APPLE-SA-2016-03-31-1 iBooks Author 2.4.1
Monthly Archives: April 2016
New Heap-Spray Exploit Tied To LZH Archive Decompression
Researchers found a vulnerability in the classic compression standard Lhasa, once a mainstay for game developers in the mid-90s and still in use today.
RHBA-2016:0531-1: python-docker-py bug fix and enhancement update
Red Hat Enterprise Linux: An updated python-docker-py package that fixes several bugs and adds various
enhancements is now available for Red Hat Enterprise Linux 7 Extras.
RHBA-2016:0528-1: kubernetes bug fix and enhancement update
Red Hat Enterprise Linux: Updated kubernetes packages that fix several bugs and add various enhancements
are now available for Red Hat Enterprise Linux 7 Extras.
RHBA-2016:0527-1: atomic bug fix and enhancement update
Red Hat Enterprise Linux: Updated atomic package that fixes several bugs and adds various enhancements are
now available for Red Hat Enterprise Linux 7 Extras.
Apple Releases Security Update
Original release date: April 01, 2016
Apple has released a security update to address a vulnerability in its iBooks Author software. Exploitation of this vulnerability may allow an attacker to obtain sensitive information from an affected system.
US-CERT encourages users and administrators to review the Apple security website and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
CVE-2016-1167 (wg300hp_firmware)
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users.
CVE-2016-1168 (wf800hp_firmware)
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.