Red Hat Enterprise Linux: Updated openssh packages that fix two security issues are now available
for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2015-5600, CVE-2016-3115
Red Hat Enterprise Linux: Updated openssh packages that fix two security issues are now available
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2016-1908, CVE-2016-3115
Apple Security Advisory 2016-03-21-3 – tvOS 9.2 is now available and addresses code execution, memory corruption, and various other vulnerabilities.
Apple Security Advisory 2016-03-21-2 – watchOS 2.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.
21st March, 2016
A security issue affects these releases of Ubuntu and its
derivatives:
Several security issues were fixed in WebKitGTK+.
A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany and Evolution, to make all the
necessary changes.
21st March, 2016
A security issue affects these releases of Ubuntu and its
derivatives:
Git could be made to crash or run programs as your login if it received
changes from a specially crafted remote repository.
Laël Cellier discovered that Git incorrectly handled path strings in
crafted Git repositories. A remote attacker could use this issue to cause
a denial of service or possibly execute arbitrary code with the
privileges of the user invoking Git. (CVE-2016-2315, CVE-2016-2324)
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
Apple Security Advisory 2016-03-21-1 – iOS 9.3 is now available and addresses code execution, memory corruption, and various other vulnerabilities.
Securimage version 3.6.2 suffers from a cross site scripting vulnerability.
WordPress HB Audio Gallery Lite plugin version 1.0.0 suffers from an arbitrary file download vulnerability.