RHSA-2017:2907-1: Important: wpa_supplicant security update

Red Hat Enterprise Linux: An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

Read More

RHSA-2017:2899-1: Critical: flash-plugin security update

Red Hat Enterprise Linux: An update for flash-plugin is now available for Red Hat Enterprise Linux 6
Supplementary.

Red Hat Product Security has rated this update as having a security impact of
Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-11292

Read More

USN-3456-1: X.Org X server vulnerabilities

Ubuntu Security Notice USN-3456-1

17th October, 2017

xorg-server, xorg-server-hwe-16.04, xorg-server-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the X.Org X server.

Software description

  • xorg-server
    – X.Org X11 server

  • xorg-server-hwe-16.04
    – X.Org X11 server

  • xorg-server-lts-xenial
    – X.Org X11 server

Details

It was discovered that the X.Org X server incorrectly handled certain
lengths. An attacker able to connect to an X server, either locally or
remotely, could use these issues to crash the server, or possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
xserver-xorg-core

2:1.19.3-1ubuntu1.3
Ubuntu 16.04 LTS:
xserver-xorg-core

2:1.18.4-0ubuntu0.7
xserver-xorg-core-hwe-16.04

2:1.19.3-1ubuntu1~16.04.4
Ubuntu 14.04 LTS:
xserver-xorg-core

2:1.15.1-0ubuntu2.11
xserver-xorg-core-lts-xenial

2:1.18.3-1ubuntu2.3~trusty4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-12176,

CVE-2017-12177,

CVE-2017-12178,

CVE-2017-12179,

CVE-2017-12180,

CVE-2017-12181,

CVE-2017-12182,

CVE-2017-12183,

CVE-2017-12184,

CVE-2017-12185,

CVE-2017-12186,

CVE-2017-12187

Read More