Red Hat Security Advisory 2018-3803-01 – Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 71.0.3578.80. Issues addressed include buffer overflow and out of bounds write vulnerabilities.

Link: https://packetstormsecurity.com/files/150713/RHSA-2018-3803-01.txt

Red Hat Security Advisory 2018-3804-01 – In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.3 will be retired as of November 30, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.3 EUS after November 30, 2018.

Link: https://packetstormsecurity.com/files/150714/RHSA-2018-3804-01.txt

Red Hat Security Advisory 2018-3800-01 – Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include improper path handling.

Link: https://packetstormsecurity.com/files/150715/RHSA-2018-3800-01.txt

Ubuntu Security Notice 3841-1 – It was discovered that lxml incorrectly handled certain HTML files. An attacker could possibly use this issue to conduct cross-site scripting attacks.

Link: https://packetstormsecurity.com/files/150718/USN-3841-1.txt

Red Hat Security Advisory 2018-3805-01 – In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.7 will be retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.7 EUS after December 31, 2018.

Link: https://packetstormsecurity.com/files/150716/RHSA-2018-3805-01.txt

Red Hat Security Advisory 2018-3806-01 – In accordance with the Red Hat Enterprise Linux Errata Support Policy, Telco Update Service for Red Hat Enterprise Linux 6.6 will be retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.6 TUS after December 31, 2018.

Link: https://packetstormsecurity.com/files/150717/RHSA-2018-3806-01.txt

Ubuntu Security Notice 3841-2 – USN-3841-1 fixed a vulnerability in lxml. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that lxml incorrectly handled certain HTML files. An attacker could possibly use this issue to conduct cross-site scripting attacks. Various other issues were also addressed.

Link: https://packetstormsecurity.com/files/150719/USN-3841-2.txt

Ubuntu Security Notice 3842-1 – Jann Horn discovered that CUPS incorrectly handled session cookie randomness. A remote attacker could possibly use this issue to perform cross-site request forgery attacks.

Link: https://packetstormsecurity.com/files/150720/USN-3842-1.txt

WordPress CodeCanyon-5293356-Ajax-Store-Locator-Wordpress plugin version 1.2.0 suffers from file disclosure and database disclosure vulnerabilities.

Link: https://packetstormsecurity.com/files/150727/wpcc5293356120-xss.txt

WordPress Wysija-Newsletters plugin version 2.10.2 suffers from a database disclosure vulnerability.

Link: https://packetstormsecurity.com/files/150721/wpwysijanl2102-disclose.txt