Red Hat Enterprise Linux: Updated java-1.8.0-oracle packages that fix several security issues are now
available for Oracle Java for Red Hat Enterprise Linux 6 and 7.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494
Red Hat Enterprise Linux: Updated java-1.7.0-openjdk packages that fix multiple security issues are
now available for Red Hat Enterprise Linux 5 and 7.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2015-4871, CVE-2015-7575, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
Red Hat Enterprise Linux: Updated java-1.7.0-openjdk packages that fix multiple security issues are
now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Critical security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2015-4871, CVE-2015-7575, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
Red Hat Enterprise Linux: Updated OpenStack Block Storage packages that resolve various issues are
now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno)
for RHEL 7.
Red Hat Enterprise Linux: Updated OpenStack Object Storage packages that resolve various issues are
now available for Red Hat Enterprise Linux OpenStack Platform 5.0
(Icehouse) for RHEL 7.
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 15.10
Ubuntu 15.04
Summary
Perl incorrectly handled the taint attribute.
Software description
perl
– Practical Extraction and Report Language
Details
David Golden discovered that the canonpath function in the Perl File::Spec module did not properly preserve the taint attribute. An attacker could possibly use this issue to bypass the taint protection mechanism.
Update instructions
The problem can be corrected by updating your system to the following
package version:
It was discovered that rsync incorrectly handled invalid filenames. A malicious server could use this issue to write files outside of the intended destination directory.
Update instructions
The problem can be corrected by updating your system to the following
package version:
Ubuntu Security Notice 2879-1 – It was discovered that rsync incorrectly handled invalid filenames. A malicious server could use this issue to write files outside of the intended destination directory.