[SECURITY] [DSA 3581-1] libndp security update
Monthly Archives: May 2016
Bugtraq: [security bulletin] HPSBHF03594 rev.1 – HPE ConvergedSystem and AppSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities
[security bulletin] HPSBHF03594 rev.1 – HPE ConvergedSystem and AppSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities
Bugtraq: WSO2 SOA Enablement Server – Reflected Cross-Site Scripting
WSO2 SOA Enablement Server – Reflected Cross-Site Scripting
DSA-3583 swift-plugin-s3 – security update
It was discovered that the swift3 (S3 compatibility) middleware plugin
for Swift performed insufficient validation of date headers which might
result in replay attacks.
DSA-3582 expat – security update
Gustavo Grieco discovered that Expat, an XML parsing C library, does not
properly handle certain kinds of malformed input documents, resulting in
buffer overflows during processing and error reporting. A remote
attacker can take advantage of this flaw to cause an application using
the Expat library to crash, or potentially, to execute arbitrary code
with the privileges of the user running the application.
RHSA-2016:1086-1: Moderate: libndp security update
Red Hat Enterprise Linux: An update for libndp is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-3698
RHEA-2016:1085-1: Red Hat Enterprise MRG Realtime 2.5 enhancement update
Red Hat Enterprise Linux: Updated Red Hat Enterprise MRG Realtime packages that add one enhancement are
now available for Red Hat Enterprise MRG 2.5.
RHBA-2016:1090-1: firefox bug fix update
Red Hat Enterprise Linux: Updated firefox packages that fix one bug are now available for Red Hat
Enterprise Linux 7.
Red Hat Security Advisory 2016-1087-01
Red Hat Security Advisory 2016-1087-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.0.3 serves as a replacement for Red Hat JBoss Web Server 3.0.2, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References.
Red Hat Security Advisory 2016-1088-01
Red Hat Security Advisory 2016-1088-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.0.3 serves as a replacement for Red Hat JBoss Web Server 3.0.2, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References.