Fedora: libxml2 Buffer overflow vulnerability
Jul22
on July 22, 2004
at 3:48 pm
Posted In: Uncategorized
Updated libxml2 packages that fix an overflow when parsing remote resources are now available.
Comment
Debian: super Format string vulnerability 2004
Jun19
on June 19, 2004
at 9:15 pm
Posted In: Uncategorized
This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
Red Hat: cvs Denial of service vulnerabilities
Jun08
on June 8, 2004
at 12:25 pm
Posted In: Uncategorized
Updated cvs packages that fix remote denial of service vulnerabilities are now available. (This is a legacy Red Hat fix, released by the Fedora Project).
Fedora: lftp Buffer overflow vulnerability
Dec15
on December 15, 2003
at 12:18 pm
Posted In: Uncategorized
An attacker could create a carefully crafted directory on a websitesuch that, if a user connects to that directory using the lftp clientand subsequently issues a ‘ls’ or ‘rels’ command, the attacker couldexecute arbitrary code on the users machine.
Fedora: GnuPG Signing key vulnerability
Dec11
on December 11, 2003
at 10:32 am
Posted In: Uncategorized
Phong Nguyen identified a severe bug in the way GnuPG creates anduses ElGamal keys, when those keys are used both to sign and encryptdata. This vulnerability can be used to trivially recover theprivate key.