Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorycode executioncross-site scripting

ArchLinux: 201610-15 Critical: Chromium Multiple Issues

The package chromium before version 54.0.2840.59-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, cross-site scripting, information disclosure, same-origin policy bypass and insufficient validation. . Arch Linux Security Advisory ASA-201610-15 ========================================= Severity: Critical Date : 2016-10-23 CVE-ID : CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192 CVE-2016-5193 CVE-2016-5194 Package : chromium Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package chromium before version 54.0.2840.59-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, cross-site scripting, information disclosure, same-origin policy bypass and insufficient validation. Resolution ========= Upgrade to 54.0.2840.59-1. # pacman -Syu "chromium> =54.0.2840.59-1" The problems have been fixed upstream in version 54.0.2840.59. Workaround ========= None. Description ========== - CVE-2016-5181 (cross-site scripting) An universal XSS flaw was found in the Blink component of the Chromium browser. - CVE-2016-5182 (arbitrary code execution) A heap overflow flaw was found in the Blink component of the Chromium browser. - CVE-2016-5183 (arbitrary code execution) An use after free flaw was found in the PDFium component of the Chromium browser. - CVE-2016-5184 (arbitrary code execution) An use after free flaw was found in the PDFium component of the Chromium browser. - CVE-2016-5185 (arbitrary code execution) An use after free flaw was found in the Blink component of the Chromium browser. - CVE-2016-5186 (information disclosure) An out of bounds read flaw was found in the DevTools component of the Chromium browser. - CVE-2016-5187 (content spoofing) An URL spoofingflaw was found in the Chromium browser. - CVE-2016-5188 (content spoofing) An UI spoofing flaw was found in the Chromium browser. - CVE-2016-5189 (content spoofing) An URL spoofing flaw was found in the Chromium browser. - CVE-2016-5190 (arbitrary code execution) An use after free flaw was found in the Internals component of the Chromium browser. - CVE-2016-5191 (cross-site scripting) An universal XSS flaw was found in the Bookmarks component of the Chromium browser. - CVE-2016-5192 (same-origin policy bypass) A cross-origin bypass flaw was found in the Blink component of the Chromium browser. - CVE-2016-5193 (insufficient validation) A scheme bypass vulnerability has been discovered. - CVE-2016-5194 (arbitrary code execution) Various fixes from internal audits, fuzzing and other initiatives. Impact ===== A remote attacker can bypass security measures, access sensitive information or execute arbitrary code on the affected host. References ========= https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html https://access.redhat.com/security/cve/CVE-2016-5181 https://access.redhat.com/security/cve/CVE-2016-5182 https://access.redhat.com/security/cve/CVE-2016-5183 https://access.redhat.com/security/cve/CVE-2016-5184 https://access.redhat.com/security/cve/CVE-2016-5185 https://access.redhat.com/security/cve/CVE-2016-5186 https://access.redhat.com/security/cve/CVE-2016-5187 https://access.redhat.com/security/cve/CVE-2016-5188 https://access.redhat.com/security/cve/CVE-2016-5189 https://access.redhat.com/security/cve/CVE-2016-5190 https://access.redhat.com/security/cve/CVE-2016-5191 https://access.redhat.com/security/cve/CVE-2016-5192 https://access.redhat.com/security/cve/CVE-2016-5193 https://access.redhat.com/security/cve/CVE-2016-5194 . When evaluating the Arch Linux Chromium package, focus on critical security risks such as code execution, data exposure, RCE, sandbox escapes, XSS, and info leaks that jeopardizeuser safety. ArchLinux Chromium Exploits, Multiple Security Issues, Critical Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 23, 2016 Critical ArchLinux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatcritical update

Red Hat: 2010:0781-01 Critical: Seamonkey Exploit Issues

Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: seamonkey security update Advisory ID: RHSA-2010:0781-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0781.html Issue date: 2010-10-19 CVE Names: CVE-2010-3170 CVE-2010-3173 CVE-2010-3176 CVE-2010-3177 CVE-2010-3180 CVE-2010-3182 ==================================================================== 1. Summary: Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-3176,CVE-2010-3180) A flaw was found in the way the Gopher parser in SeaMonkey converted text into HTML. A malformed file name on a Gopher server could, when accessed by a victim running SeaMonkey, allow arbitrary JavaScript to be executed in the context of the Gopher domain. (CVE-2010-3177) A flaw was found in the script that launches SeaMonkey. The LD_LIBRARY_PATH variable was appending a "." character, which could allow a local attacker to execute arbitrary code with the privileges of a different user running SeaMonkey, if that user ran SeaMonkey from within an attacker-controlled directory. (CVE-2010-3182) It was found that the SSL DHE (Diffie-Hellman Ephemeral) mode implementation for key exchanges in SeaMonkey accepted DHE keys that were 256 bits in length. This update removes support for 256 bit DHE keys, as such keys are easily broken using modern hardware. (CVE-2010-3173) A flaw was found in the way SeaMonkey matched SSL certificates when the certificates had a Common Name containing a wildcard and a partial IP address. SeaMonkey incorrectly accepted connections to IP addresses that fell within the SSL certificate's wildcard range as valid SSL connections, possibly allowing an attacker to conduct a man-in-the-middle attack. (CVE-2010-3170) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 630047 - CVE-2010-3170 firefox/nss: Doesn't handle wildcards in Common Name properly 642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards 642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp 642290 - CVE-2010-3177 Mozilla XSS in gopher parser when parsinghrefs 642300 - CVE-2010-3182 Mozilla unsafe library loading flaw 642302 - CVE-2010-3173 Mozilla insecure Diffie-Hellman key exchange 6. Package List: Red Hat Enterprise Linux AS version3: Source: i386: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-chat-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-devel-1.0.9-0.61.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.61.el3.i386.rpm seamonkey-mail-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.61.el3.i386.rpm ia64: seamonkey-1.0.9-0.61.el3.ia64.rpm seamonkey-chat-1.0.9-0.61.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.ia64.rpm seamonkey-devel-1.0.9-0.61.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.ia64.rpm seamonkey-mail-1.0.9-0.61.el3.ia64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.ia64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.ia64.rpm ppc: seamonkey-1.0.9-0.61.el3.ppc.rpm seamonkey-chat-1.0.9-0.61.el3.ppc.rpm seamonkey-debuginfo-1.0.9-0.61.el3.ppc.rpm seamonkey-devel-1.0.9-0.61.el3.ppc.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.ppc.rpm seamonkey-js-debugger-1.0.9-0.61.el3.ppc.rpm seamonkey-mail-1.0.9-0.61.el3.ppc.rpm seamonkey-nspr-1.0.9-0.61.el3.ppc.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.ppc.rpm seamonkey-nss-1.0.9-0.61.el3.ppc.rpm seamonkey-nss-devel-1.0.9-0.61.el3.ppc.rpm s390: seamonkey-1.0.9-0.61.el3.s390.rpm seamonkey-chat-1.0.9-0.61.el3.s390.rpm seamonkey-debuginfo-1.0.9-0.61.el3.s390.rpm seamonkey-devel-1.0.9-0.61.el3.s390.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.s390.rpm seamonkey-js-debugger-1.0.9-0.61.el3.s390.rpm seamonkey-mail-1.0.9-0.61.el3.s390.rpm seamonkey-nspr-1.0.9-0.61.el3.s390.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.s390.rpm seamonkey-nss-1.0.9-0.61.el3.s390.rpm seamonkey-nss-devel-1.0.9-0.61.el3.s390.rpm s390x: seamonkey-1.0.9-0.61.el3.s390x.rpm seamonkey-chat-1.0.9-0.61.el3.s390x.rpm seamonkey-debuginfo-1.0.9-0.61.el3.s390.rpm seamonkey-debuginfo-1.0.9-0.61.el3.s390x.rpm seamonkey-devel-1.0.9-0.61.el3.s390x.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.s390x.rpm seamonkey-js-debugger-1.0.9-0.61.el3.s390x.rpm seamonkey-mail-1.0.9-0.61.el3.s390x.rpm seamonkey-nspr-1.0.9-0.61.el3.s390.rpm seamonkey-nspr-1.0.9-0.61.el3.s390x.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.s390x.rpm seamonkey-nss-1.0.9-0.61.el3.s390.rpm seamonkey-nss-1.0.9-0.61.el3.s390x.rpm seamonkey-nss-devel-1.0.9-0.61.el3.s390x.rpm x86_64: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-1.0.9-0.61.el3.x86_64.rpm seamonkey-chat-1.0.9-0.61.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.x86_64.rpm seamonkey-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.x86_64.rpm seamonkey-mail-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.x86_64.rpm Red Hat Desktop version3: Source: i386: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-chat-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-devel-1.0.9-0.61.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.61.el3.i386.rpm seamonkey-mail-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.61.el3.i386.rpm x86_64: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-1.0.9-0.61.el3.x86_64.rpm seamonkey-chat-1.0.9-0.61.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.x86_64.rpm seamonkey-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.x86_64.rpm seamonkey-mail-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.x86_64.rpm Red Hat Enterprise Linux ES version3: Source: i386: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-chat-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-devel-1.0.9-0.61.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.61.el3.i386.rpm seamonkey-mail-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.61.el3.i386.rpm ia64: seamonkey-1.0.9-0.61.el3.ia64.rpm seamonkey-chat-1.0.9-0.61.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.ia64.rpm seamonkey-devel-1.0.9-0.61.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.ia64.rpm seamonkey-mail-1.0.9-0.61.el3.ia64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.ia64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.ia64.rpm x86_64: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-1.0.9-0.61.el3.x86_64.rpm seamonkey-chat-1.0.9-0.61.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.x86_64.rpm seamonkey-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.x86_64.rpm seamonkey-mail-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.x86_64.rpm Red Hat Enterprise Linux WS version3: Source: i386: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-chat-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-devel-1.0.9-0.61.el3.i386.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.i386.rpm seamonkey-js-debugger-1.0.9-0.61.el3.i386.rpm seamonkey-mail-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-devel-1.0.9-0.61.el3.i386.rpm ia64: seamonkey-1.0.9-0.61.el3.ia64.rpm seamonkey-chat-1.0.9-0.61.el3.ia64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.ia64.rpm seamonkey-devel-1.0.9-0.61.el3.ia64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.ia64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.ia64.rpm seamonkey-mail-1.0.9-0.61.el3.ia64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.ia64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.ia64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.ia64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.ia64.rpm x86_64: seamonkey-1.0.9-0.61.el3.i386.rpm seamonkey-1.0.9-0.61.el3.x86_64.rpm seamonkey-chat-1.0.9-0.61.el3.x86_64.rpm seamonkey-debuginfo-1.0.9-0.61.el3.i386.rpm seamonkey-debuginfo-1.0.9-0.61.el3.x86_64.rpm seamonkey-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-dom-inspector-1.0.9-0.61.el3.x86_64.rpm seamonkey-js-debugger-1.0.9-0.61.el3.x86_64.rpm seamonkey-mail-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-1.0.9-0.61.el3.i386.rpm seamonkey-nspr-1.0.9-0.61.el3.x86_64.rpm seamonkey-nspr-devel-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-1.0.9-0.61.el3.i386.rpm seamonkey-nss-1.0.9-0.61.el3.x86_64.rpm seamonkey-nss-devel-1.0.9-0.61.el3.x86_64.rpm Red Hat Enterprise Linux AS version4: Source: i386: seamonkey-1.0.9-64.el4.i386.rpm seamonkey-chat-1.0.9-64.el4.i386.rpm seamonkey-debuginfo-1.0.9-64.el4.i386.rpm seamonkey-devel-1.0.9-64.el4.i386.rpm seamonkey-dom-inspector-1.0.9-64.el4.i386.rpm seamonkey-js-debugger-1.0.9-64.el4.i386.rpm seamonkey-mail-1.0.9-64.el4.i386.rpm ia64: seamonkey-1.0.9-64.el4.ia64.rpm seamonkey-chat-1.0.9-64.el4.ia64.rpm seamonkey-debuginfo-1.0.9-64.el4.ia64.rpm seamonkey-devel-1.0.9-64.el4.ia64.rpm seamonkey-dom-inspector-1.0.9-64.el4.ia64.rpm seamonkey-js-debugger-1.0.9-64.el4.ia64.rpm seamonkey-mail-1.0.9-64.el4.ia64.rpm ppc: seamonkey-1.0.9-64.el4.ppc.rpm seamonkey-chat-1.0.9-64.el4.ppc.rpm seamonkey-debuginfo-1.0.9-64.el4.ppc.rpm seamonkey-devel-1.0.9-64.el4.ppc.rpm seamonkey-dom-inspector-1.0.9-64.el4.ppc.rpm seamonkey-js-debugger-1.0.9-64.el4.ppc.rpm seamonkey-mail-1.0.9-64.el4.ppc.rpm s390: seamonkey-1.0.9-64.el4.s390.rpm seamonkey-chat-1.0.9-64.el4.s390.rpm seamonkey-debuginfo-1.0.9-64.el4.s390.rpm seamonkey-devel-1.0.9-64.el4.s390.rpm seamonkey-dom-inspector-1.0.9-64.el4.s390.rpm seamonkey-js-debugger-1.0.9-64.el4.s390.rpm seamonkey-mail-1.0.9-64.el4.s390.rpm s390x: seamonkey-1.0.9-64.el4.s390x.rpm seamonkey-chat-1.0.9-64.el4.s390x.rpm seamonkey-debuginfo-1.0.9-64.el4.s390x.rpm seamonkey-devel-1.0.9-64.el4.s390x.rpm seamonkey-dom-inspector-1.0.9-64.el4.s390x.rpm seamonkey-js-debugger-1.0.9-64.el4.s390x.rpm seamonkey-mail-1.0.9-64.el4.s390x.rpm x86_64: seamonkey-1.0.9-64.el4.x86_64.rpm seamonkey-chat-1.0.9-64.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-64.el4.x86_64.rpm seamonkey-devel-1.0.9-64.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-64.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-64.el4.x86_64.rpm seamonkey-mail-1.0.9-64.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: seamonkey-1.0.9-64.el4.i386.rpm seamonkey-chat-1.0.9-64.el4.i386.rpm seamonkey-debuginfo-1.0.9-64.el4.i386.rpm seamonkey-devel-1.0.9-64.el4.i386.rpm seamonkey-dom-inspector-1.0.9-64.el4.i386.rpm seamonkey-js-debugger-1.0.9-64.el4.i386.rpm seamonkey-mail-1.0.9-64.el4.i386.rpm x86_64: seamonkey-1.0.9-64.el4.x86_64.rpm seamonkey-chat-1.0.9-64.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-64.el4.x86_64.rpm seamonkey-devel-1.0.9-64.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-64.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-64.el4.x86_64.rpm seamonkey-mail-1.0.9-64.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: seamonkey-1.0.9-64.el4.i386.rpm seamonkey-chat-1.0.9-64.el4.i386.rpm seamonkey-debuginfo-1.0.9-64.el4.i386.rpm seamonkey-devel-1.0.9-64.el4.i386.rpm seamonkey-dom-inspector-1.0.9-64.el4.i386.rpm seamonkey-js-debugger-1.0.9-64.el4.i386.rpm seamonkey-mail-1.0.9-64.el4.i386.rpm ia64: seamonkey-1.0.9-64.el4.ia64.rpm seamonkey-chat-1.0.9-64.el4.ia64.rpm seamonkey-debuginfo-1.0.9-64.el4.ia64.rpm seamonkey-devel-1.0.9-64.el4.ia64.rpm seamonkey-dom-inspector-1.0.9-64.el4.ia64.rpm seamonkey-js-debugger-1.0.9-64.el4.ia64.rpm seamonkey-mail-1.0.9-64.el4.ia64.rpm x86_64: seamonkey-1.0.9-64.el4.x86_64.rpm seamonkey-chat-1.0.9-64.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-64.el4.x86_64.rpm seamonkey-devel-1.0.9-64.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-64.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-64.el4.x86_64.rpm seamonkey-mail-1.0.9-64.el4.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: seamonkey-1.0.9-64.el4.i386.rpm seamonkey-chat-1.0.9-64.el4.i386.rpm seamonkey-debuginfo-1.0.9-64.el4.i386.rpm seamonkey-devel-1.0.9-64.el4.i386.rpm seamonkey-dom-inspector-1.0.9-64.el4.i386.rpm seamonkey-js-debugger-1.0.9-64.el4.i386.rpm seamonkey-mail-1.0.9-64.el4.i386.rpm ia64: seamonkey-1.0.9-64.el4.ia64.rpm seamonkey-chat-1.0.9-64.el4.ia64.rpm seamonkey-debuginfo-1.0.9-64.el4.ia64.rpm seamonkey-devel-1.0.9-64.el4.ia64.rpm seamonkey-dom-inspector-1.0.9-64.el4.ia64.rpm seamonkey-js-debugger-1.0.9-64.el4.ia64.rpm seamonkey-mail-1.0.9-64.el4.ia64.rpm x86_64: seamonkey-1.0.9-64.el4.x86_64.rpm seamonkey-chat-1.0.9-64.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-64.el4.x86_64.rpm seamonkey-devel-1.0.9-64.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-64.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-64.el4.x86_64.rpm seamonkey-mail-1.0.9-64.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-3170 https://access.redhat.com/security/cve/CVE-2010-3173 https://access.redhat.com/security/cve/CVE-2010-3176 https://access.redhat.com/security/cve/CVE-2010-3177 https://access.redhat.com/security/cve/CVE-2010-3180 https://access.redhat.com/security/cve/CVE-2010-3182 https://access.redhat.com/security/updates/classification#critical 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. . Urgent patch release for Seamokey packages on CentOS, fixing various vulnerabilities with potential attack routes.. Seamonkey Update, Red Hat Advisory, Security Flaws, Critical Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 19, 2010 Critical Red Hat
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryGentooarbitrary code execution

Gentoo GLSA-200711-23 Normal: VMware Workstation Multiple Issues

VMware guest operating systems might be able to execute arbitrary code with elevated privileges on the host operating system through multiple flaws. [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: VMware Workstation and Player: Multiple vulnerabilities Date: November 18, 2007 Bugs: #193196 ID: 200711-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= VMware guest operating systems might be able to execute arbitrary code with elevated privileges on the host operating system through multiple flaws. Background ========= VMware Workstation is a virtual machine for developers and system administrators. VMware Player is a freeware virtualization software that can run guests produced by other VMware products. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 vmware-workstation < 6.0.1.55017 *> = 5.5.5.56455 > = 6.0.1.55017 2 vmware-player < 2.0.1.55017 *> = 1.0.5.56455 > = 2.0.1.55017 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== Multiple vulnerabilities have been discovered in several VMware products. Neel Mehtaand Ryan Smith (IBM ISS X-Force) discovered that the DHCP server contains an integer overflow vulnerability (CVE-2007-0062), an integer underflow vulnerability (CVE-2007-0063) and another error when handling malformed packets (CVE-2007-0061), leading to stack-based buffer overflows or stack corruption. Rafal Wojtczvk (McAfee) discovered two unspecified errors that allow authenticated users with administrative or login privileges on a guest operating system to corrupt memory or cause a Denial of Service (CVE-2007-4496, CVE-2007-4497). Another unspecified vulnerability related to untrusted virtual machine images was discovered (CVE-2007-5617). VMware products also shipped code copies of software with several vulnerabilities: Samba (GLSA-200705-15), BIND (GLSA-200702-06), MIT Kerberos 5 (GLSA-200707-11), Vixie Cron (GLSA-200704-11), shadow (GLSA-200606-02), OpenLDAP (CVE-2006-4600), PAM (CVE-2004-0813, CVE-2007-1716), GCC (CVE-2006-3619) and GDB (CVE-2006-4146). Impact ===== Remote attackers within a guest system could possibly exploit these vulnerabilities to execute code on the host system with elevated privileges or to cause a Denial of Service. Workaround ========= There is no known workaround at this time. Resolution ========= All VMware Workstation users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-emulation/vmware-workstation-5.5.5.56455" All VMware Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-emulation/vmware-player-1.0.5.56455" References ========= [ 1 ] CVE-2004-0813 https://www.cve.org/CVERecord?id=CVE-2004-0813 [ 2 ] CVE-2006-3619 https://www.cve.org/CVERecord?id=CVE-2006-3619 [ 3 ] CVE-2006-4146 https://www.cve.org/CVERecord?id=CVE-2006-4146 [ 4 ] CVE-2006-4600 https://www.cve.org/CVERecord?id=CVE-2006-4600 [ 5 ] CVE-2007-0061 https://www.cve.org/CVERecord?id=CVE-2007-0061 [ 6 ] CVE-2007-0062 https://www.cve.org/CVERecord?id=CVE-2007-0062 [ 7 ] CVE-2007-0063 https://www.cve.org/CVERecord?id=CVE-2007-0063 [ 8 ] CVE-2007-1716 https://www.cve.org/CVERecord?id=CVE-2007-1716 [ 9 ] CVE-2007-4496 https://www.cve.org/CVERecord?id=CVE-2007-4496 [ 10 ] CVE-2007-4497 https://www.cve.org/CVERecord?id=CVE-2007-4497 [ 11 ] CVE-2007-5617 https://www.cve.org/CVERecord?id=CVE-2007-5617 [ 12 ] GLSA-200606-02 https://security.gentoo.org/glsa/200606-02 [ 13 ] GLSA-200702-06 https://security.gentoo.org/glsa/200702-06 [ 14 ] GLSA-200704-11 https://security.gentoo.org/glsa/200704-11 [ 15 ] GLSA-200705-15 https://security.gentoo.org/glsa/200705-15 [ 16 ] GLSA-200707-11 https://security.gentoo.org/glsa/200707-11 [ 17 ] VMSA-2007-0006 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200711-23 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - iD8DBQFHQKq6uhJ+ozIKI5gRAvyzAJ4tIVlyg3li+eRhWJNDh4UhWVfmGACdEXK5 dbHI84sLa81gvPzWkm/TSZs=Lh0/ -----END PGP SIGNATURE----- . Several security flaws in VMware identified; prompt updates advised for protection. Access instructions for remedies and enhancements here.. VMware Security,Gentoo Vulnerabilities,Guest System Exploits. . LinuxSecurity.com Team

Calendar 2 Nov 18, 2007 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here