Red Hat Enterprise Linux: An update for chromium-browser is now available for Red Hat Enterprise Linux 6
Supplementary.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-5170, CVE-2016-5171, CVE-2016-5172, CVE-2016-5173, CVE-2016-5174, CVE-2016-5175
This Metasploit module obtains root privileges from any host account with access to the Docker daemon. Usually this includes accounts in the docker group.
ZooKeeper versions 3.4.0 through 3.4.8 and 3.5.0 through 3.5.2 suffer from a buffer overflow vulnerability. This affects the ZooKeeper C client shells cli_st and cli_mt.
Do you remember the infamous encryption fight between the FBI and Apple for unlocking an iPhone 5C belongs to a terrorist?
Yes, you got it right, the same Apple vs. FBI case where the FBI paid almost $1.3 Million to a group of hackers to unlock that iPhone.
However, if the agency had shown some patience to explore more ways to get into that iPhone, then it might have cost them nothing less than
Slackware Security Advisory – New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
Oxwall version 1.8.0 build 9900 suffers from cross site scripting and open redirection vulnerabilities.
Debian Linux Security Advisory 3669-1 – Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation.
Red Hat Security Advisory 2016-1905-01 – Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 53.0.2785.113. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
