Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisoryFedorapatch updateFedora 40: 2025-49e8952aab Modest Patch for stb Exploit Vulnerability
Add another patch for the root cause of CVE-2021-45340. We already have a patch for CVE-2021-45340, but adding this new patch may prevent a related, unproven exploit as described in https://github.com/nothings/stb/pull/1454#issuecomment-2581308033.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-49e8952aab 2025-01-19 01:45:00.581432+00:00 -------------------------------------------------------------------------------- Name : stb Product : Fedora 40 Version : 0^20241002git31707d1 Release : 4.fc40 URL : https://github.com/nothings/stb Summary : Single-file public domain libraries for C/C++ Description : Single-file public domain libraries for C/C++. -------------------------------------------------------------------------------- Update Information: Add another patch for the root cause of CVE-2021-45340. We already have a patch for CVE-2021-45340, but adding this new patch may prevent a related, unproven exploit as described in https://github.com/nothings/stb/pull/1454#issuecomment-2581308033. -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 10 2025 Benjamin A. Beasley - 0^20241002git31707d1-4 - Patch root cause of CVE-2021-45340 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-49e8952aab' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Jan 19, 2025
•Important
Fedora
89
security advisoryFedorapatchFedora 41: FEDORA-2025-6a64d3b2fc crucial: stb update for exploit defense
Add another patch for the root cause of CVE-2021-45340. We already have a patch for CVE-2021-45340, but adding this new patch may prevent a related, unproven exploit as described in https://github.com/nothings/stb/pull/1454#issuecomment-2581308033.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6a64d3b2fc 2025-01-19 01:25:41.141784+00:00 -------------------------------------------------------------------------------- Name : stb Product : Fedora 41 Version : 0^20241002git31707d1 Release : 5.fc41 URL : https://github.com/nothings/stb Summary : Single-file public domain libraries for C/C++ Description : Single-file public domain libraries for C/C++. -------------------------------------------------------------------------------- Update Information: Add another patch for the root cause of CVE-2021-45340. We already have a patch for CVE-2021-45340, but adding this new patch may prevent a related, unproven exploit as described in https://github.com/nothings/stb/pull/1454#issuecomment-2581308033. -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 9 2025 Benjamin A. Beasley - 0^20241002git31707d1-5 - Patch root cause of CVE-2021-45340 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6a64d3b2fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Jan 19, 2025
•Critical
Fedora
217
security advisoryhttpdcritical issuesOracle Linux 8 ELSA-2022-0258 Critical Httpd Exploits Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-0258 https://linux.oracle.com/errata/ELSA-2022-0258.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm httpd-filesystem-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-manual-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.x86_64.rpm mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.x86_64.rpm mod_proxy_html-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_session-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm mod_ssl-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.x86_64.rpm aarch64: httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm httpd-devel-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm httpd-filesystem-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-manual-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.noarch.rpm httpd-tools-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.aarch64.rpm mod_ldap-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.aarch64.rpm mod_proxy_html-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_session-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm mod_ssl-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/httpd-2.4.37-43.0.1.module+el8.5.0+20475+4f6a8fd5.1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/mod_http2-1.15.7-3.module+el8.4.0+20024+b87b2deb.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/mod_md-2.0.8-8.module+el8.5.0+20475+4f6a8fd5.src.rpm Related CVEs: CVE-2021-44790 Description of changes: httpd [2.4.37-43.1.0.1] - scoreboard: fix null pointer deference [Orabug: 33690670][CVE-2021-34798] - fix ap_escape_quote logic [Orabug: 33690686][CVE-2021-39275] - Setvstring per ORACLE_SUPPORT_PRODUCT [Orabug: 29892262] - Replace index.html with Oracle's index page oracle_index.html. [2.4.37-43.1] - Resolves: #2035062 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content mod_http2 [1.15.7-3] - Resolves: #1869077 - CVE-2020-11993 httpd:2.4/mod_http2: httpd: mod_http2 concurrent pool usage mod_md _______________________________________________ El-errata mailing list
Jan 25, 2022
•Critical
Oracle
98
security advisorykernel updatecriticalRed Hat Enterprise Linux: RHSA-2013:0567-01 Critical Race Condition
Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2013:0567-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0567.html Issue date: 2013-02-26 CVE Names: CVE-2013-0871 ==================================================================== 1. Summary: Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-0871, Important) Users should upgrade tothese updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 911937 - CVE-2013-0871 kernel: race condition with PTRACE_SETREGS 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: kernel-2.6.32-358.0.1.el6.i686.rpm kernel-debug-2.6.32-358.0.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.0.1.el6.i686.rpm kernel-devel-2.6.32-358.0.1.el6.i686.rpm kernel-headers-2.6.32-358.0.1.el6.i686.rpm perf-2.6.32-358.0.1.el6.i686.rpm perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm noarch: kernel-doc-2.6.32-358.0.1.el6.noarch.rpm kernel-firmware-2.6.32-358.0.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm kernel-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-headers-2.6.32-358.0.1.el6.x86_64.rpm perf-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: i386: kernel-debug-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.0.1.el6.i686.rpm perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm python-perf-2.6.32-358.0.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: noarch: kernel-doc-2.6.32-358.0.1.el6.noarch.rpm kernel-firmware-2.6.32-358.0.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm kernel-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-headers-2.6.32-358.0.1.el6.x86_64.rpm perf-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: kernel-2.6.32-358.0.1.el6.i686.rpm kernel-debug-2.6.32-358.0.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.0.1.el6.i686.rpm kernel-devel-2.6.32-358.0.1.el6.i686.rpm kernel-headers-2.6.32-358.0.1.el6.i686.rpm perf-2.6.32-358.0.1.el6.i686.rpm perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm noarch: kernel-doc-2.6.32-358.0.1.el6.noarch.rpm kernel-firmware-2.6.32-358.0.1.el6.noarch.rpm ppc64: kernel-2.6.32-358.0.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-358.0.1.el6.ppc64.rpm kernel-debug-2.6.32-358.0.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-358.0.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.0.1.el6.ppc64.rpm kernel-devel-2.6.32-358.0.1.el6.ppc64.rpm kernel-headers-2.6.32-358.0.1.el6.ppc64.rpm perf-2.6.32-358.0.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm s390x: kernel-2.6.32-358.0.1.el6.s390x.rpm kernel-debug-2.6.32-358.0.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.s390x.rpm kernel-debug-devel-2.6.32-358.0.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.0.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.0.1.el6.s390x.rpm kernel-devel-2.6.32-358.0.1.el6.s390x.rpm kernel-headers-2.6.32-358.0.1.el6.s390x.rpm kernel-kdump-2.6.32-358.0.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.0.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-358.0.1.el6.s390x.rpm perf-2.6.32-358.0.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.0.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.s390x.rpm x86_64: kernel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm kernel-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-headers-2.6.32-358.0.1.el6.x86_64.rpm perf-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: kernel-debug-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.0.1.el6.i686.rpm perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm python-perf-2.6.32-358.0.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-358.0.1.el6.ppc64.rpm perf-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm python-perf-2.6.32-358.0.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-358.0.1.el6.s390x.rpm kernel-debuginfo-2.6.32-358.0.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-358.0.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-358.0.1.el6.s390x.rpm perf-debuginfo-2.6.32-358.0.1.el6.s390x.rpm python-perf-2.6.32-358.0.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: kernel-2.6.32-358.0.1.el6.i686.rpm kernel-debug-2.6.32-358.0.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.0.1.el6.i686.rpm kernel-devel-2.6.32-358.0.1.el6.i686.rpm kernel-headers-2.6.32-358.0.1.el6.i686.rpm perf-2.6.32-358.0.1.el6.i686.rpm perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm noarch: kernel-doc-2.6.32-358.0.1.el6.noarch.rpm kernel-firmware-2.6.32-358.0.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm kernel-devel-2.6.32-358.0.1.el6.x86_64.rpm kernel-headers-2.6.32-358.0.1.el6.x86_64.rpm perf-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: kernel-debug-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.0.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.0.1.el6.i686.rpm perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm python-perf-2.6.32-358.0.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.0.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm python-perf-2.6.32-358.0.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.0.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://access.redhat.com/security/cve/CVE-2013-0871 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2013 Red Hat, Inc. . Critical kernel update available for Red Hat Enterprise Linux addressing security vulnerabilities. Immediate upgrade advised to avoid potential threats.. Red Hat Enterprise Linux,kernel update,security patch. . Severity: Important. LinuxSecurity.com Team
Feb 26, 2013
•Important
Red Hat
202
security advisorymemory corruptioncritical updateopenSUSE: 2011:0637-1 Critical: Flash Player Memory Issue
An update that fixes one vulnerability is now available. It includes one version update.. openSUSE Security Update: flash-player: Update to 10.3.181.26 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0637-1 Rating: critical References: #699942 Cross-References: CVE-2011-2110 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch flash-player-4716 - openSUSE 11.3: zypper in -t patch flash-player-4716 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586) [New Version: 10.3.181.26]: flash-player-10.3.181.26-0.2.1 - openSUSE 11.3 (i586) [New Version: 10.3.181.26]: flash-player-10.3.181.26-0.2.1 References: https://www.suse.com/security/cve/CVE-2011-2110.html -- . An essential patch for openSUSE has been released to resolve memory corruption issues within the flash player, aiming to mitigate potential system vulnerabilities.. openSUSE Security, Flash Player Update, Critical Fix. . Severity: Critical. LinuxSecurity.com Team
Jun 15, 2011
•Critical
OpenSUSE
89
security advisorysecurity updatesoftware updateFedora 11 FEDORA-2009-11693 Moderate WordPress Security Update
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-11693 2009-11-18 13:33:33 -------------------------------------------------------------------------------- Name : wordpress Product : Fedora 11 Version : 2.8.6 Release : 2.fc11 URL : https://wordpress.org/ Summary : WordPress blogging software Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. -------------------------------------------------------------------------------- Update Information: 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended. -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 16 2009 Adrian Reber - 2.8.6-2 - updated to 2.8.6 (Security Release) * Wed Oct 21 2009 Adrian Reber - 2.8.5-1 - updated to 2.8.5 (Hardening Release) * Sun Aug 30 2009 Adrian Reber - 2.8.4-1 - updated to 2.8.4 (security fixes were already available with 2.8.3-2) * Tue Aug 11 2009 Adrian Reber - 2.8.3-2 - another security update to fix "Remote admin reset password": * Mon Aug 3 2009 Adrian Reber - 2.8.3-1 - updated to 2.8.3 for security fixes * Tue Jul 28 2009 Adrian Reber - 2.8.2-1 - updated to 2.8.2 for security fixes - BZ 512900 - fixed "wrong-script-end-of-line-encoding" of license.txt - correctly disable auto update check - fixed an error message from 'find' during the build * Mon Jul 27 2009 Fedora Release Engineering - 2.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Fri Jul 10 2009 Adrian Reber - 2.8.1-1 - updated to 2.8.1 forsecurity fixes - BZ 510745 * Mon Jun 22 2009 Adrian Reber - 2.8-1 - updated to 2.8 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update wordpress' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list
Nov 18, 2009
Fedora
89
security advisoryFedoraexploit preventionFedora 9: 2009-5190 Moderate: Nsd One-Byte Overflow Threat
Security release. A one-byte overflow bug allows a carefully crafted exploit to bring down your DNS server. It is highly unlikely that this one byte overflow can lead to other (system) exploits. . -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-5190 2009-05-19 23:55:54 -------------------------------------------------------------------------------- Name : nsd Product : Fedora 9 Version : 3.2.2 Release : 1.fc9 URL : https://www.nlnetlabs.nl/projects/nsd/about/ Summary : Fast and lean authoritative DNS Name Server Description : NSD is a complete implementation of an authoritative DNS name server. For further information about what NSD is and what NSD is not please consult the REQUIREMENTS document which is a part of this distribution (thanks to Olaf). -------------------------------------------------------------------------------- Update Information: Security release. A one-byte overflow bug allows a carefully crafted exploit to bring down your DNS server. It is highly unlikely that this one byte overflow can lead to other (system) exploits. -------------------------------------------------------------------------------- ChangeLog: * Mon May 18 2009 Paul Wouters - 3.2.2-1 - Upgraded to 3.2.2 security release - Removed obsoleted options --enable-plugins --enable-mmap * Fri Apr 10 2009 Paul Wouters - 3.2.1-1 - updated to 3.2.1 - fixed /dev/nul which cause a file /%1 to be written by cron - Applied Ville Mattila's changes to support non-default locations * Mon Sep 15 2008 Paul Wouters - 3.1.1-1 - Updated to new version * Mon Jun 30 2008 Paul Wouters - 3.1.0-1 - Updated to new version -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nsd' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list
May 19, 2009
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!