Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
202
security advisorymoderateopenldap2openSUSE Leap 15.1: openSUSE-SU-2020:1534-1 Moderate Issue for openldap2
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1534-1 Rating: moderate References: #1175568 Cross-References: CVE-2020-8027 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for openldap2 fixes the following issues: - CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp (bsc#1175568). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1534=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): libldap-2_4-2-2.4.46-lp151.10.18.1 libldap-2_4-2-debuginfo-2.4.46-lp151.10.18.1 openldap2-2.4.46-lp151.10.18.1 openldap2-back-meta-2.4.46-lp151.10.18.1 openldap2-back-meta-debuginfo-2.4.46-lp151.10.18.1 openldap2-back-perl-2.4.46-lp151.10.18.1 openldap2-back-perl-debuginfo-2.4.46-lp151.10.18.1 openldap2-back-sock-2.4.46-lp151.10.18.1 openldap2-back-sock-debuginfo-2.4.46-lp151.10.18.1 openldap2-back-sql-2.4.46-lp151.10.18.1 openldap2-back-sql-debuginfo-2.4.46-lp151.10.18.1 openldap2-client-2.4.46-lp151.10.18.1 openldap2-client-debuginfo-2.4.46-lp151.10.18.1 openldap2-contrib-2.4.46-lp151.10.18.1 openldap2-contrib-debuginfo-2.4.46-lp151.10.18.1 openldap2-debuginfo-2.4.46-lp151.10.18.1 openldap2-debugsource-2.4.46-lp151.10.18.1 openldap2-devel-2.4.46-lp151.10.18.1 openldap2-devel-static-2.4.46-lp151.10.18.1 openldap2-ppolicy-check-password-1.2-lp151.10.18.1 openldap2-ppolicy-check-password-debuginfo-1.2-lp151.10.18.1 - openSUSE Leap 15.1 (x86_64): libldap-2_4-2-32bit-2.4.46-lp151.10.18.1 libldap-2_4-2-32bit-debuginfo-2.4.46-lp151.10.18.1 openldap2-devel-32bit-2.4.46-lp151.10.18.1 - openSUSE Leap 15.1 (noarch): libldap-data-2.4.46-lp151.10.18.1 openldap2-doc-2.4.46-lp151.10.18.1 References: https://www.suse.com/security/cve/CVE-2020-8027.html https://bugzilla.suse.com/1175568 -- . The latest openSUSE Security Patch for openldap2 addresses a significant concern related to daemon operations and directory vulnerabilities, warranting immediate action.. openSUSE Security, Linux Patch, OpenLDAP Fixes, Security Update, Linux Daemon Issues. . LinuxSecurity.com Team
Sep 26, 2020
OpenSUSE
200
security advisorymoderatebuffer overflowScientific Linux: 2012-09-12 Moderate: Quagga Security Update
Moderate: quagga security update. Date: Thu, 13 Sep 2012 16:53:14 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: Security ERRATA Moderate: quagga on SL6.x i386/x86_64 Comments: To: scientific MIME-Version: 1.0 Synopsis: Moderate: quagga security update Issue Date: 2012-09-12 CVE Numbers: CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 CVE-2012-0255 CVE-2012-1820 A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially-crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327) A stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323) A flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324) A flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325) A flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326) An assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. AnOSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249) A buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250) Two flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially-crafted BGP OPEN message. (CVE-2012-0255, CVE-2012-1820) We would like to thank CERT-FI for reporting CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326; and the CERT/CC for reporting CVE-2012-0249, CVE-2012-0250, CVE-2012-0255, and CVE-2012-1820. CERT-FI acknowledges Riku Hietamki, Tuomo Untinen and Jukka Taimisto of the Codenomicon CROSS project as the original reporters of CVE-2011-3327, CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, and CVE-2011-3326. The CERT/CC acknowledges Martin Winter at OpenSourceRouting.org as the original reporter of CVE-2012-0249, CVE-2012-0250, and CVE-2012-0255, and Denis Ovsienko as the original reporter of CVE-2012-1820. After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically. SL6 x86_64 quagga-0.99.15-7.el6_3.2.x86_64.rpm quagga-contrib-0.99.15-7.el6_3.2.x86_64.rpm quagga-devel-0.99.15-7.el6_3.2.i686.rpm quagga-devel-0.99.15-7.el6_3.2.x86_64.rpm i386 quagga-0.99.15-7.el6_3.2.i686.rpm quagga-contrib-0.99.15-7.el6_3.2.i686.rpm quagga-devel-0.99.15-7.el6_3.2.i686.rpm - Scientific Linux Development Team . An important patch for quagga in Scientific Linux addresses multiple flaws that could lead to application crashes or unauthorized code execution.. Quagga Security Update, Scientific Linux, Moderate Security Advisory, Buffer Overflow Issues. . LinuxSecurity.com Team
Sep 13, 2012
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!