SuSE Essential and Critical Security Patch Updates - Page 766

Find the information you need for your favorite open source distribution .

SuSE: 2007-012: squid Security Update

SuSE: 2007-012: squid Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes a remotely exploitable denial-of-service This update fixes a remotely exploitable denial-of-service bug in squid that can be triggered by using special ftp:// bug in squid that can be triggered by using special ftp:// URLs. (CVE-2007-0247) Additionally the 10.2 package needed a fix for another DoS bug (CVE-2007-0248) and for max_user_ip handling in ntlm_auth.

SuSE: 2007-013: xine Security Update

SuSE: 2007-013: xine Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes several format string bugs that can be exploited remotely This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore. (CVE-2007-0017)2) Solution or Work-Around

SuSE: 2007-011: Acrobat Reader 7.0.9 Security Update

SuSE: 2007-011: Acrobat Reader 7.0.9 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Adobe Acrobat Reader has been updated to version 7.0.9. The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes: CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2007-0044: Universal Cross Site Request Forgery (CSRF) problems

SuSE: 2007-010: IBMJava Security Update

SuSE: 2007-010: IBMJava Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various security problems and bugs have been fixed in the IBMJava Various security problems and bugs have been fixed in the IBMJava JRE and SDK. JRE and SDK. The IBM Java packages were updated to: - IBM Java 1.4.2 to Service Refresh 7. - IBM JAVA 1.3.10 to Service Refresh 10.

SuSE: 2007-009: Opera 9.10 Security Update

SuSE: 2007-009: Opera 9.10 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update brings the Opera Web browser to version 9.10, including This update brings the Opera Web browser to version 9.10, including fixes for the following 2 security problems: fixes for the following 2 security problems: - CVE-2007-0126: Opera processes a JPEG DHT marker incorrectly, whichcan potentially lead to remote code execution. - CVE-2007-0127: Opera is affected by a typecasting bug [More...]

SuSE: 2007-008: XFree86/Xorg Security Update

SuSE: 2007-008: XFree86/Xorg Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes three memory corruptions within the X server which This update fixes three memory corruptions within the X server which could be used by local attackers with access to this display to crash could be used by local attackers with access to this display to crash the X server and potentially execute code. CVE-2006-6101: Integer overflow in the ProcRenderAddGlyphs function in the Ren [More...]

SuSE: 2007-007: cacti cmd injection Security Update

SuSE: 2007-007: cacti cmd injection Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A command injection in cmd.php in cacti was fixed, which might have A command injection in cmd.php in cacti was fixed, which might have allowed remote attackers to inject commands and so execute code. allowed remote attackers to inject commands and so execute code. This issue is tracked by the Mitre CVE ID CVE-2006-6799. 2) Solution or Work-Around

SuSE: 2007-006: mozilla Security Update

SuSE: 2007-006: mozilla Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A number of security issues have been fixed in the Mozilla browser A number of security issues have been fixed in the Mozilla browser suite, which could be used by remote attackers to gain privileges, suite, which could be used by remote attackers to gain privileges, access to confidential information or cause denial of service attacks. Since the Mozilla Suite 1.7 branch is no longer maintained t [More...]

SuSE: 2007-005: w3m Security Update

SuSE: 2007-005: w3m Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A format string problem in w3m -dump / -backend mode could be used A format string problem in w3m -dump / -backend mode could be used by a malicious server to crash w3m or execute code. by a malicious server to crash w3m or execute code. In SUSE Linux 10.1, openSUSE 10.2 and SUSE Linux Enterprise Server and Desktop 10 this problem was not exploitable to execute code due to use of the FORTIFY SOUR [More...]

SuSE: 2007-004: krb5 security problems Security Update

SuSE: 2007-004: krb5 security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various bugs in the Kerberos5 libraries and tools were fixed which Various bugs in the Kerberos5 libraries and tools were fixed which could be used by remote attackers to crash and potentially execute could be used by remote attackers to crash and potentially execute code in kadmind. - CVE-2006-6144 / MITKRB5-SA-2006-002: the RPC library could call anuninitialized function pointer, which created [More...]

SuSE: 2007-003: Sun Java security update Security Update

SuSE: 2007-003: Sun Java security update Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The SUN Java packages have been upgraded to fix security problems. The SUN Java packages have been upgraded to fix security problems. SUN Java was upgraded on all affected distributions: - The Java 1.3 version to 1.3.1_19 for SUSE Linux Enterprise Server 8. - The Java 1.4 version (also known as Java 2) to 1.4.2_13 for SUSELinux Enterprise Desktop 1, SUSE Linux Enterprise Server 9, SUSE

SuSE: 2007-002: mono-web ASP.net sourcecode disclosure Security Update

SuSE: 2007-002: mono-web ASP.net sourcecode disclosure Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A security problem was found and fixed in the Mono / C# web server A security problem was found and fixed in the Mono / C# web server implementation. implementation. By appending spaces to URLs attackers could download the source code of ASP.net scripts that would normally get executed by the web server. This issue is tracked by the Mitre CVE ID CVE-2006-6104 and only

SuSE: 2007-001: OpenOffice_org WMF buffer overflows Security Update

SuSE: 2007-001: OpenOffice_org WMF buffer overflows Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security problems were fixed in the WMF and Enhanced WMF handling Security problems were fixed in the WMF and Enhanced WMF handling in OpenOffice_org These could potentially be used to execute code in OpenOffice_org These could potentially be used to execute code or crash OpenOffice when a user could be convinced to open specially crafted document (for instance a document sent by E-mail). This is [More...]

SuSE: 2006-080: Mozilla Firefox, Thunderbird Security Update

SuSE: 2006-080: Mozilla Firefox, Thunderbird Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This security update brings the current set of Mozilla security updates, with This security update brings the current set of Mozilla security updates, with following versions: following versions: - Mozilla Firefox to version 1.5.0.9 for Novell Linux Desktop 9,SUSE Linux Enterprise 10 and SUSE Linux 9.3 up to 10.1. - Mozilla Firefox to version 2.0.0.1 for openSUSE 10.2.

SuSE: 2006-079: Linux kernel Security Update

SuSE: 2006-079: Linux kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux 2.6 kernel has been updated to fix various security issues. The Linux 2.6 kernel has been updated to fix various security issues. On SUSE Linux Enterprise Server 9 and SUSE Linux Enterprise 10 and their derived products this update also contains various bugfixes. - CVE-2006-4145: A bug within the UDF filesystem that caused machinehangs when truncating files on the filesystemwas fixed.

SuSE: 2006-078: clamav 0.88.7 Security Update

SuSE: 2006-078: clamav 0.88.7 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The anti virus scan engine ClamAV has been updated to version 0.88.7 The anti virus scan engine ClamAV has been updated to version 0.88.7 to fix various security problems: to fix various security problems: CVE-2006-5874: Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.

SuSE: 2006-077: flash-player CRLF injection Security Update

SuSE: 2006-077: flash-player CRLF injection Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This security update brings the Adobe Flash Player to version 7.0.69. This security update brings the Adobe Flash Player to version 7.0.69. The update fixes the following security problem: The update fixes the following security problem: CVE-2006-5330: CRLF injection vulnerabilities in Adobe Flash Player allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Sp [More...]

SuSE: 2006-076: libgsf buffer overflows Security Update

SuSE: 2006-076: libgsf buffer overflows Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The libgsf library is used by various GNOME programs to handle for The libgsf library is used by various GNOME programs to handle for instance OLE2 data streams. instance OLE2 data streams. Specially crafted OLE documents enabled attackers to use a heap buffer overflow for potentially executing code. This issue is tracked by the Mitre CVE ID CVE-2006-4514.

SuSE: 2006-075: gpg Security Update

SuSE: 2006-075: gpg Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two security problems were fixed in the GNU Privacy Guard (GPG). Two security problems were fixed in the GNU Privacy Guard (GPG). - Specially crafted files could overflow a buffer when gpg was usedin interactive mode (CVE-2006-6169). - Specially crafted files could modify a function pointer andcould potentially execute code this way. (CVE-2006-6235).

SuSE: 2006-074: Madwifi remote root exploit Security Update

SuSE: 2006-074: Madwifi remote root exploit Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The madwifi-ng Atheros Wireless LAN card driver is subject to The madwifi-ng Atheros Wireless LAN card driver is subject to a remotely exploitable stack buffer overflow, which either code a remotely exploitable stack buffer overflow, which either code execution possibility or at least a denial of service (kernel crash). A physical local attacker (within WLAN range) has to provide an malicious acc [More...]

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved