Fedora Essential and Critical Security Patch Updates - Page 798
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of service (crash) via an AppleTalk frame that is shorter than the specified length, which triggers a BUG_ON call when an attempt is made to
Aadded libX11-1.0.1-setuid.diff to fix potential security issue (required)
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
Updates the SELinux policy configuration. This update allows samba to run as domain controller - execute useradd
This updates the Autotools sub-component plugin to 0.0.7.
Update to fetchmail-6.3.6 (CVE-2006-5867, CVE-2006-5974)
Updated to version 9.3.4 which contains two security bugfixes...
Update to the latest libsoup 2.2 release. This release fixes a security flaw that causes the libsoup server to crash when it receives a malformed HTTP GET header.
Fix for a recently reported security issue that has ID CVE-2006-6105. This fixes a problem where a user can enter strings like "%08x" into the gdmchooser "Add"j host button and print out memory.
This update brings gdm to the latest stable upstream version, which among other bug fixes and improvements contains a fix for a recently reported security issue that has ID CVE-2006-6105. This fixes a problem where a user can enter strings like "%08x" into the gdmchooser "Add"j host button and print out memory.
Along with the security patch there is also a patch which protects D-Bus from exiting when updating to versions greater than or equal to 1.0.0 (i.e. upgrading to fc6)
Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processes certain malformed Javascript code. A malicious web page could cause the execution of Javascript code in such a way that could cause Firefox to crash or execute arbitrary code as the user running Firefox. (CVE-2006-5463, CVE-2006-5747, CVE-2006-5748) Several flaws were found in the way Firefox renders web pages. A malicious web page could cause the browser to crash or possibly execute arbitrary code as the user running Firefox. (CVE-2006-5464) Users of Firefox are advised to upgrade to this update, which contains Firefox version 1.5.0.8 that corrects these issues.
CVE IDs: CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809 M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges. Fedora Extras versions earlier then the versions mentioned above are vulnerable to this problem, upgrade to fix this vulnerability.
Gzip should be installed on your Red Hat Linux system, because it is a very commonly used data compression program. The following CVDIDs were addressed: CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4338 CVE-2006-4337
The Mono runtime implements a JIT engine for the ECMA CLI virtual machine (as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries. This advisory covers CVEID: CVE-2006-5072 Mono insecure temporary file usage
This update upgrades GnuPG to version 1.4.5 to correct errors in the parsing of certain types of packets.
This update upgrades GnuPG to version 1.4.5 to correct errors in the parsing of certain types of packets.