MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb . Security Fix: * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could ca ...
Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol and the Local Security Authority Remote Protocol . Any a ...
PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Certain host connection parameters defeat client-side security defenses For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in ...
The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtu ...
The Simple Protocol for Independent Computing Environments is a remote display system built for virtual environments which allows the user to view a computing "desktop" environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. The spice-gtk packages provide a GIMP Toolkit widget for Simple Protocol for Independent ...
Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Security Fix: * mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the R ...
The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls . Security Fix: * gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls * gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen ...
Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: Integer overflow leading to buffer overflow in Perl_my_setenv For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank ...
FreeRDP is a free implementation of the Remote Desktop Protocol , released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix: * freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update function * freerdp: Integer overflow leading to heap-based buffer overflow in gdi_ ...
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: * openssh: User enumeration via malformed packets in authentication requests For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ...