Red Hat Enterprise Linux: Updated “screen” packages that fix two bugs are now available for Red Hat
Enterprise Linux 7.
Monthly Archives: August 2015
RHBA-2015:1605-1: python-setuptools bug fix update
Red Hat Enterprise Linux: An updated python-setuptools package that fixes one bug is now available for Red
Hat Enterprise Linux 7.
CEBA-2015:1605 CentOS 7 python-setuptoolsFASTTRACK BugFix Update
CentOS Errata and Bugfix Advisory 2015:1605 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1605.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: f61304bd2bb087f2811b02e988b89fd039b74e78df57b60fb9853a1d94ac49fa python-setuptools-0.9.8-4.el7.noarch.rpm Source: 0d993d856bb585fbaf51d1d2bed3c3624a53237ee2161476f363a18afaf02869 python-setuptools-0.9.8-4.el7.src.rpm
CEBA-2015:1606 CentOS 7 screen FASTTRACK BugFixUpdate
CentOS Errata and Bugfix Advisory 2015:1606 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1606.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 1cfafa83719546262807c40379f5cbc945efacfcb65b70fe70330173398deb31 screen-4.1.0-0.21.20120314git3c2946.el7.x86_64.rpm Source: d69991609417e6f21900ab1f79f32c60e12108ff7c276f82869af0f0aec3b9b3 screen-4.1.0-0.21.20120314git3c2946.el7.src.rpm
CVE-2015-2321 (job_manager)
Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field.
CVE-2015-3253 (groovy)
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
CVE-2015-4665 (xsuite)
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.3.0 and 2.4.3.0 allows remote attackers to inject arbitrary web script or HTML via the fileName parameter.
CVE-2015-4666 (xsuite)
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.3.0 and 2.4.3.0 allows remote attackers to read arbitrary files via a ….// (quadruple dot double slash) in the logFile parameter.
CVE-2015-5474 (bittorrent, utorrent)
BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol.
CVE-2015-5535 (qtranslate)
Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the qtranslate page to wp-admin/options-general.php.