Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
Blokirali ste korisnika/cu @oss_security
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @oss_security
-
Re: GNU screen "out of bounds access when setting w_xtermosc after OSC 49": Posted by Amadeusz Sławiński on Feb 06Hi, The report which resulted in second commit just happened to be reported at similar time and is not related to the issue at hand apart… http://dlvr.it/RPX1sD
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE-2020-8608 QEMU: Slirp: potential OOB access due to unsafe snprintf() usages: Posted by P J P on Feb 06 Hello, A out-of-bounds heap buffer access issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcp_emu()… http://dlvr.it/RPVr5Y
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: CVE-2019-18901: mariadb: possible symlink attack for the mysql user in the SUSE specific mysql-systemd-helper script: Posted by Matthias Gerstner on Feb 06Hello Larry, true. Generally it allows to grant groups read permissions on files. I'm not aware… http://dlvr.it/RPVr5H
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: CVE-2019-18901: mariadb: possible symlink attack for the mysql user in the SUSE specific mysql-systemd-helper script: Posted by Larry W. Cashdollar on Feb 05Hello Matthias, That chmod 640 might be interesting if applied to /etc/shadow. It could allow… http://dlvr.it/RPSDzF
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE-2019-18901: mariadb: possible symlink attack for the mysql user in the SUSE specific mysql-systemd-helper script: Posted by Matthias Gerstner on Feb 05Hello list, in the course of a review of the mariadb packaging in the SUSE Linux distribution I… http://dlvr.it/RPR37T
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled: Posted by William Bowling on Feb 05When using a pty, sudo_term_eof and sudo_term_kill are initialized to 0x4 and 0x15 allowing the overflow to be reached, making 1.8.26-1.8.30 also… http://dlvr.it/RPR35g
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: CVE-2020-7221: mariadb: possible local mysql to root user exploit in mysql_install_db script setting permissions of /usr/lib64/mysql/plugin/auth_pam_tool_dir/auth_pam_tool: Posted by Matthias Gerstner on Feb 04Hi, yes, exactly. I don't want to… http://dlvr.it/RPMKfR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: CVE-2020-7221: mariadb: possible local mysql to root user exploit in mysql_install_db script setting permissions of /usr/lib64/mysql/plugin/auth_pam_tool_dir/auth_pam_tool: Posted by Solar Designer on Feb 04Why not simply root:mysql 04710… http://dlvr.it/RPMKdn
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE-2020-7221: mariadb: possible local mysql to root user exploit in mysql_install_db script setting permissions of /usr/lib64/mysql/plugin/auth_pam_tool_dir/auth_pam_tool: Posted by Matthias Gerstner on Feb 04Hello list, in the course of a review of a… http://dlvr.it/RPMKXm
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Django 3.0.3, 2.2.10 and 1.11.28: CVE-2020-7471: Potential SQL injection via ``StringAgg(delimiter)``: Posted by Carlton Gibson on Feb 03https://www.djangoproject.com/weblog/2020/feb/03/security-releases/ In accordance with `our security release policy… http://dlvr.it/RPH7CQ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: Linux kernel: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2): Posted by Al Viro on Feb 02Well, it won't be dereferencing anything freed - if we are in RCU mode, we have observed (with sufficient barriers) an earlier value… http://dlvr.it/RPFrlW
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: Linux kernel: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2): Posted by Solar Designer on Feb 02Turns out the fix in d0cb50185ae9 introduced a regression, now found with syzkaller and fixed: https://syzkaller.appspot.com/bug?extid=190005201ced78a74ad6 …… http://dlvr.it/RPDdfq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
multiple NULL pointer dereference vulnerabilities in newlib: Posted by Dimitrios Glynos on Jan 31Hello all, newlib versions prior to 3.3.0 (and derivatives like newlib-nano, picolibc, related ARM toolchains) are vulnerable to a number of NULL pointer… http://dlvr.it/RP8jTB
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE-2020-1700 ceph: connection leak in the RGW Beast front-end permits a DoS against the RGW server: Posted by Hardik Vyas on Jan 31Hello, A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker… http://dlvr.it/RP8jRt
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled: Posted by Todd C. Miller on Jan 31It turns out a change in EOF handling introduced in sudo 1.8.26 prevents exploitation of the bug. The EOF character is also initialized to 0 and… http://dlvr.it/RP7LLL
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CVE-2019-3016: information leak within a KVM guest: Posted by John Haxby on Jan 30The problem is missing TLB flushes which potentially allows a process in a KVM guest to access memory locations within that guest that it should not have access to. The… http://dlvr.it/RP4CTg
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
[CVE-2020-1931] Apache SpamAssassin Nefarious rule configuration (.cf) files can be configured to run system commands with warnings.: Posted by Kevin A. McGrail on Jan 30Apache SpamAssassin 3.4.4 was recently released [1], and fixes an issue of security… http://dlvr.it/RP2Twl
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
New Qt vulnerabilities: Posted by Thiago Macieira on Jan 30The Qt security team was made aware of two issues affecting the currently- released versions of Qt that could lead to loading of untrusted plugins, which can execute code immediately upon… http://dlvr.it/RP2TtX
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Multiple vulnerabilities in Jenkins and Jenkins plugins: Posted by Daniel Beck on Jan 29Jenkins is an open source automation server which enables developers around the world to reliably build, test, and deploy their software. The following releases… http://dlvr.it/RNzrSF
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
LPE and RCE in OpenSMTPD (CVE-2020-7247): Posted by Qualys Security Advisory on Jan 28Qualys Security Advisory LPE and RCE in OpenSMTPD (CVE-2020-7247) ============================================================================== Contents… http://dlvr.it/RNxb8j
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.