Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
202
security advisorysoftware patchupgradeopenSUSE Leap 15.4, 15.5 Advisory: MozillaFirefox Important Security Update
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry (bsc#1217230). # Security update for MozillaFirefox Announcement ID: SUSE-SU-2023:4551-1 Rating: important References: * bsc#1216338 * bsc#1217230 Cross-References: * CVE-2023-5721 * CVE-2023-5724 * CVE-2023-5725 * CVE-2023-5726 * CVE-2023-5727 * CVE-2023-5728 * CVE-2023-5730 * CVE-2023-5732 CVSS scores: * CVE-2023-5721 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-5721 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2023-5724 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-5724 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5725 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-5725 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2023-5726 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-5726 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2023-5727 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-5727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2023-5728 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-5728 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5730 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-5730 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5732 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2023-5732 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Desktop Applications Module 15-SP4 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 *SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry (bsc#1217230) * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 (bsc#1216338) * CVE-2023-5721: Queued up rendering could have allowed websites to clickjack * CVE-2023-5732: Address bar spoofing via bidirectional characters * CVE-2023-5724: Large WebGL draw could have led to a crash * CVE-2023-5725: WebExtensions could open arbitrary URLs * CVE-2023-5726: Full screen notification obscured by file open dialog on macOS * CVE-2023-5727: Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows * CVE-2023-5728: Improper object tracking during GC in the JavaScript engine could have led to a crash. * CVE-2023-5730: Memory safety bugs fixedin Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4551=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4551=1 * Desktop Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-4551=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-4551=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4551=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4551=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4551=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4551=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4551=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4551=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4551=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-4551=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 *MozillaFirefox-branding-upstream-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * openSUSE Leap 15.4 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-branding-upstream-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * Desktop Applications Module 15-SP4 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise High PerformanceComputing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) *MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-translations-other-115.5.0-150200.152.117.1 * MozillaFirefox-115.5.0-150200.152.117.1 * MozillaFirefox-translations-common-115.5.0-150200.152.117.1 * MozillaFirefox-debugsource-115.5.0-150200.152.117.1 * MozillaFirefox-debuginfo-115.5.0-150200.152.117.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-115.5.0-150200.152.117.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5721.html * https://www.suse.com/security/cve/CVE-2023-5724.html * https://www.suse.com/security/cve/CVE-2023-5725.html * https://www.suse.com/security/cve/CVE-2023-5726.html * https://www.suse.com/security/cve/CVE-2023-5727.html * https://www.suse.com/security/cve/CVE-2023-5728.html * https://www.suse.com/security/cve/CVE-2023-5730.html * https://www.suse.com/security/cve/CVE-2023-5732.html * https://bugzilla.suse.com/show_bug.cgi?id=1216338 * https://bugzilla.suse.com/show_bug.cgi?id=1217230 .Latest LibreOffice patch for Fedora addresses serious vulnerabilities. Apply the new updates to bolster protection.. MozillaFirefox Update, openSUSE Security Advisory, Firefox Fixes. . Severity: Important. LinuxSecurity.com Team
Nov 24, 2023
•Important
OpenSUSE
89
security advisorymoderatefedoraFedora 39 FEDORA-2023-de338d9f37 Moderate: Xenstored Crash Risks
xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-de338d9f37 2023-11-03 18:20:20.953714 -------------------------------------------------------------------------------- Name : xen Product : Fedora 39 Version : 4.17.2 Release : 4.fc39 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328] -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 10 2023 Michael Young - 4.17.2-4 - xenstored: A transaction conflict can crash C Xenstored [XSA-440, CVE-2023-34323] - x86/AMD: missing IOMMU TLB flushing [XSA-442, CVE-2023-34326] - Multiple vulnerabilities in libfsimage disk handling [XSA-443, CVE-2023-34325] - x86/AMD: Debug Mask handling [XSA-444, CVE-2023-34327, CVE-2023-34328] * Sun Oct 8 2023 Michael Young - 4.17.2-3 - rebuild (f40) for OCaml 5.1 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-de338d9f37' at the command line. For moreinformation, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 03, 2023
Fedora
202
security advisorymoderatewiresharkopenSUSE Leap 15.2: 2021:1566-1 Moderate: Wireshark Crash Issues
An update that fixes 8 vulnerabilities is now available. . openSUSE Security Update: Security update for wireshark ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1566-1 Rating: moderate References: #1192830 Cross-References: CVE-2021-39920 CVE-2021-39921 CVE-2021-39922 CVE-2021-39924 CVE-2021-39925 CVE-2021-39926 CVE-2021-39928 CVE-2021-39929 CVSS scores: CVE-2021-39920 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-39921 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-39922 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-39924 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-39924 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-39925 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-39925 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2021-39926 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-39926 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-39928 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-39929 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-39929 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for wireshark fixes the following issues: - Update to Wireshark 3.4.10: - CVE-2021-39920: IPPUSB dissector crash (bsc#1192830). - CVE-2021-39921: Modbus dissector crash (bsc#1192830). - CVE-2021-39922:C12.22 dissector crash (bsc#1192830). - CVE-2021-39924: Bluetooth DHT dissector large loop (bsc#1192830). - CVE-2021-39925: Bluetooth SDP dissector crash (bsc#1192830). - CVE-2021-39926: Bluetooth HCI_ISO dissector crash (bsc#1192830). - CVE-2021-39928: IEEE 802.11 dissector crash (bsc#1192830). - CVE-2021-39929: Bluetooth DHT dissector crash (bsc#1192830). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1566=1 Package List: - openSUSE Leap 15.2 (i586 x86_64): libwireshark14-3.4.10-lp152.2.21.1 libwireshark14-debuginfo-3.4.10-lp152.2.21.1 libwiretap11-3.4.10-lp152.2.21.1 libwiretap11-debuginfo-3.4.10-lp152.2.21.1 libwsutil12-3.4.10-lp152.2.21.1 libwsutil12-debuginfo-3.4.10-lp152.2.21.1 wireshark-3.4.10-lp152.2.21.1 wireshark-debuginfo-3.4.10-lp152.2.21.1 wireshark-debugsource-3.4.10-lp152.2.21.1 wireshark-devel-3.4.10-lp152.2.21.1 wireshark-ui-qt-3.4.10-lp152.2.21.1 wireshark-ui-qt-debuginfo-3.4.10-lp152.2.21.1 References: https://www.suse.com/security/cve/CVE-2021-39920.html https://www.suse.com/security/cve/CVE-2021-39921.html https://www.suse.com/security/cve/CVE-2021-39922.html https://www.suse.com/security/cve/CVE-2021-39924.html https://www.suse.com/security/cve/CVE-2021-39925.html https://www.suse.com/security/cve/CVE-2021-39926.html https://www.suse.com/security/cve/CVE-2021-39928.html https://www.suse.com/security/cve/CVE-2021-39929.html https://bugzilla.suse.com/1192830 . This revision tackles 9 security issues in Snort, classified under a moderate severity level.. Wireshark Security Update, openSUSE Security, Wireshark Fixes. . LinuxSecurity.com Team
Dec 10, 2021
OpenSUSE
203
security advisorysoftware updatememory handlingMageia: MGASA-2021-0255 Critical: Irssi Memory Handling Fix
The irssi packages are updated to irssi 1.2.3 to fix several issues among some security vulnerabilities: * memory handling issues * memory leaks * erroneous free * crashes / freezes . MGASA-2021-0255 - Updated irssi packages fix security vulnerabilities Publication date: 13 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0255.html Type: security Affected Mageia releases: 7, 8 The irssi packages are updated to irssi 1.2.3 to fix several issues among some security vulnerabilities: * memory handling issues * memory leaks * erroneous free * crashes / freezes * null pointer dereference when receiving broken JOIN record. References: - https://bugs.mageia.org/show_bug.cgi?id=29060 - https://irssi.org/2021/04/11/irssi-1.2.3-released/ - https://irssi.org/NEWS/#v1-2-3 SRPMS: - 8/core/irssi-1.2.3-1.mga8 - 7/core/irssi-1.2.3-1.mga7 . MGASA-2021-0256 upgrades irssi to 1.2.4 to resolve problems like memory corruption and unexpected shutdowns on Mageia versions 7 and 8.. Irssi Memory Update, Mageia Security Fixes, Memory Leak Issues. . Severity: Critical. LinuxSecurity.com Team
Jun 13, 2021
•Critical
Mageia
197
security advisorydebianDebianDebian 9: DLA-2547-1 Moderate: Wireshark Multiple Crash Fixes
Several vulnerabilities were fixed in Wireshark, a network sniffer. CVE-2019-13619 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2547-1
Feb 06, 2021
Debian LTS
202
security advisorydenial of servicemoderate severityopenSUSE: 2018:2694-1 Moderate: php5 Denial of Service and Crash Issues
An update that fixes four vulnerabilities is now available.. openSUSE Security Update: Security update for php5 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:2694-1 Rating: moderate References: #1096984 #1099098 #1103659 #1105466 Cross-References: CVE-2017-9118 CVE-2018-10360 CVE-2018-12882 CVE-2018-14851 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for php5 fixes the following issues: The following security issues were fixed: - CVE-2018-10360: Fixed an out-of-bounds read in the do_core_note function in readelf.c in libmagic.a, which allowed remote attackers to cause a denial of service via a crafted ELF file (bsc#1096984) - CVE-2018-14851: Fixed an out-of-bound read in exif_process_IFD_in_MAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. (bsc#1103659) - CVE-2018-12882: Fixed an use-after-free in exif_read_from_impl in ext/exif/exif.c (bsc#1099098) - CVE-2017-9118: Fixed an out of bounds access in php_pcre_replace_impl via a crafted preg_replace call (bsc#1105466) This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-998=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): apache2-mod_php5-5.5.14-103.1 apache2-mod_php5-debuginfo-5.5.14-103.1 php5-5.5.14-103.1 php5-bcmath-5.5.14-103.1 php5-bcmath-debuginfo-5.5.14-103.1 php5-bz2-5.5.14-103.1 php5-bz2-debuginfo-5.5.14-103.1 php5-calendar-5.5.14-103.1 php5-calendar-debuginfo-5.5.14-103.1 php5-ctype-5.5.14-103.1 php5-ctype-debuginfo-5.5.14-103.1 php5-curl-5.5.14-103.1 php5-curl-debuginfo-5.5.14-103.1 php5-dba-5.5.14-103.1 php5-dba-debuginfo-5.5.14-103.1 php5-debuginfo-5.5.14-103.1 php5-debugsource-5.5.14-103.1 php5-devel-5.5.14-103.1 php5-dom-5.5.14-103.1 php5-dom-debuginfo-5.5.14-103.1 php5-enchant-5.5.14-103.1 php5-enchant-debuginfo-5.5.14-103.1 php5-exif-5.5.14-103.1 php5-exif-debuginfo-5.5.14-103.1 php5-fastcgi-5.5.14-103.1 php5-fastcgi-debuginfo-5.5.14-103.1 php5-fileinfo-5.5.14-103.1 php5-fileinfo-debuginfo-5.5.14-103.1 php5-firebird-5.5.14-103.1 php5-firebird-debuginfo-5.5.14-103.1 php5-fpm-5.5.14-103.1 php5-fpm-debuginfo-5.5.14-103.1 php5-ftp-5.5.14-103.1 php5-ftp-debuginfo-5.5.14-103.1 php5-gd-5.5.14-103.1 php5-gd-debuginfo-5.5.14-103.1 php5-gettext-5.5.14-103.1 php5-gettext-debuginfo-5.5.14-103.1 php5-gmp-5.5.14-103.1 php5-gmp-debuginfo-5.5.14-103.1 php5-iconv-5.5.14-103.1 php5-iconv-debuginfo-5.5.14-103.1 php5-imap-5.5.14-103.1 php5-imap-debuginfo-5.5.14-103.1 php5-intl-5.5.14-103.1 php5-intl-debuginfo-5.5.14-103.1 php5-json-5.5.14-103.1 php5-json-debuginfo-5.5.14-103.1 php5-ldap-5.5.14-103.1 php5-ldap-debuginfo-5.5.14-103.1 php5-mbstring-5.5.14-103.1 php5-mbstring-debuginfo-5.5.14-103.1 php5-mcrypt-5.5.14-103.1 php5-mcrypt-debuginfo-5.5.14-103.1 php5-mssql-5.5.14-103.1 php5-mssql-debuginfo-5.5.14-103.1 php5-mysql-5.5.14-103.1 php5-mysql-debuginfo-5.5.14-103.1 php5-odbc-5.5.14-103.1 php5-odbc-debuginfo-5.5.14-103.1 php5-opcache-5.5.14-103.1 php5-opcache-debuginfo-5.5.14-103.1 php5-openssl-5.5.14-103.1 php5-openssl-debuginfo-5.5.14-103.1 php5-pcntl-5.5.14-103.1 php5-pcntl-debuginfo-5.5.14-103.1 php5-pdo-5.5.14-103.1 php5-pdo-debuginfo-5.5.14-103.1 php5-pgsql-5.5.14-103.1 php5-pgsql-debuginfo-5.5.14-103.1 php5-phar-5.5.14-103.1 php5-phar-debuginfo-5.5.14-103.1 php5-posix-5.5.14-103.1 php5-posix-debuginfo-5.5.14-103.1 php5-pspell-5.5.14-103.1 php5-pspell-debuginfo-5.5.14-103.1 php5-readline-5.5.14-103.1 php5-readline-debuginfo-5.5.14-103.1 php5-shmop-5.5.14-103.1 php5-shmop-debuginfo-5.5.14-103.1 php5-snmp-5.5.14-103.1 php5-snmp-debuginfo-5.5.14-103.1 php5-soap-5.5.14-103.1 php5-soap-debuginfo-5.5.14-103.1 php5-sockets-5.5.14-103.1 php5-sockets-debuginfo-5.5.14-103.1 php5-sqlite-5.5.14-103.1 php5-sqlite-debuginfo-5.5.14-103.1 php5-suhosin-5.5.14-103.1 php5-suhosin-debuginfo-5.5.14-103.1 php5-sysvmsg-5.5.14-103.1 php5-sysvmsg-debuginfo-5.5.14-103.1 php5-sysvsem-5.5.14-103.1 php5-sysvsem-debuginfo-5.5.14-103.1 php5-sysvshm-5.5.14-103.1 php5-sysvshm-debuginfo-5.5.14-103.1 php5-tidy-5.5.14-103.1 php5-tidy-debuginfo-5.5.14-103.1 php5-tokenizer-5.5.14-103.1 php5-tokenizer-debuginfo-5.5.14-103.1 php5-wddx-5.5.14-103.1 php5-wddx-debuginfo-5.5.14-103.1 php5-xmlreader-5.5.14-103.1 php5-xmlreader-debuginfo-5.5.14-103.1 php5-xmlrpc-5.5.14-103.1 php5-xmlrpc-debuginfo-5.5.14-103.1 php5-xmlwriter-5.5.14-103.1 php5-xmlwriter-debuginfo-5.5.14-103.1 php5-xsl-5.5.14-103.1 php5-xsl-debuginfo-5.5.14-103.1 php5-zip-5.5.14-103.1 php5-zip-debuginfo-5.5.14-103.1 php5-zlib-5.5.14-103.1 php5-zlib-debuginfo-5.5.14-103.1 - openSUSE Leap 42.3 (noarch): php5-pear-5.5.14-103.1 References: https://www.suse.com/security/cve/CVE-2017-9118.html https://www.suse.com/security/cve/CVE-2018-10360.html https://www.suse.com/security/cve/CVE-2018-12882.html https://www.suse.com/security/cve/CVE-2018-14851.html https://bugzilla.suse.com/1096984 https://bugzilla.suse.com/1099098 https://bugzilla.suse.com/1103659 https://bugzilla.suse.com/1105466 -- . Acquire the most recent openSUSE security patch for php5, addressing several concerns of moderate risk. Maintain your safety!. openSUSE Security, php5 Update, Security Patches, Linux Security, php5 Denial of Service. . LinuxSecurity.com Team
Sep 12, 2018
OpenSUSE
89
security advisoryFedoranetwork analysisFedora: Important Wireshark Security Update Fixes Crash Issues
Removing dependency on wireshark metapackage from wireshark-cli ---- Added wireshark-qt to wireshark metapackage ---- - New version 2.4.5 - Contains fixes for CVE-2018-7419, CVE-2018-7418, CVE-2018-7417, CVE-2018-7420, CVE-2018-7320, CVE-2018-7336, CVE-2018-7337, CVE-2018-7334, CVE-2018-7335, CVE-2018-6836, CVE-2018-5335, CVE-2018-5334, CVE-2017-6014, CVE-2017-9616,. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-bfdad62cd6 2018-04-17 00:11:16.750638 --------------------------------------------------------------------------------Name : wireshark Product : Fedora 28 Version : 2.4.5 Release : 3.fc28 URL : https://www.wireshark.org/ Summary : Network traffic analyzer Description : Metapackage with installs wireshark-cli and wireshark-qt. --------------------------------------------------------------------------------Update Information: Removing dependency on wireshark metapackage from wireshark-cli ---- Added wireshark-qt to wireshark metapackage ---- - New version 2.4.5 - Contains fixes for CVE-2018-7419, CVE-2018-7418, CVE-2018-7417, CVE-2018-7420, CVE-2018-7320, CVE-2018-7336, CVE-2018-7337, CVE-2018-7334, CVE-2018-7335, CVE-2018-6836, CVE-2018-5335, CVE-2018-5334, CVE-2017-6014, CVE-2017-9616, CVE-2017-9617, CVE-2017-9766 --------------------------------------------------------------------------------References: [ 1 ] Bug #1555323 - WTF is wireshark-qt pulled as dependency https://bugzilla.redhat.com/show_bug.cgi?id=1555323 [ 2 ] Bug #1554818 - tshark (wireshark-cli) should be installable without any GUI bits https://bugzilla.redhat.com/show_bug.cgi?id=1554818 [ 3 ] Bug #1506859 - wireshark meta package is missing wireshark-qt dependency https://bugzilla.redhat.com/show_bug.cgi?id=1506859 [ 4 ] Bug #1549309 - CVE-2018-7419 wireshark: NBAP dissector crash in nbap.cnf [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549309 [ 5 ] Bug #1549306 - CVE-2018-7418 wireshark: SIGCOMP dissector crash in packet-sigcomp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549306 [ 6 ] Bug #1549302 - CVE-2018-7417 wireshark: IPMI dissector crash in packet-ipmi-picmg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549302 [ 7 ] Bug #1549286 - CVE-2018-7420 wireshark: Pcapng file parser crash in pcapng.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549286 [ 8 ] Bug #1549278 - CVE-2018-7320 wireshark: Heap-based Buffer Overflow in SIGCOMP dissector crash in packet-sigcomp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549278 [ 9 ] Bug #1549271 - CVE-2018-7336 wireshark: FCP dissector crash in packet-fcp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549271 [ 10 ] Bug #1549266 - CVE-2018-7337 wireshark: DOCSIS dissector crash in packet-docsis.c by injecting a malformed packet [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549266 [ 11 ] Bug #1549256 - CVE-2018-7334 wireshark: out of bounds access in UMTS MAC dissector in packet-umts_mac.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549256 [ 12 ] Bug #1549246 - CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1549246 [ 13 ] Bug #1543583 - CVE-2018-6836 wireshark: free operation on an uninitialized memory address in wiretap/netmon.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1543583 [ 14 ] Bug #1534365 - CVE-2018-5335 wireshark: WCP dissector crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1534365 [ 15 ] Bug #1534362 - CVE-2018-5334 wireshark: IxVeriWave file parser crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1534362 [ 16 ] Bug #1425376 - CVE-2017-6014 wireshark: Memory exhaustion/infinite loop via malformed STANAG 4607 capture file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1425376 [ 17 ] Bug #1464052 - CVE-2017-9616 CVE-2017-9617 CVE-2017-9766 wireshark: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1464052 [ 18 ] Bug #1548665 - wireshark: Partial Fedora build flags injection https://bugzilla.redhat.com/show_bug.cgi?id=1548665 [ 19 ] Bug #1542775 - wireshark-2.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1542775 [ 20 ] Bug #1530895 - CVE-2017-17997 wireshark: Misuse of NULL pointer in MRDISC dissector [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1530895 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade wireshark' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Apr 17, 2018
•Important
Fedora
98
security advisorysoftware updateimportant securityRed Hat: RHSA-2014:0015-01 Important OpenSSL Crash Issues
Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: openssl security update Advisory ID: RHSA-2014:0015-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:0015.html Issue date: 2014-01-08 CVE Names: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 ==================================================================== 1. Summary: Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 1.2 was enabled. Thiscould possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application using the library. (CVE-2013-6449) It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL did not properly maintain encryption and digest contexts during renegotiation. A lost or discarded renegotiation handshake packet could cause a DTLS client or server using OpenSSL to crash. (CVE-2013-6450) A NULL pointer dereference flaw was found in the way OpenSSL handled TLS/SSL protocol handshake packets. A specially crafted handshake packet could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353) All OpenSSL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1045363 - CVE-2013-6449 openssl: crash when using TLS 1.2 caused by use of incorrect hash algorithm 1047840 - CVE-2013-6450 openssl: crash in DTLS renegotiation after packet loss 1049058 - CVE-2013-4353 openssl: client NULL dereference crash on malformed handshake packets 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm x86_64: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: i386: openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm openssl-perl-1.0.1e-16.el6_5.4.i686.rpm openssl-static-1.0.1e-16.el6_5.4.i686.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-static-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-static-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm ppc64: openssl-1.0.1e-16.el6_5.4.ppc.rpm openssl-1.0.1e-16.el6_5.4.ppc64.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.ppc.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.ppc64.rpm openssl-devel-1.0.1e-16.el6_5.4.ppc.rpm openssl-devel-1.0.1e-16.el6_5.4.ppc64.rpm s390x: openssl-1.0.1e-16.el6_5.4.s390.rpm openssl-1.0.1e-16.el6_5.4.s390x.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.s390.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.s390x.rpm openssl-devel-1.0.1e-16.el6_5.4.s390.rpm openssl-devel-1.0.1e-16.el6_5.4.s390x.rpm x86_64: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.6): Source: i386: openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-perl-1.0.1e-16.el6_5.4.i686.rpm openssl-static-1.0.1e-16.el6_5.4.i686.rpm ppc64: openssl-debuginfo-1.0.1e-16.el6_5.4.ppc64.rpm openssl-perl-1.0.1e-16.el6_5.4.ppc64.rpm openssl-static-1.0.1e-16.el6_5.4.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-16.el6_5.4.s390x.rpm openssl-perl-1.0.1e-16.el6_5.4.s390x.rpm openssl-static-1.0.1e-16.el6_5.4.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-static-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm x86_64: openssl-1.0.1e-16.el6_5.4.i686.rpm openssl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm openssl-devel-1.0.1e-16.el6_5.4.i686.rpm openssl-devel-1.0.1e-16.el6_5.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: openssl-debuginfo-1.0.1e-16.el6_5.4.i686.rpm openssl-perl-1.0.1e-16.el6_5.4.i686.rpm openssl-static-1.0.1e-16.el6_5.4.i686.rpm x86_64: openssl-debuginfo-1.0.1e-16.el6_5.4.x86_64.rpm openssl-perl-1.0.1e-16.el6_5.4.x86_64.rpm openssl-static-1.0.1e-16.el6_5.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2013-4353 https://access.redhat.com/security/cve/CVE-2013-6449 https://access.redhat.com/security/cve/CVE-2013-6450 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4(GNU/Linux) iD8DBQFSzZgHXlSAg2UNWIIRAofWAJ0UK4cssiN2fV0WOt0Ui+wDi/A1BwCfUSDk njgv4mXCZgK/Bf84S2BcZl8=j7J/ -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Jan 08, 2014
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!