Red Hat Security Advisory 2016-2603-02 – Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network. Security Fix: A traffic amplification flaw was found in the Internet Key Exchange version 1 protocol. A remote attacker could use a libreswan server with IKEv1 enabled in a network traffic amplification denial of service attack against other hosts on the network by sending UDP packets with a spoofed source address to that server.
Monthly Archives: November 2016
Red Hat Security Advisory 2016-2606-02
Red Hat Security Advisory 2016-2606-02 – PostgreSQL is an advanced object-relational database management system. The following packages have been upgraded to a newer upstream version: postgresql. Security Fix: A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code.
Colossal DDoS attack in Liberia wipes majority of country offline
Liberia has been hit with a harmful DDoS attack yet, with most of its residents unable to get online. The Mirai botnet is the cause.
The post Colossal DDoS attack in Liberia wipes majority of country offline appeared first on WeLiveSecurity.
Hack Attacks Cut Internet Access In Liberia
Elon Musk Critic Sues Tesla, Claims Musk Agents Hacked His Twitter
Cisco Job Applicants Warned Of Data Leak
Outlook Web Access Two-Factor Authentication Bypass Exists
Privatoria — Protect Your Privacy Online with Fast and Encrypted VPN Service
Today, most of you surf the web unaware of the fact that websites collect your data and track your locations and makes millions by sharing your search histories, location data, and buying habits with advertisers and marketers.
And if this isn’t enough, there are hackers and cyber criminals out there who have the ability to easily steal your sensitive and personal data from the ill-equipped
python-simplejson-3.5.3-1.el7
Update to 3.5.3:
* Fix lower bound checking in scan_once / raw_decode API
https://github.com/simplejson/simplejson/issues/98
* Consistently reject int_as_string_bitcount settings that are not
positive integers
* Added int_as_string_bitcount encoder option
https://github.com/simplejson/pull/96
* Fixed potential crash when encoder created with incorrect options
* Native setuptools support re-introduced
https://github.com/simplejson/simplejson/pull/92
ghostscript-9.20-5.fc24
This update fixes a rare ocasion where ghostscript would fail when displaying *.ps files. More info can be found [here](http://bugs.ghostscript.com/show_bug.cgi?id=697286).
—-
This is a security update for these CVEs:
* [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi?id=1383940) – *check for sufficient params in .sethalftone5*
* [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) – *.libfile does not honor -dSAFER* [This CVE is now correctly fixed, previous release was accidentally missing the fix.]