Advisory: ArchLinux Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The package mutt before version 1.5.23-2 is vulnerable to denial of service.
The package chromium before version 41.0.2272.76-1 is vulnerable to multiple issues. While the exact impact has not been disclosed by the vendor, most issues has been classified as having a high or critical impact.
The package grep before version 2.21-2 is vulnerable to denial of service via heap buffer out-of-bounds read.
The package lib32-elfutils before version 0.161-2 is vulnerable to directory traversal.
The package elfutils before version 0.161-3 is vulnerable to directory traversal.
The package putty before version 0.64-1 is vulnerable to information disclosure of SSH-2 private key information.
The package putty before version 0.64-1 is vulnerable to information disclosure of SSH-2 private key information.
The package thunderbird before version 31.5.0-1 is vulnerable to multiple issues including information leak and remote code execution when used as a web browser.
The package firefox before version 36.0-1 is vulnerable to multiple issues, including denial of service, information leak and remote code execution.
The package samba before version 4.1.17-1 is vulnerable to arbitrary code execution with root privileges.
The package krb5 before version 1.13.1-1 is vulnerable to multiple issues including authenticated remote code execution, authenticated remote denial of service, authenticated remote privilege escalation and remote information leak.
The package xorg-server before version 1.16.4-1 is vulnerable to information leak and denial of service.
The package dbus before version 1.8.16-1 is vulnerable to denial of service.
The package pigz before version 2.3.3-1 is vulnerable to multiple directory traversal vulnerabilities. That allows remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.
The package glibc before version 2.21-1 has multiple issues that could be exploitable.
The package ntp before version 4.2.8.p1-1 is vulnerable to multiple issues including information disclosure, denial of service and configuration restriction bypass.
The package clamav before version 0.98.6-1 is vulnerable to arbitrary code execution.
The package chromium before version 40.0.2214.111-1 is vulnerable to multiple issues, including but not limited to privilege escalation, cross-origin bypass and arbitrary code execution.
The package postgresql before version 9.4.1-1 is vulnerable to multiple issues, including information leak, denial of service, privilege escalation and command injection.