Security exposures updating websites

When the performance of our hardware begins to behave unusually, our default reaction is to think that it's a virus.

Though a virus is always a possibility, more often than not the issue is a specific type of infection known as malware.

Stefan Eissing discovered that the HTTP/2 implementation in Apache did not properly handle upgrade requests from HTTP/1.1 to HTTP/2 in some situations.

A remote attacker could use this to cause a denial of service (daemon crash).

An attacker could possibly use this issue to execute arbitrary code.

If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files. 29 August 2019 | ubuntu-19.04, ubuntu-18.04-lts, ubuntu-16.04-lts USN-4110-1 fixed a vulnerability in Dovecot.

This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.04.

(CVE-2019-0197) Craig Young discovered that a memory…

This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details: Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data.

Leave a Reply