Weekly Patch and Update Summary for Week of October 21, 2016
By Kimberly Matsumoto on October 21, 2016
For all patches and updates listed below please use the appropriate updating methods for your system. It is advised that you patch and update your system as soon as possible.
Cisco
Cisco has released security updates for vulnerabilities found in multiple products. Some of these vulnerabilities may allow a remote attacker to gain control of a system.
List of Updates:
- Cisco-sa-20161019-asa-ca – Cisco ASA Software Local Certificate Authority Denial of Service Vulnerability
- Cisco-sa-20161019-asa-idfw – Cisco ASA Software Identity Firewall Feature Buffer Overflow
- Cisco-sa-20161019-fpsnort – Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability
- Cisco-sa-20161019-cms – Cisco Meeting Server Cross-Site Request Forgery Vulnerability
- Cisco-sa-20161019-cms1 – Cisco Meeting Server Information Disclosure Vulnerability
The Internet Systems Consortium (ISC)
The Internet Systems Consortium has released a security advisory for a vulnerability in versions of BIND software released prior to May 2013. The vulnerability is also in third-part versions that do not include fix #3548. This vulnerability may allow a remote attacker to cause a denial-of-service condition. For more information, please see the ISC Security Advisory.
Linux
A vulnerability was found in the Linux kernel. Known as Dirty COW (CVE-2016-5195), this vulnerability may allow a remote attacker to gain control of a system.
Please review the vendor pages for more information:
Mozilla
Mozilla has released a Firefox 49.0.2 to address a vulnerability. This vulnerability may allow a remote attacker to gain control of a system. For more information, please see Security vulnerabilities fixed in FIrefox 49.0.2.
Oracle
Oracle has released its October 2016 Critical Patch Update. It addressed 247 vulnerabilities in multiple products. Some of these vulnerabilities may allow a remote attacker to gain control of a system. For more information, please see the Oracle October 2016 Critical Patch Update.
Ubuntu
Canonical has released many security updates for their operating system Ubuntu. For more information please see Ubuntu Security Notices.
List of Updates:
- USN-3108-1: Bind vulnerability
- USN-3106-4: Linux kernel (Qualcomm Snapdragon) vulnerability
- USN-3106-3: Linux kernel (Raspberry Pi 2) vulnerability
- USN-3104-2: Linux kernel (OMAP4) vulnerability
- USN-3106-2: Linux kernel (Xenial HWE) vulnerability
- USN-3105-2: Linux kernel (Trusty HWE) vulnerability
- USN-3107-1: Linux kernel vulnerability
- USN-3106-1: Linux kernel vulnerability
- USN-3105-1: Linux kernel vulnerability
- USN-3104-1: Linux kernel vulnerability
-
Weekly Patch and Update Summary for Week of February 17, 2017
Weekly Patch and Update Summary for Week of February 17, 2017
2/21/2017 -
Weekly Patch and Update Summary for Week of November 18, 2016
Weekly Patch and Update Summary for Week of November 18, 2016
11/17/2016 -
Weekly Patch and Update Summary for Week of November 11, 2016
Weekly Patch and Update Summary for Week of November 11, 2016
11/10/2016