Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 3 articles for you...
89
security advisorymoderatefedoraFedora 24 D-Bus Update: FEDORA-2016-0a4dc821d5 Moderate Format String Issue
Update to 1.11.6. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-0a4dc821d5 2016-10-13 17:12:37.426444 -------------------------------------------------------------------------------- Name : dbus Product : Fedora 24 Version : 1.11.6 Release : 1.fc24 URL : https://https:// Summary : D-BUS message bus Description : D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. -------------------------------------------------------------------------------- Update Information: Update to 1.11.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1383657 - dbus: Format string vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1383657 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update dbus' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 13, 2016
•Important
Fedora
98
security advisorymoderateRed HatRed Hat: RHSA-2012:1116-01 Moderate: perl-DBD-Pg Format String Issue
An updated perl-DBD-Pg package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: perl-DBD-Pg security update Advisory ID: RHSA-2012:1116-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2012:1116.html Issue date: 2012-07-25 CVE Names: CVE-2012-1151 ==================================================================== 1. Summary: An updated perl-DBD-Pg package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Perl DBI is a database access Application Programming Interface (API) for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-1151) All users of perl-DBD-Pg are advised to upgrade to this updatedpackage, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 801733 - CVE-2012-1151 perl-DBD-Pg: Format string flaws by turning db notices into Perl warnings and by preparing DBD statement 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: perl-DBD-Pg-1.49-4.el5_8.i386.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.i386.rpm x86_64: perl-DBD-Pg-1.49-4.el5_8.x86_64.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: perl-DBD-Pg-1.49-4.el5_8.i386.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.i386.rpm ia64: perl-DBD-Pg-1.49-4.el5_8.ia64.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.ia64.rpm ppc: perl-DBD-Pg-1.49-4.el5_8.ppc.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.ppc.rpm s390x: perl-DBD-Pg-1.49-4.el5_8.s390x.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.s390x.rpm x86_64: perl-DBD-Pg-1.49-4.el5_8.x86_64.rpm perl-DBD-Pg-debuginfo-1.49-4.el5_8.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm ppc64: perl-DBD-Pg-2.15.1-4.el6_3.ppc64.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.ppc64.rpm s390x: perl-DBD-Pg-2.15.1-4.el6_3.s390x.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.s390x.rpm x86_64: perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm x86_64: perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2012-1151 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFQECalXlSAg2UNWIIRAg5oAJ9Axt76xnJodfYOujBTqPjLjeOKeACglhKk xcNjSdCZiKspR58fJAdc7XU=KmOi -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Jul 25, 2012
•Medium
Red Hat
200
security advisorymoderatesecurity updateScientific Linux 6: CVE-2012-0864 Moderate: glibc Format String Flaw
Moderate: glibc security and bug fix update. Date: Tue, 20 Mar 2012 08:44:52 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: dropwatch-1.2-1.el6.i686.rpm file-5.04-13.el6.i686.rpm file-devel-5.04-13.el6.i686.rpm file-libs-5.04-13.el6.i686.rpm file-static-5.04-13.el6.i686.rpm gawk-3.1.7-9.el6.i686.rpm iok-1.3.13-2.el6.i686.rpm liberation-fonts-common-1.05.1.20090721-5.el6.noarch.rpm liberation-mono-fonts-1.05.1.20090721-5.el6.noarch.rpm liberation-sans-fonts-1.05.1.20090721-5.el6.noarch.rpm liberation-serif-fonts-1.05.1.20090721-5.el6.noarch.rpm libgweather-2.28.0-5.el6.i686.rpm libgweather-devel-2.28.0-5.el6.i686.rpm mod_nss-1.0.8-14.el6_2.i686.rpm python-magic-5.04-13.el6.i686.rpm tsclient-2.0.2-8.el6.i686.rpm tsclient-devel-2.0.2-8.el6.i686.rpm yum-3.2.29-22.el6_2.2.noarch.rpm yum-cron-3.2.29-22.el6_2.2.noarch.rpm x86_64: dropwatch-1.2-1.el6.x86_64.rpm file-5.04-13.el6.x86_64.rpm file-devel-5.04-13.el6.i686.rpm file-devel-5.04-13.el6.x86_64.rpm file-libs-5.04-13.el6.i686.rpm file-libs-5.04-13.el6.x86_64.rpm file-static-5.04-13.el6.x86_64.rpm gawk-3.1.7-9.el6.x86_64.rpm iok-1.3.13-2.el6.x86_64.rpm liberation-fonts-common-1.05.1.20090721-5.el6.noarch.rpm liberation-mono-fonts-1.05.1.20090721-5.el6.noarch.rpm liberation-sans-fonts-1.05.1.20090721-5.el6.noarch.rpm liberation-serif-fonts-1.05.1.20090721-5.el6.noarch.rpm libgweather-2.28.0-5.el6.i686.rpm libgweather-2.28.0-5.el6.x86_64.rpm libgweather-devel-2.28.0-5.el6.i686.rpm libgweather-devel-2.28.0-5.el6.x86_64.rpm mod_nss-1.0.8-14.el6_2.x86_64.rpm python-magic-5.04-13.el6.x86_64.rpm tsclient-2.0.2-8.el6.x86_64.rpm tsclient-devel-2.0.2-8.el6.i686.rpm tsclient-devel-2.0.2-8.el6.x86_64.rpm yum-3.2.29-22.el6_2.2.noarch.rpm yum-cron-3.2.29-22.el6_2.2.noarch.rpm Date: Wed, 21 Mar 2012 15:24:13 -0500 Reply-To:
Mar 21, 2012
Scientific Linux
172
security advisorycriticalremote executionUbuntu: USN-438-1 Critical: Inkscape Remote Execution Threat
A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges. . =========================================================== Ubuntu Security Notice USN-438-1 March 20, 2007 inkscape vulnerability CVE-2007-1463 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: inkscape 0.42-1ubuntu0.2 Ubuntu 6.06 LTS: inkscape 0.43-4ubuntu3.1 Ubuntu 6.10: inkscape 0.44-1ubuntu2.1 After a standard system upgrade you need to restart Inkscape or reboot your computer to effect the necessary changes. Details follow: A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges. Updated packages for Ubuntu 5.10: Source archives: Size/MD5: 10748 2845c7245a1b7be4c5c751a27b0cc2e7 Size/MD5: 887 97c737882a0f670a9cadb7dd03f2a7d3 Size/MD5: 8001602 653c81be2fc7c80fd9895e908d3a73f1 amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 6371548 5edc834d0661390802903328c979ee2a i386 architecture (x86 compatible Intel/AMD) Size/MD5: 5934276 4d1c8ac3b46ad98317cbff623c1cf83a powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 6329196 73c242a09e8445e2c5114e67d3a5326f sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 6009640 55747db48a057dad40e9ee83b0d3eedb Updated packages forUbuntu 6.06 LTS: Source archives: Size/MD5: 21982 e0849e3fa7016a4eec11a03f5135fb95 Size/MD5: 980 f12017904a2dfb65c7e575b7fa61256b Size/MD5: 9185965 e3e92da1464dcee1b42560ff073dfe36 amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 7778462 54ea87b063fea676141e1b091bc1431e i386 architecture (x86 compatible Intel/AMD) Size/MD5: 7375678 05bf8ec7cb22080b6744a6408c5e5a4a powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 7865464 96d2703544dfaa08a99cca8c329d9d71 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 7503160 15fd6c1e013186acfd62e5d0a5bd7d75 Updated packages for Ubuntu 6.10: Source archives: Size/MD5: 24944 5687cda78c7255b4fdc0febb5970f861 Size/MD5: 966 179a5be63f3f4eb8df47ab51a5395335 Size/MD5: 9549500 099653446c11d2536d6c4727634eaca5 amd64 architecture (Athlon64, Opteron, EM64T Xeon) Size/MD5: 7694504 1499a5ddf8832036d16d75b2ca1432b2 i386 architecture (x86 compatible Intel/AMD) Size/MD5: 7522234 c1e2f801f9ba4d76ef05eecf6ce81ab5 powerpc architecture (Apple Macintosh G3/G4/G5) Size/MD5: 7822556 734c96863c5c6d816f87c302088f88da sparc architecture (Sun SPARC/UltraSPARC) Size/MD5: 7549074 7b73eafd429383055b5021f9ebf09d5d . Ubuntu Security Notice USN-438-1 March 20, 2007 inkscape vulnerability CVE-2007-1463 A security issu. inkscape', format, strings, tricked, opening. . Severity: Critical. LinuxSecurity.com Team
Mar 20, 2007
•Critical
Ubuntu
91
security advisorygentoorisk assessmentGentoo: 200602-06 Normal: ImageMagick Format String Issue Risk
A vulnerability in ImageMagick allows attackers to crash the application and potentially execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200602-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: ImageMagick: Format string vulnerability Date: February 13, 2006 Bugs: #83542 ID: 200602-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in ImageMagick allows attackers to crash the application and potentially execute arbitrary code. Background ========= ImageMagick is an application suite to manipulate and convert images. It is often used as a utility backend by web applications like forums, content management systems or picture galleries. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-gfx/imagemagick < 6.2.5.5 > = 6.2.5.5 Description ========== The SetImageInfo function was found vulnerable to a format string mishandling. Daniel Kobras discovered that the handling of "%"-escaped sequences in filenames passed to the function is inadequate. This is a new vulnerability that is not addressed by GLSA 200503-11. Impact ===== By feeding specially crafted file names to ImageMagick, an attacker can crash the program and possibly execute arbitrary code with the privileges of the user running ImageMagick. Workaround ========= There is no known workaround at this time. Resolution ========= All ImageMagick users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot--verbose "> =media-gfx/imagemagick-6.2.5.5" References ========= [ 1 ] CVE-2006-0082 https://www.cve.org/CVERecord?id=CVE-2006-0082 [ 2 ] GLSA 200503-11 https://security.gentoo.org/glsa/200503-11 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200602-06 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Feb 13, 2006
Gentoo
98
security advisoryremote code executionRed Hat Enterprise LinuxRed Hat Enterprise Linux 2.1 RHSA-2006:0179-01 Critical auth_ldap Fix
An updated auth_ldap packages that fixes a format string security issue is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. . - ---------------------------------------------------------------------Red Hat Security Advisory Synopsis: Critical: auth_ldap security update Advisory ID: RHSA-2006:0179-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0179.html Issue date: 2006-01-10 Updated on: 2006-01-10 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0150 - ---------------------------------------------------------------------1. Summary: An updated auth_ldap packages that fixes a format string security issue is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: The auth_ldap package is an httpd module that allows user authentication against information stored in an LDAP database. A format string flaw was found in the way auth_ldap logs information. It may be possible for a remote attacker to execute arbitrary code as the 'apache' user if auth_ldap is used for user authentication. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0150 to this issue. Note that this issue only affects servers that have auth_ldap installed and configured to perform user authentication against an LDAP database. All users of auth_ldap should upgrade to this updated package, which contains a backported patch to resolve this issue. This issue does not affect the Red Hat Enterprise Linux 3 or 4 distributions as they do not include the auth_ldap package. 4.Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 177421 - CVE-2006-0150 auth_ldap format string issue 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: b386cc76da4f4dbbcafc5e0200567b76 auth_ldap-1.4.8-3.1.src.rpm i386: 569bce40fcb6cc7cefa9179d949fb192 auth_ldap-1.4.8-3.1.i386.rpm ia64: 56aea79641ddb17dc98d26b6f20dd439 auth_ldap-1.4.8-3.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: b386cc76da4f4dbbcafc5e0200567b76 auth_ldap-1.4.8-3.1.src.rpm ia64: 56aea79641ddb17dc98d26b6f20dd439 auth_ldap-1.4.8-3.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: b386cc76da4f4dbbcafc5e0200567b76 auth_ldap-1.4.8-3.1.src.rpm i386: 569bce40fcb6cc7cefa9179d949fb192 auth_ldap-1.4.8-3.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: b386cc76da4f4dbbcafc5e0200567b76 auth_ldap-1.4.8-3.1.src.rpm i386: 569bce40fcb6cc7cefa9179d949fb192 auth_ldap-1.4.8-3.1.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.cve.org/CVERecord?id=CVE-2006-0150 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2006 Red Hat, Inc. . Important security patch released for auth_ldap module in Red Hat addressing a format specifier vulnerability to enhance security and robustness.. Red Hat Enterprise Linux, auth_ldap Update, Security Best Practices. . Severity: Critical. LinuxSecurity.com Team
Jan 17, 2006
•Critical
Red Hat
98
security advisoryRed Hat Enterprise Linuxcritical updateCritical Update for mod_auth_pgsql in Red Hat Enterprise Linux 3 and 4
Updated mod_auth_pgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. . - ---------------------------------------------------------------------Red Hat Security Advisory Synopsis: Critical: mod_auth_pgsql security update Advisory ID: RHSA-2006:0164-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0164.html Issue date: 2006-01-05 Updated on: 2006-01-05 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-3656 - ---------------------------------------------------------------------1. Summary: Updated mod_auth_pgsql packages that fix format string security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The mod_auth_pgsql package is an httpd module that allows user authentication against information stored in a PostgreSQL database. Several format string flaws were found in the way mod_auth_pgsql logs information. It may be possible for a remote attacker to execute arbitrary code as the 'apache' user if mod_auth_pgsql is used for user authentication. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-3656 to this issue. Please note that this issue only affects servers which have mod_auth_pgsql installed andconfigured to perform user authentication against a PostgreSQL database. All users of mod_auth_pgsql should upgrade to these updated packages, which contain a backported patch to resolve this issue. This issue does not affect the mod_auth_pgsql package supplied with Red Hat Enterprise Linux 2.1. Red Hat would like to thank iDefense for reporting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 177042 - CVE-2005-3656 mod_auth_pgsql format string issue 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: 78d123ce4dd88d2b473f3def9d1f78d8 mod_auth_pgsql-2.0.1-4.ent.1.src.rpm i386: 416d662759b7e9a6cac6db24813cadf9 mod_auth_pgsql-2.0.1-4.ent.1.i386.rpm ia64: 4a72fdbf3b94d7d1891e66d8465a5798 mod_auth_pgsql-2.0.1-4.ent.1.ia64.rpm ppc: 7b319bd7a03d74b6337b259f96950e8c mod_auth_pgsql-2.0.1-4.ent.1.ppc.rpm s390: c989ef09e9c107cd05e9ca4e75bbc789 mod_auth_pgsql-2.0.1-4.ent.1.s390.rpm s390x: 476139795bf63306aaf2d478fb471982 mod_auth_pgsql-2.0.1-4.ent.1.s390x.rpm x86_64: cb2bd4600e4fab1ffc7e2b1fbb2a6dfb mod_auth_pgsql-2.0.1-4.ent.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: 78d123ce4dd88d2b473f3def9d1f78d8 mod_auth_pgsql-2.0.1-4.ent.1.src.rpm i386: 416d662759b7e9a6cac6db24813cadf9 mod_auth_pgsql-2.0.1-4.ent.1.i386.rpm x86_64: cb2bd4600e4fab1ffc7e2b1fbb2a6dfb mod_auth_pgsql-2.0.1-4.ent.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: 78d123ce4dd88d2b473f3def9d1f78d8 mod_auth_pgsql-2.0.1-4.ent.1.src.rpm i386: 416d662759b7e9a6cac6db24813cadf9 mod_auth_pgsql-2.0.1-4.ent.1.i386.rpm ia64: 4a72fdbf3b94d7d1891e66d8465a5798mod_auth_pgsql-2.0.1-4.ent.1.ia64.rpm x86_64: cb2bd4600e4fab1ffc7e2b1fbb2a6dfb mod_auth_pgsql-2.0.1-4.ent.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: 78d123ce4dd88d2b473f3def9d1f78d8 mod_auth_pgsql-2.0.1-4.ent.1.src.rpm i386: 416d662759b7e9a6cac6db24813cadf9 mod_auth_pgsql-2.0.1-4.ent.1.i386.rpm ia64: 4a72fdbf3b94d7d1891e66d8465a5798 mod_auth_pgsql-2.0.1-4.ent.1.ia64.rpm x86_64: cb2bd4600e4fab1ffc7e2b1fbb2a6dfb mod_auth_pgsql-2.0.1-4.ent.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: 2a46d8268d1d434ed8ec089bf83e62bd mod_auth_pgsql-2.0.1-7.1.src.rpm i386: 19b586cf092086566de31c883b116f8f mod_auth_pgsql-2.0.1-7.1.i386.rpm ia64: 90ca4b0d4160b78edda12d3d300bc2bb mod_auth_pgsql-2.0.1-7.1.ia64.rpm ppc: 514eea209095325a9d0c4acb6c1a181f mod_auth_pgsql-2.0.1-7.1.ppc.rpm s390: 9c32645c2f524537233212c532e6d0a7 mod_auth_pgsql-2.0.1-7.1.s390.rpm s390x: 7eef05e02885fad7fb86485fe2b46630 mod_auth_pgsql-2.0.1-7.1.s390x.rpm x86_64: 542f993464e75b8e6370c453e1dc8c7d mod_auth_pgsql-2.0.1-7.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 2a46d8268d1d434ed8ec089bf83e62bd mod_auth_pgsql-2.0.1-7.1.src.rpm i386: 19b586cf092086566de31c883b116f8f mod_auth_pgsql-2.0.1-7.1.i386.rpm x86_64: 542f993464e75b8e6370c453e1dc8c7d mod_auth_pgsql-2.0.1-7.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 2a46d8268d1d434ed8ec089bf83e62bd mod_auth_pgsql-2.0.1-7.1.src.rpm i386: 19b586cf092086566de31c883b116f8f mod_auth_pgsql-2.0.1-7.1.i386.rpm ia64: 90ca4b0d4160b78edda12d3d300bc2bb mod_auth_pgsql-2.0.1-7.1.ia64.rpm x86_64: 542f993464e75b8e6370c453e1dc8c7d mod_auth_pgsql-2.0.1-7.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 2a46d8268d1d434ed8ec089bf83e62bd mod_auth_pgsql-2.0.1-7.1.src.rpm i386: 19b586cf092086566de31c883b116f8f mod_auth_pgsql-2.0.1-7.1.i386.rpm ia64: 90ca4b0d4160b78edda12d3d300bc2bb mod_auth_pgsql-2.0.1-7.1.ia64.rpm x86_64: 542f993464e75b8e6370c453e1dc8c7dmod_auth_pgsql-2.0.1-7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.cve.org/CVERecord?id=CVE-2005-3656 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2006 Red Hat, Inc. . Essential security patch released for Red Hat's mod_auth_pgsql software to address formatting string vulnerabilities and mitigate potential execution threats.. Red Hat Security, mod_auth_pgsql Update, Format String Fix, RHEL Security. . Severity: Critical. LinuxSecurity.com Team
Jan 17, 2006
•Critical
Red Hat
87
security advisorycriticalremote code executionDebian 3.1 DSA 841-1 Critical: Mailutils Remote Code Execution
Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 841-1
Oct 04, 2005
•Critical
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!