RHSA-2017:2469-1: Critical: java-1.8.0-ibm security update

Red Hat Enterprise Linux: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6
Supplementary and Red Hat Enterprise Linux 7 Supplementary.

Red Hat Product Security has rated this update as having a security impact of
Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-10053, CVE-2017-10067, CVE-2017-10078, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243

Read More

USN-3389-1: GD vulnerability

Ubuntu Security Notice USN-3389-1

14th August, 2017

libgd2 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

The system could be made to expose sensitive information.

Software description

  • libgd2
    – GD Graphics Library

Details

A vulnerability was discovered in GD Graphics Library (aka libgd),
as used in PHP that does not zero colorMap arrays before use.
A specially crafted GIF image could use the uninitialized tables to
read bytes from the top of the stack.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
libgd-tools

2.2.4-2ubuntu0.2
Ubuntu 16.04 LTS:
libgd-tools

2.1.1-4ubuntu0.16.04.7
Ubuntu 14.04 LTS:
libgd-tools

2.1.0-3ubuntu0.7

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-7890

Read More

USN-3389-2: GD vulnerability

Ubuntu Security Notice USN-3389-2

14th August, 2017

libgd2 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to expose sensitive information.

Software description

  • libgd2
    – GD Graphics Library

Details

USN-3389-1 fixed a vulnerability in GD Graphics Library.
This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

A vulnerability was discovered in GD Graphics Library (aka libgd),
as used in PHP that does not zero colorMap arrays before use.
A specially crafted GIF image could use the uninitialized tables to
read bytes from the top of the stack.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libgd-tools

2.0.36~rc1~dfsg-6ubuntu2.5

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-7890

Read More

Latte Dock 0.7 Released with Wayland Tech Preview

latte dockA new version of Latte Dock is available to download. The popular desktop dock is designed for, but not exclusive to, the KDE Plasma desktop. The official release announcement lists many of the salient changes, which include support for dynamic layouts and different layouts per activities; a basic and advanced mode for the configuration window; and the […]

This post, Latte Dock 0.7 Released with Wayland Tech Preview, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

Read More

The New Ubuntu Dock (First Look)

ubuntu 17.10 default dock settingsWe reported last week that Ubuntu is creating a fork of Dash to Dock, the popular GNOME extension, for use on the Ubuntu 17.10 desktop — but we didn’t know a lot about it. Well, we did some digging over the weekend and found the development branch of the fork, plainly titled “Ubuntu Dock”, which […]

This post, The New Ubuntu Dock (First Look), was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

Read More