Displaying 20 results from an estimated 20000 matches similar to: "CVE-2018-0495 Libgcrypt Vulnerability Fix for CentOS 6?"
2016 Sep 01
3
Bind Vulnerability CVE-2016-2775
Hello Experts,
When we can expect Security Update for Bind Vulnerability on Centos 6.8/7.2?
ISC BIND Lightweight Resolver Protocol Req Processing Dos Vulnerability:
CVE-2016-2775
--
With Thanks & Regards:
Sidharth Sharma
2024 Jun 26
2
Regarding the Security Vulnerability CVE 2024 - 27322
Dear Aishwarya Priyadarshini,
Welcome to R-help! Most people here aren't affiliated with R Foundation.
? Wed, 26 Jun 2024 17:03:37 +0000
"Priya, Aishwarya via R-help" <r-help at r-project.org> ?????:
> I am reaching out to seek your guidance on addressing the security
> vulnerability CVE-2024-27322.
> To address this issue effectively, it appears that we need to
2019 Dec 13
1
CVE-2019-19722: Critical vulnerability in Dovecot
Open-Xchange Security Advisory 2019-12-13
?
Product: Dovecot IMAP/POP3 Server
Vendor: OX Software GmbH
?
Internal reference: DOV-3719
Vulnerability type: NULL Pointer Dereference (CWE-476)
Vulnerable version: 2.3.9
Vulnerable component: push notification driver
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 2.3.9.1
Researcher credits: Frederik Schwan, Michael
2019 Dec 13
1
CVE-2019-19722: Critical vulnerability in Dovecot
Open-Xchange Security Advisory 2019-12-13
?
Product: Dovecot IMAP/POP3 Server
Vendor: OX Software GmbH
?
Internal reference: DOV-3719
Vulnerability type: NULL Pointer Dereference (CWE-476)
Vulnerable version: 2.3.9
Vulnerable component: push notification driver
Report confidence: Confirmed
Solution status: Fixed by Vendor
Fixed version: 2.3.9.1
Researcher credits: Frederik Schwan, Michael
2024 Jun 26
1
Regarding the Security Vulnerability CVE 2024 - 27322
Dear R Foundation Team,
I hope this message finds you well.
I am reaching out to seek your guidance on addressing the security vulnerability CVE-2024-27322. As I understand, a security fix for this vulnerability has been available starting from v4.4.0. This issue affects all versions from 1.4.0 to 4.3.3.
During our testing phase, we encountered a challenge while attempting to upgrade to the
2014 Jun 06
2
does the openSSL security vulnerability (CVE-2014-0224) affect openssh?
Dear openssh developers,
can you please check, whether the vulnerability of openSSL (CVE-2014-0224):
http://www.openssl.org/news/secadv_20140605.txt
openssh affects?
Many thanks
Van Cu Truong
Tel.: +49 (211) 399 33598
Mobile: +49 (163) 1651728
cu.truongl at atos.net<mailto:cu.truongl at atos.net>
Otto-Hahn-Ring 6
81739 M?nchen, Deutschland
de.atos.net
2016 Sep 01
2
Perl Unsafe Module Path Handling Directory Traversal Vulnerability ( CVE-2016-1238)
Hello Experts,
When we can expect Security Update for Perl Vulnerability CVE-2016-1238 on
CentOS 6.8 and 7.2?
--
With Thanks & Regards:
Sidharth Sharma
2007 Nov 17
1
Bug#451626: CVE-2007-5907, CVE-2007-5906 possible denial of service vulnerability
Package: xen-3
Version: 3.1.0-1
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.
CVE-2007-5907[0]:
| Xen 3.1.1 does not prevent modification of the CR4 TSC from
| applications, which allows pv guests to cause a denial of service
| (crash).
CVE-2007-5906[1]:
| Xen 3.1.1 allows virtual guest system users to cause a
|
2013 Apr 18
1
Xen Security Advisory 44 (CVE-2013-1917) - Xen PV DoS vulnerability with SYSENTER
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Xen Security Advisory CVE-2013-1917 / XSA-44
version 2
Xen PV DoS vulnerability with SYSENTER
UPDATES IN VERSION 2
====================
Public release.
ISSUE DESCRIPTION
=================
The SYSENTER instruction can be used by PV guests to accelerate system
call processing. This
2018 Sep 25
3
CVE-2018-14634 and kernel-debuginfo ?
The current mitigation for CVE-2018-14634 is a systemtap script
mentioned here:
https://access.redhat.com/security/cve/cve-2018-14634
It also mentions that one can build a kernel module to distribute
to other machines, but in any case one needs the corresponding
debuginfo packages to do either.
After enabling CentOS-Debug.repo, what I get is:
2023 Jan 30
1
Need to know Samba version addressing "CVE-2018-14628" fix
Hi Team,
We are looking for Security Release Version / patch for "CVE-2018-14628<https://attachments.samba.org/attachment.cgi?id=14477>".
The above CVE says :
All versions of Samba from 4.0.0 onwards are vulnerable to an
information leak (compared with the established behaviour of
Microsoft's Active Directory) when Samba is an Active Directory Domain
Controller.
A patch
2024 Jun 27
1
Regarding the Security Vulnerability CVE 2024 - 27322
Hi Ivan and R - Help Team,
Thank you for your prompt response and the helpful information.
I have another query: Is there a way to patch or upgrade the existing installation to version 4.4.0, rather than having to uninstall the older version and then install the latest one? A direct upgrade or patch would greatly simplify the process and reduce downtime.
Your guidance on this matter would be
2015 Jun 05
4
Regarding CVE-2015-1781 vulnerability in Glibc
Thanks for the reply.
Where can we get the info regarding whether its fixed in CentOS 5 or not?
I did rpm -q --changelog <glibc> | grep <CVE>
but I dont find any info on this.
This might means 3 things.
1. The version is not affected so no fix
2. The version is affected, still no fix
3. Fix applied, but not shown in o/p
Thanks
On Fri, Jun 5, 2015 at 2:06 PM, John Tall <mjtallx
2016 May 12
2
Openssl vulnerability
Hi Team,
I have a centos 7 running server with openssl version openssl-1.0.1e-51.el7_2.4.x86_64, I have received a set of vulnerability from security team, can anyone tell me as per below CVE do I need to update my openssl version to 1.0.1t? Or the current version which we have is safe.
CVE-2016-0701, CVE-2015-3197
CVE-2015-4000
CVE-2015-0204
CVE-2015-0286, CVE-2015-0287, CVE-2015-0289,
2015 Jun 05
2
Regarding CVE-2015-1781 vulnerability in Glibc
Hi All,
I am using CentOS 5.5 with gcc version 2.5.123.el5.
I just wanted to check whether the CVE-2015-1781 is fixed in the current
version?
How can I do that?
Right now I dont have access to that machine, so I wanted to check whether
its fixed online ( not via shell)?
Thanks for the help.
--
Thanks & Regards,
Venkateswara Rao Dokku.
2016 Sep 21
3
PHP vulnerability CVE-2016-4073
On 2016-Sep-21 14:35, Adrian Sevcenco wrote:
> On 09/21/2016 02:02 PM, ?????? wrote:
> > Hello,
> >
> > My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> > vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> > them are fixed/patched or have some kind of workaround. But I can't find
> > a way to fix this one.
2020 Jun 08
2
Mitigating straight-line speculation vulnerability CVE-2020-13844
Hi,
A new speculative cache side-channel vulnerability has been published at
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation,
named "straight-line speculation”, CVE-2020-13844.
In this email, I'd like to explain the toolchain mitigation we've prepared
to mitigate against this vulnerability for AArch64.
2016 Dec 02
2
CVE-2016-8652 in dovecot
On 02.12.2016 10:45, Jonas Wielicki wrote:
> On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote:
>> We are sorry to report that we have a bug in dovecot, which merits a
>> CVE. See details below. If you haven't configured any auth_policy_*
>> settings you are ok. This is fixed with
>> https://git.dovecot.net/dovecot/core/commit/c3d3faa4f72a676e183f34be960cff13
2011 Dec 19
1
Erro na instalação do samba
ta ocorrendo um problema na instala??o do samba3.6 no Freebsd na release 8.2errro: make: don't know how to make intall. Stop# make clean===> Cleaning for libgcrypt-1.5.0===> Cleaning for cups-client-1.5.0# make install===> Vulnerability check disabled, database not found===> License LGPL21 accepted by the user===> Found saved configuration for cups-client-1.5.0===>
2016 Dec 03
2
CVE-2016-8652 in dovecot
On 03/12/2016 12:08, Jeremiah C. Foster wrote:
> On Fri, 2016-12-02 at 10:48 +0200, Aki Tuomi wrote:
> On 02.12.2016 10:45, Jonas Wielicki wrote: On Freitag, 2. Dezember 2016 09:00:58 CET Aki Tuomi wrote: We are sorry to report that we have a bug in dovecot, which
> merits a
> CVE. See details below. If you haven't configured any
> auth_policy_*
> settings you are ok. This