Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.
kernel-4.11.0-0.rc4.git0.1.fc26
Kernel 4.11-rc4
DSA-3824 firebird2.5 – security update
George Noseevich discovered that firebird2.5, a relational database
system, did not properly check User-Defined Functions (UDF), thus
allowing remote authenticated users to execute arbitrary code on the
firebird server.
Vuln: Ruby on Rails Action Pack CVE-2016-0751 Denial of Service Vulnerability
Ruby on Rails Action Pack CVE-2016-0751 Denial of Service Vulnerability
Vuln: LibTIFF CVE-2016-9533 Heap Buffer Overflow Vulnerability
LibTIFF CVE-2016-9533 Heap Buffer Overflow Vulnerability
Vuln: F5 BIG-IP APM CVE-2016-7472 Denial of Service Vulnerability
F5 BIG-IP APM CVE-2016-7472 Denial of Service Vulnerability
Vuln: IBM Rational Quality Manager CVE-2016-6031 Cross Site Scripting Vulnerability
IBM Rational Quality Manager CVE-2016-6031 Cross Site Scripting Vulnerability
xen-4.6.5-3.fc24
xenstore denial of service via repeated update [XSA-206] (#1436690)
xen-4.7.2-3.fc25
xenstore denial of service via repeated update [XSA-206] (#1436690)
Ubuntu Security Notice USN-3245-1
Ubuntu Security Notice 3245-1 – Hanno Boeck discovered that GStreamer Good Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash.