Advisory: Gentoo Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
An input validation vulnerability has been discovered in Horde-IMP.
There is a vulnerability in the Gallery photo album software which may allow an attacker to gain administrator privileges within Gallery.
A vulnerability in Chora allows remote code execution and file upload.
Squirrelmail fails to properly sanitize user input, which could lead to a compromise of webmail accounts.
Subversion is vulnerable to a remote Denial of Service that may be exploitable to execute arbitrary code on the server running svnserve.
Several serious new vulnerabilities have been found in CVS, which may allow an attacker to remotely compromise a CVS server.
A bug in mod_ssl may allow a remote attacker to execute remote code when Apache is configured a certain way.
Mailman contains a bug allowing 3rd parties to retrieve member passwords.
sitecopy includes a vulnerable version of the neon library.
A vulnerability allowing arbitrary code execution under certain circumstances has been found.
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program. [More...]
The fixed ebuild proposed in the original version of this Security Advisory did not address all the vulnerabilities of the tla package. All users of the tla package should upgrade to dev-util/tla-1.2-r2. The corrected sections appear below. [More...]
tla includes a vulnerable version of the neon library.
Multiple vulnerabilities, including remotely exploitable buffer overflows, have been found in code common to MPlayer and the xine library. [More...]
A possible buffer overflow in the Kerberos 4 component of Heimdal has been discovered.
Several security vulnerabilites have been fixed in the latest release of Apache 1.3.
Multiple security issues have been discovered in Midnight Commander including several buffer overflows and string format vulnerabilities.
Two MySQL utilities create temporary files with hardcoded paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data. [More...]
A vulnerability exists in Opera's telnet URI handler that may allow a remote attacker to overwrite arbitrary files.
A buffer overflow via environmental variables in Firebird may allow a local user to manipulate or destroy local databases and trojan the Firebird binaries. [More...]