Fedora Essential and Critical Security Patch Updates - Page 795
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
Bugfixes against the recent security patches. The bug names are CVE-2007-2447 patch v2 and CVE-2007-2444 patch v2.
An integer overflow flaw was found in the way libexif parses EXIF image tags. If a victim opens a carefully crafted EXIF image file it could cause the application linked against libexif to execute arbitrary code or crash. (CVE-2007-4168) Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
This update fixes a security flaw in Evolution's IMAP module. Adds a patch for a list of security bug which were reported.
This update fixes a security flaw in Evolution's IMAP module. It add a patch for RH bug #244287 (Camel IMAP security flaw).
The libexif package contains the EXIF library. Applications use this library to parse EXIF image files. An integer overflow flaw was found in the way libexif parses EXIF image tags. If a victim opens a carefully crafted EXIF image file it could cause the application linked against libexif to execute arbitrary code or crash. (CVE-2007-4168) Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
This update incorporates fixes for a stack buffer overflow and heap corruption in the RPC library, and a fix for a potential stack buffer overflow in kadmind.
This update incorporates fixes for a stack buffer overflow and heap corruption in the RPC library, and a fix for a potential stack buffer overflow in kadmind.
This update to iscsi-initiator-utils is a rebase to the upstream open-iscsi-2.0-865 release. This release includes two security fixes which are described here https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719 bug fixes and new features.
This update to iscsi-initiator-utils is a rebase to the upstream open-iscsi-2.0-865 release. This release includes two security fixes, which are described here, https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719
A heap overflow flaw was found in the RTF import filer. An attacker could create a carefully crafted RTF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. All users of OpenOffice.org are advised to upgrade to these updated packages, which contain a backported fix to correct this issue.
Local symlink vulnerability. Fedora is not vulnerable in any default or common configurations. Read upstream's announcement for details. https://spamassassin.apache.org/404.html
Local symlink vulnerability. Fedora is not vulnerable in any default or common configurations. Read upstream's announcement for details. https://spamassassin.apache.org/404.html
This update fixes a security issue in mod_perl. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service. (CVE-2007-1349)
This update fixes a security issue in mod_perl. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service. (CVE-2007-1349)
This update to the latest upstream release fixes a number of bugs, among them a possible integer overflow in the exif_data_load_data_entry function (CVE-2007-2645), which allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data.
Bugfixes against the recent security updates for Fedora Core 5 samba-3.0.24-7.fc5 package. Also this update fixes a samba denial of service vulnerability.
Updated seamonkey packages that fix several security bugs are now available for Fedora Core 5. This update has been rated as having critical security impact by the Fedora Security Response Team. SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey
Updated thunderbird packages that fix several security bugs are now available for Fedora Core. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird.
Updated thunderbird packages that fix several security bugs are now available for Fedora Core. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird.