[SECURITY] [DSA 4119-1] libav security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4119-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 19, 2018

APPLE-SA-2018-02-19-1 iOS 11.2.6

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-02-19-1 iOS 11.2.6 iOS 11.2.6 is now available and addresses the following: CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to

APPLE-SA-2018-02-19-3 tvOS 11.2.6

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-02-19-3 tvOS 11.2.6 tvOS 11.2.6 is now available and addresses the following: CoreText Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted string may lead to heap corruption Description:

APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-02-19-2 macOS High Sierra 10.13.3 Supplemental Update macOS High Sierra 10.13.3 Supplemental Update is now available and addresses the following: CoreText Available for: macOS High Sierra 10.13.3 Impact: Processing a maliciously

APPLE-SA-2018-02-19-4 watchOS 4.2.3

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-02-19-4 watchOS 4.2.3 watchOS 4.2.3 is now available and addresses the following: CoreText Available for: All Apple Watch models Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory

[SECURITY] [DSA 4116-1] plasma-workspace security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4116-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 16, 2018

[SECURITY] [DSA 4117-1] gcc-4.9 security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4117-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 17, 2018

[SECURITY] [DSA 4118-1] tomcat-native security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4118-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 17, 2018

Kentico CMS version 9 through 11 - Arbitrary Code Execution

# Exploit Title: Kentico CMS version 9 through 11 - Arbitrary Code Execution # Date: 17-02-2018 # Software Link: https://www.kentico.com # Exploit Author: Keerati T. # CVE: CVE-2018-7046 # Category: webapps 1. Description Kentico is the only fully integrated ASP.NET CMS, E-commerce, and Online

Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect)

# Exploit Title: Kentico CMS version 9 through 11 - Cross-Site Scripting (Reflect) # Date: 18-02-2018 # Software Link: https://www.kentico.com # Exploit Author: Keerati T. # CVE: CVE-2018-7205 # Category: webapps 1. Description Kentico is the only fully integrated ASP.NET CMS, E-commerce, and

Security advisory for Bugzilla 5.1.1, 5.0.3, and 4.4.12

Summary === Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: * A CSRF vulnerability in report.cgi would allow a third-party site to extract confidential information from a bug the victim