BugTraq Latest Security Advisories

Syndicate content
The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!
Updated: 21 min 18 sec ago

WebKitGTK+ Security Advisory WSA-2017-0009

November 13, 2017 - 10:39pm

Posted by Carlos Alberto Lopez Perez on Nov 13

------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2017-0009
------------------------------------------------------------------------

Date reported : November 10, 2017
Advisory ID : WSA-2017-0009
Advisory URL : https://webkitgtk.org/security/WSA-2017-0009.html
CVE identifiers : CVE-2017-13783, CVE-2017-13784, CVE-2017-13785,...
Categories:

[RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice

November 10, 2017 - 6:40am

Posted by RedTeam Pentesting GmbH on Nov 10

Advisory: XML External Entity Expansion in Ladon Webservice

Attackers who can send SOAP messages to a Ladon webservice via the HTTP
interface of the Ladon webservice can exploit an XML external entity expansion
vulnerability and read local files, forge server side requests or overload the
service with exponentially growing memory payloads.

Details
=======

Product: Ladon Framework for Python
Affected Versions: 0.9.40 and previous
Fixed...
Categories:

[SECURITY] [DSA 4029-1] postgresql-common security update

November 10, 2017 - 6:31am

Posted by Moritz Muehlenhoff on Nov 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4029-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
November 09, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-common
CVE ID : CVE-2017-8806

It was...
Categories:

[SECURITY] [DSA 4028-1] postgresql-9.6 security update

November 10, 2017 - 6:24am

Posted by Moritz Muehlenhoff on Nov 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4028-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
November 09, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-9.6
CVE ID : CVE-2017-15098...
Categories:

[SECURITY] [DSA 4027-1] postgresql-9.4 security update

November 10, 2017 - 6:16am

Posted by Moritz Muehlenhoff on Nov 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4027-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
November 09, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : postgresql-9.4
CVE ID : CVE-2017-15098

A...
Categories:

[SECURITY] [DSA 4026-1] bchunk security update

November 10, 2017 - 6:07am

Posted by Sebastien Delafond on Nov 10

-------------------------------------------------------------------------
Debian Security Advisory DSA-4026-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
November 09, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : bchunk
CVE ID : CVE-2017-15953 CVE-2017-15954...
Categories: