Quote:
Quote:
|
|
|
Kernel 4.4.44
Kernel 4.4.44 fixes the following CVEs: CVE-2016-9191, CVE-2017-2583 and CVE-2017-2584.
https://cdn.kernel.org/pub/linux/ker...angeLog-4.4.44 https://cdn.kernel.org/pub/linux/ker...-4.4.44.tar.xz |
Quote:
https://security.gentoo.org/glsa/201701-46 https://security.gentoo.org/glsa/201701-47 |
OpenSSL 1.1.0d, 1.0.2k security released on 26th January 2017
OpenSSL Security Advisory, 26 Jan 2017 |
Quote:
|
PHP 5.6.30 was released on 19 Jan 2017 https://secure.php.net/ChangeLog-5.php#5.6.30
Fixes for CVE-2016-10158, CVE-2016-10167, CVE-2016-10168, CVE-2016-10159, CVE-2016-10160 and CVE-2016-10161 are included |
Security fixes for NVidia Graphic drivers R378, R375, R340, R304:
https://nvidia.custhelp.com/app/answ...tail/a_id/4398 http://www.nvidia.com/download/drive...x/115031/en-us http://www.nvidia.com/download/drive...x/114708/en-us http://www.nvidia.com/download/drive...x/114719/en-us http://www.nvidia.com/download/drive...x/114714/en-us Fixes the following CVEs: CVE-2017-0309 CVE-2017-0310 CVE-2017-0311 CVE-2017-0318 CVE-2017-0321 |
Cve-2017-6074
CVE-2017-6074
Is CONFIG_IP_DCCP enabled in the kernel built for stable and current? More here, https://git.kernel.org/cgit/linux/ke...55ef99d9798ba4 |
Hi,
Quote:
From 14.2: Code:
$ grep CONFIG_IP_DCCP /boot/config-generic-4.4.38 Best regards, Andrzej Telszewski |
For more on CVE-2017-6074 see here. I do not use IPV6 (yet), so I do not feel threatened at the moment, but the fix seems simple.
|
cURL and util-linux
curl 7.53.0 fixes CVE-2017-2629
https://curl.haxx.se/changes.html#7_53_0 https://curl.haxx.se/download/curl-7.53.0.tar.bz2 https://curl.haxx.se/download/curl-7.53.0.tar.bz2.asc util-linux 2.29.2 fixes CVE-2017-2616 https://www.kernel.org/pub/linux/uti...2-ReleaseNotes https://www.kernel.org/pub/linux/uti...-2.29.2.tar.xz https://www.kernel.org/pub/linux/uti....29.2.tar.sign |
Quote:
The first line of the commit to fix the issue begins like this: "If su is compiled with PAM support..." |
Quote:
Andrey Konovalov (1): dccp: fix freeing skb too early for IPV6_RECVPKTINFO This article is interesting: https://threatpost.com/impact-of-new...imited/123863/ It appears that one needs to be using both IPV6 and DCCP and have the hacker already logged on the system to be vulnerable. One way to disable IPV6 is to create a /etc/modprobe.d/ipv6.conf file containing this: Code:
alias net-pf-10 off Update 2016-02-26: New kernels today, 4.10.1, 4.9.13 and 4.4.52 all have the fix. |
All times are GMT -5. The time now is 04:14 PM. |