Weekly Patch and Update Summary for Week of April 22, 2016

For all patches and updates listed below please use the appropriate updating methods for your system. It is advised that you patch and update your system as soon and possible.

Cisco has released multiple security updates to address vulnerabilities in multiple products. For more information, please see the list below:

• Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability
• Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability
• Cisco Wireless LAN Controller Denial of Service Vulnerability
• Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability
• Multiple Cisco Products libSRTP Denial of Service Vulnerability
• Cisco Wireless LAN Controller Denial of Service Vulnerability

Oracle has released a Critical Patch Update for April 2016 that addresses 136 vulnerabilities for multiple products. For more information please see Oracle Critical Patch Update Advisory – April 2016.

Symantec has released a security update to address vulnerabilities in its Messaging Gateway (SMG) Appliance software. This vulnerability may allow attackers to gain control of the system. For more information please see Symantec Messaging Gateway Multiple Security Issues.

Adobe has released a security update to address a vulnerability in the Adobe Analytics AppMeasurement for Flash. This vulnerability may allow attackers to perform a DOM-based cross-site scripting attack to steal cookies. For more information, please see APSB16-13.

Canonical also released many security updates for their operating system Ubuntu. For more information please see Ubuntu security notices.

Below is the list of updates:

• USN-2953-1: MySQL vulnerabilities
• USN-2952-1: PHP vulnerabilities
• USN-2917-3: Firefox regressions
• USN-2951-1: OptiPNG vulnerabilities
• USN-2950-1: Samba vulnerabilities