Weekly Patch and Update Summary for Week of September 28, 2016
By Kimberly Matsumoto on September 30, 2016
For all patches and updates listed below please use the appropriate updating methods for your system. It is advised that you patch and update your system as soon as possible.
Cisco
Cisco has released many updates to address vulnerabilities found in multiple products. One of these vulnerabilities may allow a remote attacker to gain control of a system.
List of Updates:
- Cisco Email Security Appliance Internal Testing Interface Vulnerability
- Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability
- Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities
- Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability
- Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability
- Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability
- Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability
- Cisco Firepower Management Center SQL Injection Vulnerability
- Cisco Firepower Management Center Privilege Escalation Vulnerability
- Cisco IOS XE Software NAT Denial of Service Vulnerability
- Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability
- Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability
- Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability
Google has released an update for Chrome to address vulnerabilities for Windows, Mac and Linux. One of these vulnerabilities may allow a remote attacker to gain control of a system. For more information please see: Chrome Releases – 53.0.2785.143
The Internet System Consortium
The Internet System Consortium (ISC) has released updates to address a vulnerability found in BIND. This vulnerability may allow a remote attacker to cause a denial-of-server (DoS) condition. For more information please see: ISC Security Advisory
The update can be found at: ISC Downloads
OpenSSL
OpenSSL released security updates for vulnerabilities found in older versions. Some of these vulnerabilities may allow a remote attacker to cause a denial-of-service (DoS) condition. For more information please see: OpenSSL Security Advisory.
List of Updates:
- OpenSSL 1.1.0b
- OpenSSL 1.0.2j
- OpenSSL 1.0.1u
Ubuntu
Canonical has released many security updates for their operating system Ubuntu. For more information please see Ubuntu Security Notices.
List of Updates:
- USN-3093-1: ClamAV vulnerabilities
- USN-3092-1: Samba vulnerability
- USN-3090-1: Pillow vulnerabilities
- USN-3088-1: Bind vulnerability
- USN-3089-1: Django vulnerability
-
Weekly Patch and Update Summary for Week of February 17, 2017
Weekly Patch and Update Summary for Week of February 17, 2017
2/21/2017 -
Weekly Patch and Update Summary for Week of November 18, 2016
Weekly Patch and Update Summary for Week of November 18, 2016
11/17/2016 -
Weekly Patch and Update Summary for Week of November 11, 2016
Weekly Patch and Update Summary for Week of November 11, 2016
11/10/2016