4299-1: moderate: libraw

LinuxSecurity.com: An update that fixes 5 vulnerabilities is now available.
2018. december 29.

SUSE: 2018:4297-1 important: containerd, docker and go

LinuxSecurity.com: An update that solves four vulnerabilities and has 17 fixes is now available.
2018. december 29.

SUSE: 2018:4296-1 important: mailman

LinuxSecurity.com: An update that fixes 5 vulnerabilities is now available.
2018. december 29.

SUSE: 2018:4295-1 moderate: wireshark

LinuxSecurity.com: An update that fixes 6 vulnerabilities is now available.
2018. december 29.

SUSE: 2018:4294-1 moderate: libqt5-qtbase

LinuxSecurity.com: An update that fixes two vulnerabilities is now available.
2018. december 28.

Debian: DSA-4361-1: libextractor security update

LinuxSecurity.com: Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed.
2018. december 28.

openSUSE: 2018:4287-1: important: netatalk

LinuxSecurity.com: An update that fixes one vulnerability is now available.
2018. december 28.

openSUSE: 2018:4283-1: moderate: mozilla-nspr and mozilla-nss

LinuxSecurity.com: An update that solves one vulnerability and has one errata is now available.
2018. december 28.

openSUSE: 2018:4282-1: moderate: polkit

LinuxSecurity.com: An update that fixes one vulnerability is now available.
2018. december 28.

Debian LTS: DLA-1621-1: c3p0 security update

LinuxSecurity.com: A XML External Entity (XXE) vulnerability was discovered in c3p0, a library for JDBC connection pooling, that may be used to resolve information outside of the intended sphere of control.
2018. december 28.

Mageia 2018-0491: ruby-i18n security update

LinuxSecurity.com: A flaw was found in the i18n gem before 0.8.0 for Ruby. The Hash#slice in lib/i18n/core_ext/hash.rb allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash (CVE-2014-10077).
2018. december 28.

Mageia 2018-0492: tcpdump security update

LinuxSecurity.com: Fixed a stack-based buffer over-read in the print_prefix function (CVE-2018-19519). References: - https://bugs.mageia.org/show_bug.cgi?id=24077
2018. december 28.

Debian LTS: DLA-1591-2: libphp-phpmailer regression update

LinuxSecurity.com: A possible regression was found in the recent security update for libphp-phpmailer, announced as DLA 1591-1. During backporting a new variable have accidentally introduced to a conditional statement from
2018. december 28.

Fedora 29: tinc Security Update

LinuxSecurity.com: Security fix for CVE-2018-16737, CVE-2018-16738, CVE-2018-16758
2018. december 28.

Fedora 29: mosquitto Security Update

LinuxSecurity.com: Update to new upstream version 1.5.5 (rhbz#1660413, rhbz#1660414)