Red Hat Enterprise Linux: An update for python-django-horizon is now available for Red Hat Enterprise
Linux OpenStack Platform 6.0 (Juno) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-4428
Red Hat Enterprise Linux: An update for python-django-horizon is now available for Red Hat Enterprise
Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-4428
Red Hat Enterprise Linux: An update for python-django-horizon is now available for Red Hat Enterprise
Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-4428
Red Hat Enterprise Linux: An update for setroubleshoot and setroubleshoot-plugins is now available for Red
Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-4444, CVE-2016-4445, CVE-2016-4446, CVE-2016-4989
Red Hat Enterprise Linux: New rh-nodejs4 packages are now available as a part of Red Hat Software
Collections 2.2 for Red Hat Enterprise Linux 6.
Red Hat Enterprise Linux: Updated tzdata packages that add various enhancements are now available for Red
Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6
Long Life, Red Hat Enterprise Linux 5.9 Advanced Update Support, Red Hat
Enterprise Linux 5.11, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red
Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5
Advanced Update Support, Red Hat Enterprise Linux 6.6 Extended Update Support,
Red Hat Enterprise Linux 6.7, Red Hat Enterprise Linux 7.1 Extended Update
Support, Red Hat Enterprise Linux 7.1 Little Endian Extended Update Support, and
Red Hat Enterprise Linux 7.2.
Red Hat Enterprise Linux: An updated redhat-certification-openstack package is now available for Red Hat
OpenStack Platform 8.0 release.
21st June, 2016
A security issue affects these releases of Ubuntu and its
derivatives:
Several security issues were fixed in Spice.
Jing Zhao discovered that the Spice smartcard support incorrectly handled
memory. A remote attacker could use this issue to cause Spice to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only applied to Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-0749)
Frediano Ziglio discovered that Spice incorrectly handled certain primary
surface parameters. A malicious guest operating system could potentially
exploit this issue to escape virtualization. (CVE-2016-2150)
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart qemu guests to make
all the necessary changes.
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.