-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] curl (SSA:2018-304-01)
New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--+
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
This email refers to the advisory found at
https://confluence.atlassian.com/display/SOURCETREEKB/Sourcetree+Security+Advisory+2018-10-31
.
CVE ID:
* CVE-2018-13396.
* CVE-2018-13397.
Product: Sourcetree.
Affected Sourcetree product versions:
Vulnerable Application: Brava! Enterprise and Brava! Server Components
Affected Versions: Brava! Enterprise and Brava! Server Components have this as
the default configuration, from Brava! 7.5 to the latest Brava! 16.4 on Windows.
Not Affected Versions: Linux installs do not automatically
I. VULNERABILITY
-
Zoho ManageEngine OpManager 12.3 allows Self XSS Vulnerability
II. CVE REFERENCE
-
CVE-2018-18716
III. VENDOR
-
https://www.manageengine.com
IV. TIMELINE
-
09/10/18 Vulnerability
I. VULNERABILITY
-
Zoho ManageEngine OpManager 12.3 allows stored XSS
II. CVE REFERENCE
-
CVE-2018-18715
III. VENDOR
-
https://www.manageengine.com
IV. TIMELINE
-
09/10/18 Vulnerability discovered
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra,
Security Update 2018-004 El Capitan
macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, and
Security Update
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-12 Additional information
APPLE-SA-2018-10-08-2 iCloud for Windows 7.7
iCloud for Windows 7.7 addresses the following:
CFNetwork
Available for: Windows 7 and later
Impact: An application may be able to execute arbitrary code
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-9 Additional information for
APPLE-SA-2018-9-24-1 macOS Mojave 10.14
macOS Mojave 10.14 addresses the following:
Bluetooth
Available for: iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012)
, iMac (21.5-inch, Late 2013),
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-10 Additional information for
APPLE-SA-2018-9-24-5 watchOS 5
watchOS 5 addresses the following:
CFNetwork
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
system
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-8 Additional information for
APPLE-SA-2018-9-24-4 iOS 12
iOS 12 addresses the following:
Accounts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local app may be able to read a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-11 Additional information for
APPLE-SA-2018-9-24-6 tvOS 12
tvOS 12 addresses the following:
Auto Unlock
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to access local users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-13 Additional information for
APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows
iTunes 12.9 for Windows addresses the following:
CFNetwork
Available for: Windows 7 and later
Impact: An application may be able to execute arbitrary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-6 iTunes 12.9.1
iTunes 12.9.1 is now available and addresses the following:
CoreCrypto
Available for: Windows 7 and later
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001
High Sierra, Security Update 2018-005 Sierra
macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and
Security Update 2018-005 Sierra are now available and address
the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-7 iCloud for Windows 7.8
iCloud for Windows 7.8 is now available and addresses the following:
CoreCrypto
Available for: Windows 7 and later
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-5 tvOS 12.1
tvOS 12.1 is now available and addresses the following:
CoreCrypto
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-4 watchOS 5.1
watchOS 5.1 is now available and addresses the following:
AppleAVD
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-3 Safari 12.0.1
Safari 12.0.1 is now available and addresses the following:
Safari Reader
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
macOS Mojave 10.14
Impact: Enabling the Safari Reader feature on a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
19 matches
Mail list logo