The American Registry for Internet Numbers (ARIN) is no longer able to issue IPv4 addresses, activating an ‘unmet requests’ policy for the first time,
The post North America is running out of IPv4 addresses appeared first on We Live Security.
Monthly Archives: July 2015
Fedora 21 Security Update: rubygem-moped-1.5.3-1.fc21
Fedora 22 Security Update: openssh-6.9p1-1.fc22
Resolved Bugs
1238241 – openssh: various flaws [fedora-all]
1238231 – CVE-2015-5352 openssh: XSECURITY restrictions bypass under certain conditions in ssh(1)
1238238 – openssh: weakness of agent locking (ssh-add -x) to password guessing
1238253 – openssh-6.9p1 is available<br
This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking (ssh-add -x) to password guessing (more info in related bugs). It also provides new version of openssh-6.9 which is bringing many bugfixes and few new features with maintaining compatibility with previous version.
Fedora 21 Security Update: openssh-6.6.1p1-13.fc21
Resolved Bugs
1238241 – openssh: various flaws [fedora-all]
1238238 – openssh: weakness of agent locking (ssh-add -x) to password guessing
1238231 – CVE-2015-5352 openssh: XSECURITY restrictions bypass under certain conditions in ssh(1)<br
This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking (ssh-add -x) to password guessing (more info in related bugs). For more information see related bugs.
Fedora 22 Security Update: rubygem-moped-1.5.3-1.fc22
Fedora 21 Security Update: polkit-0.113-1.fc21
Resolved Bugs
910262 – [abrt] polkit-0.107-4.fc18: js::PropertyTable::search: Process /usr/lib/polkit-1/polkitd was killed by signal 11 (SIGSEGV)
1175061 – [abrt] polkit: js::ShapeTable::search(): polkitd killed by SIGSEGV
1177930 – [abrt] polkit: LookupPropertyWithFlagsInline(): polkitd killed by SIGSEGV
1194391 – [abrt] polkit: getObjectClass(): polkitd killed by SIGSEGV
1228738 – CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
1228739 – CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent [fedora-all]
1233808 – CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping
1233810 – CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping [fedora-all]<br
Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625
Fedora 22 Security Update: polkit-0.113-1.fc22
Resolved Bugs
910262 – [abrt] polkit-0.107-4.fc18: js::PropertyTable::search: Process /usr/lib/polkit-1/polkitd was killed by signal 11 (SIGSEGV)
1175061 – [abrt] polkit: js::ShapeTable::search(): polkitd killed by SIGSEGV
1177930 – [abrt] polkit: LookupPropertyWithFlagsInline(): polkitd killed by SIGSEGV
1194391 – [abrt] polkit: getObjectClass(): polkitd killed by SIGSEGV
1228738 – CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
1228739 – CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent [fedora-all]
1233808 – CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping
1233810 – CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping [fedora-all]<br
Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625
Fedora 22 Security Update: rsyslog-8.8.0-3.fc22
Snorby 2.6.2 Cross Site Scripting
Snorby version 2.6.2 suffers from a cross site scripting vulnerability.
BlackCat CMS 1.1.1 Path Traversal
BlackCat CMS version 1.1.1 suffers from a path traversal vulnerability.