The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
22599a2c3ead8f914d2c30ad4b78fe9d183ac32cf4eca3a7b4977b22e64b6f27
Ubuntu Security Notice 2917-1 - Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea Marchesini, and Jukka Jylanki discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
2aa98d4e5a966cde53c7a62ef79cd2e79addf4acbe8fc47a0386bf5144c7ece3
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the digi_acceleport driver.
ef3cd4da9fad5010d69c5473a0734443552fa03ffe6c6259dcd1a63f6e52a21e
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of buggy USB device requiring the wacom driver.
12a4cdb3b402f1acfdac5ac5bc325c540cea516465ad86e2a98b91435a6cc69d
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the visor (treo_attach) driver.
56a4919df423d8d1ced2edc350991c087f6a5b63d56610a9eb1ac25f9987628f
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the visor (clie_5_attach) driver.
7c2aef0ea978cdd6912da2041015ef50e879934c3c06d21f43668fd7fed52de6
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the mct_u232_m8 driver.
bb601d9a1f1ed7dfcaf7c00dc14e446a75b594c8de672d642eb7431e9e2d7356
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device which requires the requiring the cypress_m8 driver.
ef0ff61783f9faba135ab9d60a739f12664bbf04f6053e34c17b50e4045f5349
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes on presentation of a buggy USB device requiring the cdc_acm driver.
74970c51108c9c527182088e5f799451e879349acff15a9808117c1634d2ccf9
Linux kernel version 3.10.0-229.20.1.el7.x86_64 crashes when presented a buggy USB device using the aiptek driver.
a267f2861aa06cc9f33c4b5f5a3fe10f859f72989ebc9e954b86d65640f165ae
WordPress Project Theme version 2.0.9.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
3031bbbe986bcd3baf38b9db7a644a3c7ac64abaae5324561568fa01937551c6
Thomson router model TWG850-4U suffers from cross site scripting, cross site request forgery, and access bypass vulnerabilities.
557de06022c3a614a7ede6d44676efb9d0bbbd551edd838b7df46b8f64d75d71
WordPress WP Advanced Comment plugin version 0.10 suffers from a persistent cross site scripting vulnerability.
3529ce7b1494c588138483f8623361ef5a3fa6def6a7a6aeaa79b4a65ffecbf8
Red Hat Security Advisory 2016-0373-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
01d78c18a78f4f8713ab6ff101d89ae6fc93330758b7b76f00da29f532d537ab
Red Hat Security Advisory 2016-0371-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library.
2e0eec446d5c37ec18bfd36f9e1e497104c89feb71f55abb8052f1e518e0f0a8
Red Hat Security Advisory 2016-0372-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. A padding oracle flaw was found in the Secure Sockets Layer version 2.0 protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.
aa8f036d56f9b0e13c768cf2151510ad156a6f08cfe9d1ec6ed4a22fc748a223
Red Hat Security Advisory 2016-0370-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util package provides a set of utilities for NSS and the Softoken module. A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library.
439736c920fc79b26c79d0acb788f9eb9941ae2b5c9fdd5b8bcdfe2a10a51ca6
Red Hat Security Advisory 2016-0368-01 - RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. A cross-site scripting vulnerability was discovered in RabbitMQ, which allowed using api/ path info to inject and receive data. A remote attacker could use this flaw to create an "/api/..." URL, forcing a server error that resulted in the server returning an HTML page with embedded text from the URL. A response-splitting vulnerability was discovered in RabbitMQ. An /api/definitions URL could be specified, which then caused an arbitrary additional header to be returned. A remote attacker could use this flaw to inject arbitrary HTTP headers and possibly gain access to secure data.
526b1c5c4b3abc63f703d030667fd16f528be8e281280081407b02cd48e71fd5
Red Hat Security Advisory 2016-0367-01 - RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. A cross-site scripting vulnerability was discovered in RabbitMQ, which allowed using api/ path info to inject and receive data. A remote attacker could use this flaw to create an "/api/..." URL, forcing a server error that resulted in the server returning an HTML page with embedded text from the URL. A response-splitting vulnerability was discovered in RabbitMQ. An /api/definitions URL could be specified, which then caused an arbitrary additional header to be returned. A remote attacker could use this flaw to inject arbitrary HTTP headers and possibly gain access to secure data.
4c71f25ff8795fff021350b79986c9438f3be71eab3a6a2c65d819afc4787b3d
Gentoo Linux Security Advisory 201603-3 - Multiple vulnerabilities have been found in Roundcube allowing remote authenticated users to execute arbitrary code, inject arbitrary web scripts, and perform cross-site scripting (XSS). Versions less than 1.1.4 are affected.
b2cf6461a25c4ef6b21777f7e88a22e5520015250a1741696860537a19f73718
Red Hat Security Advisory 2016-0369-01 - RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. A cross-site scripting vulnerability was discovered in RabbitMQ, which allowed using api/ path info to inject and receive data. A remote attacker could use this flaw to create an "/api/..." URL, forcing a server error that resulted in the server returning an HTML page with embedded text from the URL. A response-splitting vulnerability was discovered in RabbitMQ. An /api/definitions URL could be specified, which then caused an arbitrary additional header to be returned. A remote attacker could use this flaw to inject arbitrary HTTP headers and possibly gain access to secure data.
9d3087f4050311d424ddbd0e695b1aba8c0a9f5d584734a60383739d17eba458