Red Hat Enterprise Linux: Updated kubernetes packages that fix several bugs and add various enhancements
are now available for Red Hat Enterprise Linux 7 Extras.
Monthly Archives: September 2015
RHBA-2015:1775-1: systemd bug fix update
Red Hat Enterprise Linux: Updated systemd packages that fix one bug are now available for Red Hat
Enterprise Linux 7.
RHBA-2015:1774-1: coreutils bug fix update
Red Hat Enterprise Linux: Updated coreutils packages that fix one bug are now available for Red Hat
Enterprise Linux 7.
RHBA-2015:1773-1: kdc bug fix update
Red Hat Enterprise Linux: Updated kdc packages that fix one bug are now available for Red Hat Enterprise
Linux 7.
First Let’s Encrypt Free Certificate Goes Live
Let’s Encrypt hit a major milestone today when its first free and automated cert went live.
WordPress Patches Serious Shortcodes Core Engine Vulnerability
WordPress upgraded to 4.3.1, patching a pair of vulnerabilities in the core engine, including a cross-site scripting issue enabled by a vulnerability in shortcodes.
CVE-2015-5472
Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter.
CVE-2015-6943
SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when “Use Tokens for Comment Moderation” enabled, allows remote administrators to execute arbitrary SQL commands via the serendipity[id] parameter to serendipity_admin.php.
CVE-2015-6944
Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the cmd parameter to sys/sys/listaBD2.jsp.
CVE-2015-6945
Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp.