(Sep 12) It was discovered that BIND, a DNS server, does not handle DNS records properly which approach size limits inherent to the DNS protocol. An attacker could use crafted DNS records to crash the BIND server process, leading to a denial of service. [More…]
Archive for Uncategorized
(Sep 10) GIMP could be made to crash or run programs as your login if it opened aspecially crafted file.
(Sep 13) OpenStack Horizon could help expose sensitive information.
(Sep 7) It was discovered that Beaker, a cache and session library for Python, when using the python-crypto backend, is vulnerable to information disclosure due to a cryptographic weakness related to the use of the AES cipher in ECB mode. [More…]
(Sep 8) Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 10) The system could be made to crash under certain conditions.
(Sep 10) XML-RPC for C and C++ could be made to cause a denial of service by consumingexcessive CPU and memory resources.
(Sep 8) Multiple vulnerabilities have been discovered in xen-qemu-dm-4.0, the Xen Qemu Device Model virtual machine hardware emulator. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 11) Timo Warns discovered that the EAP-TLS handling of freeradius, a high-performance and highly configurable RADIUS server, is not properly performing length checks on user-supplied input before copying to a local stack buffer. As a result, an unauthenticated attacker can exploit this [More…]
(Sep 11) Updated libexif packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Sep 6) Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Sep 11) USN-1548-1 introduced a regression in Firefox.
(Sep 10) The system could be made to crash under certain conditions.
(Sep 8) Multiple vulnerabilities have been discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 8) Multiple denial of service vulnerabilities have been discovered in xen, an hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: [More…]
(Sep 7) Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Sep 7) Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More…]
(Sep 10) ubiquity-slideshow-ubuntu would allow unintended access to files over thenetwork during system installation.
(Sep 10) Applications using Django could be made to crash or expose sensitiveinformation.
(Sep 3) Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More…]
(Sep 6) It was discovered that Zabbix, a network monitoring solution, does not properly validate user input used as a part of an SQL query. This may allow unauthenticated attackers to execute arbitrary SQL commands (SQL injection) and possibly escalate privileges. [More…]
(Sep 5) Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]
(Sep 3) Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]
(Aug 30) Multiple security issues were fixed in Thunderbird.
(Sep 5) It was discovered that Moin, a Python clone of WikiWiki, incorrectly evaluates ACLs when virtual groups are involved. This may allow certain users to have additional permissions (privilege escalation) or lack expected permissions. [More…]
(Sep 5) Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]
(Sep 5) Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More…]
(Sep 5) Several security issues were fixed in the kernel.
(Sep 5) The system could be made to crash under certain conditions.
(Aug 30) Several vulnerabilities were discovered in TYPO3, a content management system. CVE-2012-3527 [More…]