Ubuntu: 1704-1: Linux kernel (Quantal HWE) vulnerabilities
Jan23
on January 23, 2013
at 9:48 pm
Posted In: Uncategorized
(Jan 22) Several security issues were fixed in the kernel.
Comment
Archive for Other
2889 results.
Debian: 2605-2: asterisk: several issues
Jan21
on January 21, 2013
at 10:36 pm
Posted In: Uncategorized
(Jan 19) The security update released in DSA 2605 for Asterisk, caused a regression that could lead to crashes. Updated packages have now been made available to correct that behaviour. For reference, the original advisory text follows. [More…]
(Jan 17) RPM could be made to crash or run programs if it opened a specially craftedpackage file.
(Jan 16) QEMU could be made to crash or run programs if it received speciallycrafted network traffic.
Ubuntu: 1696-1: Linux kernel vulnerabilities
Jan19
on January 19, 2013
at 9:36 pm
Posted In: Uncategorized
(Jan 17) Several security issues were fixed in the kernel.
Ubuntu: 1698-1: Linux kernel (OMAP4) vulnerabilities
Jan19
on January 19, 2013
at 9:36 pm
Posted In: Uncategorized
(Jan 17) Several security issues were fixed in the kernel.
Debian: 2607-1: qemu-kvm: buffer overflow
Jan18
on January 18, 2013
at 9:42 pm
Posted In: Uncategorized
(Jan 15) It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not [More…]
Ubuntu: 1700-1: Linux kernel (OMAP4) vulnerabilities
Jan18
on January 18, 2013
at 9:34 pm
Posted In: Uncategorized
(Jan 17) Several security issues were fixed in the kernel.
Ubuntu: 1699-1: Linux kernel vulnerabilities
Jan18
on January 18, 2013
at 9:34 pm
Posted In: Uncategorized
(Jan 17) Several security issues were fixed in the kernel.
Debian: 2608-1: qemu: buffer overflow
Jan17
on January 17, 2013
at 10:17 pm
Posted In: Uncategorized
(Jan 15) It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not [More…]
Debian: 2609-1: rails: SQL query manipulation
Jan17
on January 17, 2013
at 10:16 pm
Posted In: Uncategorized
(Jan 16) An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges. [More…]
Ubuntu: 1693-1: OpenJDK 7 vulnerabilities
Jan17
on January 17, 2013
at 9:32 pm
Posted In: Uncategorized
(Jan 16) OpenJDK 7 could be made to crash or run programs as your login if itopened a specially crafted Java applet.
(Jan 17) RPM could incorrectly validate package signatures.
Red Hat: 2013:0165-01: java-1.7.0-openjdk: Important Advisory
Jan17
on January 17, 2013
at 9:32 pm
Posted In: Uncategorized
(Jan 16) Updated java-1.7.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
(Jan 14) NSPR update to work with the new NSS.
Ubuntu: 1688-1: Linux kernel (Oneiric backport) vulnerabilities
Jan16
on January 16, 2013
at 9:31 pm
Posted In: Uncategorized
(Jan 15) Several security issues were fixed in the kernel.
Debian: 2606-1: proftpd-dfsg: symlink race
Jan15
on January 15, 2013
at 10:17 pm
Posted In: Uncategorized
(Jan 13) It has been discovered that in ProFTPd, an FTP server, an attacker on the same physical host as the server may be able to perform a symlink attack allowing to elevate privileges in some configurations. [More…]
Debian: 2605-1: asterisk: several issues
Jan15
on January 15, 2013
at 9:39 pm
Posted In: Uncategorized
(Jan 13) Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, that allow remote attackers to perform denial of service attacks. [More…]
Red Hat: 2013:0156-01: java-1.7.0-oracle: Critical Advisory
Jan15
on January 15, 2013
at 9:17 pm
Posted In: Uncategorized
(Jan 14) Updated java-1.7.0-oracle packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
Ubuntu: 1691-1: Linux kernel (OMAP4) vulnerability
Jan15
on January 15, 2013
at 9:17 pm
Posted In: Uncategorized
(Jan 15) The system could be made to leak data on the kernel stack.
Ubuntu: 1689-1: Linux kernel vulnerabilities
Jan15
on January 15, 2013
at 9:17 pm
Posted In: Uncategorized
(Jan 15) Several security issues were fixed in the kernel.
Red Hat: 2013:0134-01: freeradius2: Low Advisory
Jan12
on January 12, 2013
at 8:46 pm
Posted In: Uncategorized
(Jan 8) Updated freeradius2 packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More…]
Red Hat: 2013:0129-01: ruby: Moderate Advisory
Jan12
on January 12, 2013
at 8:46 pm
Posted In: Uncategorized
(Jan 8) Updated ruby packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Jan 9) GnuPG could be made to corrupt the keyring if it imported a speciallycrafted key.
Red Hat: 2013:0145-01: thunderbird: Critical Advisory
Jan11
on January 11, 2013
at 8:45 pm
Posted In: Uncategorized
(Jan 8) An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
Red Hat: 2013:0133-01: hplip3: Low Advisory
Jan11
on January 11, 2013
at 8:45 pm
Posted In: Uncategorized
(Jan 8) Updated hplip3 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More…]
Debian: 2604-1: rails: insufficient input validati
Jan10
on January 10, 2013
at 8:52 pm
Posted In: Uncategorized
(Jan 9) It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and [More…]
Debian: 2603-1: emacs23: programming error
Jan10
on January 10, 2013
at 8:38 pm
Posted In: Uncategorized
(Jan 9) Paul Ling discovered that Emacs insufficiently restricted the evaluation of Lisp code if enable-local-variables is set to “safe”. For the stable distribution (squeeze), this problem has been fixed in [More…]
Ubuntu: 1684-1: Linux kernel (EC2) vulnerability
Jan10
on January 10, 2013
at 8:36 pm
Posted In: Uncategorized
(Jan 10) The system could be made to leak sensitive system information.
Ubuntu: 1683-1: Linux kernel vulnerability
Jan10
on January 10, 2013
at 8:36 pm
Posted In: Uncategorized
(Jan 10) The system could be made to leak sensitive system information.