The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash) via crafted JavaScript code, as demonstrated by an error in garbage collection during allocation of a stack-overflow exception message.
Monthly Archives: July 2015
CEBA-2015:1208 CentOS 7 perl-Date-Calc FASTTRACKBugFix Update
CentOS Errata and Bugfix Advisory 2015:1208 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1208.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 083789315b597a6370b544749b751cb57edd15ec98723ffddfdb218bef0667b0 perl-Date-Calc-6.3-14.el7.noarch.rpm Source: 8d4663267487f419bdaa41c55032b7084e52a4f68179be6928522a9fd284bb7c perl-Date-Calc-6.3-14.el7.src.rpm
DSA-3315 chromium-browser – security update
Several vulnerabilities were discovered in the chromium web browser.
GLSA 201507-22: e2fsprogs: Arbitrary code execution
DSA-3314 typo3-src – end of life
Upstream security support for Typo3 4.5.x ended three months ago and the
same now applies to the Debian packages as well.
DSA-3313 linux – security update
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation or denial of service.
Lynis Auditing Tool 2.1.1
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
WordPress Paid Memberships Pro 1.8.4.2 Cross Site Scripting
WordPress Paid Memberships Pro plugin version 1.8.4.2 suffers from a cross site scripting vulnerability.
WordPress Count Per Day 3.4 SQL Injection
WordPress Count Per Day plugin version 3.4 suffers from a remote SQL injection vulnerability.
EMC Avamar Directory Traversal
EMC Avamar includes a directory traversal vulnerability that could potentially be exploited by malicious users to access the data on the Avamar Server. Affected products include EMC Avamar Server all versions from 7.0 to 7.1.1-145 (inclusive) and EMC Avamar Virtual Addition (AVE) all versions from 7.0 to 7.1.1-145 (inclusive).