Fedora Essential and Critical Security Patch Updates - Page 868
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
This patch fixes a remotely triggerable memory leak and a buffer overflow vulnerability.
Patches resolve three different ways to crash ethereal.
The im-switch that is included in the Fedora Core iiimf-x package has been fixed to take appropriate precautions when generating temporary files.
This posting gives the correct md5 sums for the previous kernel update.
A writing, non-chrooted rsync daemon could write outside of a module's path.
Mailman subscriber passwords could be retrieved by a remote attacker.
During an audit of the Linux kernel, SUSE discovered a flaw in the Linux kernel that inappropriately allows an unprivileged user to change the group ID of a file to his/her own group ID.
When configured to use X.509 certificates to authenticate remote hosts, ipsec-tools versions 0.3.3 and earlier will not abort the key exchange if the verification fails.
This patch fixes a large number of bugs, including the famous evil.c kernel crash.
This release fixes a buffer overflow vulnerability in the Fedora Core 2 dhcp-3.0.1rc12-*.
An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code when opened by a victim.
An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code.
These new packages fix a bug in the last errata where the actual security patch didn't get applied.
This update includes a fix for the local denial of service as described inlinuxreviews.org.
If using the svnserve daemon, an unauthenticated client may be able execute arbitrary code as the daemon's user.
Many vulnerabilities, discovered in a recent audit of cvs, are fixed.
This upgrade is not specifically secuity; it fixes many kernel bugs and adds support for stack non-execution on some systems, which is important in guarding against buffer overflows.
A remotely-exploitable buffer overflow allows the execution of arbitrary code.
Patch fixes a SQL injection and cross-site scripting flaw.
Exploitation could lead to denial of service or arbitrary code execution.