(Nov 23) Andy Lutomirski discovered that tcsd (the TPM userspace daemon) was missing a of input validation. Using carefully crafted input, it can lead to a denial of service by making the daemon crash with a segmentation fault. [More…]
Archive for Other
(Nov 22) unity-firefox-extension could be made to crash or run programs as yourlogin if it opened a malicious website.
(Nov 21) This update provides compatible ubufox packages for the latest Firefox.
(Nov 20) Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
(Nov 22) Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. This is the last update of these packages for Red Hat Enterprise Linux 5 Supplementary. [More…]
(Nov 12) Updated gegl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Nov 13) Updated nspluginwrapper packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low [More…]
(Nov 14) Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More…]
(Nov 13) Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More…]
(Nov 12) libproxy could be made to crash or run programs if it received speciallycrafted network traffic.
(Nov 12) Libav could be made to crash or run programs as your login if it opened aspecially crafted file.
(Nov 14) Updated libproxy packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Nov 15) Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Nov 18) It was discovered that ppm2tiff of the tiff tools, a set of utilities for TIFF manipulation and conversion, is not properly checking the return value of an internal function used in order to detect integer overflows. As a consequence, ppm2tiff suffers of a heap-based buffer overflow. [More…]
(Nov 15) Django could be made to expose sensitive information over the network.
(Nov 15) LibTIFF could be made to crash or run programs as your login if it opened aspecially crafted file.
(Nov 15) Several vulnerabilities were discovered in TYPO3, a content management system. This update addresses cross-site scripting, SQL injection, and information disclosure vulnerabilities and corresponds to TYPO3-CORE-SA-2012-005. [More…]
(Nov 15) Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Nov 15) Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Nov 10) Ralf Paffrath reported that Radsecproxy, a RADIUS protocol proxy, mixed up pre- and post-handshake verification of clients. This vulnerability may wrongly accept clients without checking their certificate chain under certain configurations. [More…]
(Nov 9) Glance could be made to delete arbitrary images.
(Oct 29) An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 29) Several security issues were fixed in Thunderbird.
(Oct 30) Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6 FasTrack. The Red Hat Security Response Team has rated this update as having critical [More…]
(Oct 30) Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More…]
(Oct 31) High-Tech Bridge SA Security Research Lab discovered multiple null-pointer dereferences based vulnerabilities in OpenOffice which could cause application crash or even arbitrary code execution using specially crafted files. Affected file types are LWP (Lotus Word Pro), ODG, PPT (MS Powerpoint [More…]
(Nov 8) Glance could be made to delete arbitrary images.
(Nov 8) The Icedtea-Web plugin could be made to crash or run programs as your loginif it opened a specially crafted web page.
(Oct 29) Multiple vulnerabilities have been discovered in Icedove, Debian’s version of the Mozilla Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Nov 8) An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]