Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
100
security advisorymoderateinteger overflowopenSUSE 15.6: SUSE-SU-2025:0755-1 moderate: u-boot overflow threats
* bsc#1237284 * bsc#1237287 Cross-References: * CVE-2024-57256 . # Security update for u-boot Announcement ID: SUSE-SU-2025:0755-1 Release Date: 2025-02-28T16:37:12Z Rating: moderate References: * bsc#1237284 * bsc#1237287 Cross-References: * CVE-2024-57256 * CVE-2024-57258 CVSS scores: * CVE-2024-57256 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57256 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57256 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-57258 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-57258 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-57258 ( NVD ): 7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for u-boot fixes the following issues: * CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution function (bsc#1237284). * CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator (bsc#1237287). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-755=1 ## Package List: * openSUSE Leap 15.6 (aarch64) * u-boot-xilinxzynqmpgeneric-2020.01-150200.10.18.1 * u-boot-xilinxzynqmpgeneric-doc-2020.01-150200.10.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57256.html * https://www.suse.com/security/cve/CVE-2024-57258.html * https://bugzilla.suse.com/show_bug.cgi?id=1237284 * https://bugzilla.suse.com/show_bug.cgi?id=1237287 . This revision tackles various vulnerabilities within the u-boot framework, such as buffer overflows, and provides guidance on theinstallation process.. openSUSE Security Update, SUSE u-boot Vulnerability, security advisory u-boot, integer overflow fix, memory allocator patch. . LinuxSecurity.com Team
Feb 28, 2025
SuSE
203
security advisoryinteger issuemageiaMageia 9 MGASA-2025-0018 moderate: raptor2 integer underflow
In the Raptor RDF Syntax Library there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). References: - https://bugs.mageia.org/show_bug.cgi?id=33929 . MGASA-2025-0018 - Updated raptor2 packages fix security vulnerability Publication date: 20 Jan 2025 URL: https://advisories.mageia.org/MGASA-2025-0018.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-57823 In the Raptor RDF Syntax Library there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). References: - https://bugs.mageia.org/show_bug.cgi?id=33929 - - https://www.cve.org/CVERecord?id=CVE-2024-57823 SRPMS: - 9/core/raptor2-2.0.15-23.1.mga9 . The latest raptor2 package revisions tackle the integer underflow vulnerability highlighted in Mageia advisory MGASA-2025-0018.. raptor RDF, integer underflow, security updates, Mageia advisory, software fixes. . LinuxSecurity.com Team
Jan 20, 2025
Mageia
100
security advisorymoderatememory issueREDHAT: 2023:7892-3 Moderate: Buffer and Security Issues in abc/htmlparser
The container bci/openjdk was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/openjdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2231-1 Container Tags : bci/openjdk:11 , bci/openjdk:11-8.6 Container Release : 8.6 Severity : moderate Type : security References : 1211418 1211419 CVE-2023-2602 CVE-2023-2603 ----------------------------------------------------------------- The container bci/openjdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2765-1 Released: Mon Jul 3 20:28:14 2023 Summary: Security update for libcap Type: security Severity: moderate References: 1211418,1211419,CVE-2023-2602,CVE-2023-2603 This update for libcap fixes the following issues: - CVE-2023-2602: Fixed improper memory release in libcap/psx/psx.c:__wrap_pthread_create() (bsc#1211418). - CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419). The following package changes have been done: - libcap2-2.63-150400.3.3.1 updated - container:sles15-image-15.0.0-36.5.10 updated . Critical patch rolled out for bci/openjdk container, resolving memory leaks and integer overflow bugs, enhancing overall robustness.. SUSE Update, bci/openjdk, libcap Fix, Container Security, Software Patch. . LinuxSecurity.com Team
Jul 05, 2023
SuSE
89
security advisorysoftware updateFedoraFedora 32: FEDORA-2021-eb5d6cf9f6 Moderate: pngcheck Integer Issue
Backported fix for #1949800, in which certain invalid PNG data could cause an integer division-by-zero, invoking undefined behavior, from upstream release 3.0.3.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-eb5d6cf9f6 2021-05-05 01:04:23.530340 --------------------------------------------------------------------------------Name : pngcheck Product : Fedora 32 Version : 2.4.0 Release : 8.fc32 URL : http://www.libpng.org/pub/png/apps/pngcheck.html Summary : Verifies the integrity of PNG, JNG and MNG files Description : pngcheck verifies the integrity of PNG, JNG and MNG files (by checking the internal 32-bit CRCs [checksums] and decompressing the image data); it can optionally dump almost all of the chunk-level information in the image in human-readable form. For example, it can be used to print the basic statistics about an image (dimensions, bit depth, etc.); to list the color and transparency info in its palette (assuming it has one); or to extract the embedded text annotations. This is a command-line program with batch capabilities. The current release supports all PNG, MNG and JNG chunks, including the newly approved sTER stereo-layout chunk. It correctly reports errors in all but two of the images in Chris Nokleberg's brokensuite-20061204. --------------------------------------------------------------------------------Update Information: Backported fix for #1949800, in which certain invalid PNG data could cause an integer division-by-zero, invoking undefined behavior, from upstream release 3.0.3. --------------------------------------------------------------------------------ChangeLog: * Mon Apr 26 2021 Benjamin A. Beasley - 2.4.0-8 - Backport fix for RHBZ#1949800 from upstream release 3.0.3 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2021-eb5d6cf9f6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 04, 2021
•Important
Fedora
98
security advisorymoderateupdateRed Hat Enterprise Linux 5: RHSA-2010:0061-02 Moderate: Gzip Integer Flaw
An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: gzip security update Advisory ID: RHSA-2010:0061-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0061.html Issue date: 2010-01-20 CVE Names: CVE-2010-0001 ==================================================================== 1. Summary: An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The gzip package provides the GNU gzip data compression program. An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive files compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. If a victim expanded a specially-crafted archive, it could cause gzip to crash or, potentially, execute arbitrary code with the privileges of the user running gzip. This flaw onlyaffects 64-bit systems. (CVE-2010-0001) Red Hat would like to thank Aki Helin of the Oulu University Secure Programming Group for responsibly reporting this flaw. Users of gzip should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 554418 - CVE-2010-0001 gzip: (64 bit) Integer underflow by decompressing LZW format files 6. Package List: Red Hat Enterprise Linux AS version 3: Source: i386: gzip-1.3.3-15.rhel3.i386.rpm gzip-debuginfo-1.3.3-15.rhel3.i386.rpm ia64: gzip-1.3.3-15.rhel3.ia64.rpm gzip-debuginfo-1.3.3-15.rhel3.ia64.rpm ppc: gzip-1.3.3-15.rhel3.ppc.rpm gzip-debuginfo-1.3.3-15.rhel3.ppc.rpm s390: gzip-1.3.3-15.rhel3.s390.rpm gzip-debuginfo-1.3.3-15.rhel3.s390.rpm s390x: gzip-1.3.3-15.rhel3.s390x.rpm gzip-debuginfo-1.3.3-15.rhel3.s390x.rpm x86_64: gzip-1.3.3-15.rhel3.x86_64.rpm gzip-debuginfo-1.3.3-15.rhel3.x86_64.rpm Red Hat Desktop version 3: Source: i386: gzip-1.3.3-15.rhel3.i386.rpm gzip-debuginfo-1.3.3-15.rhel3.i386.rpm x86_64: gzip-1.3.3-15.rhel3.x86_64.rpm gzip-debuginfo-1.3.3-15.rhel3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: i386: gzip-1.3.3-15.rhel3.i386.rpm gzip-debuginfo-1.3.3-15.rhel3.i386.rpm ia64: gzip-1.3.3-15.rhel3.ia64.rpm gzip-debuginfo-1.3.3-15.rhel3.ia64.rpm x86_64: gzip-1.3.3-15.rhel3.x86_64.rpm gzip-debuginfo-1.3.3-15.rhel3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: i386: gzip-1.3.3-15.rhel3.i386.rpm gzip-debuginfo-1.3.3-15.rhel3.i386.rpm ia64: gzip-1.3.3-15.rhel3.ia64.rpm gzip-debuginfo-1.3.3-15.rhel3.ia64.rpm x86_64: gzip-1.3.3-15.rhel3.x86_64.rpm gzip-debuginfo-1.3.3-15.rhel3.x86_64.rpm Red Hat Enterprise Linux AS version4: Source: i386: gzip-1.3.3-18.el4_8.1.i386.rpm gzip-debuginfo-1.3.3-18.el4_8.1.i386.rpm ia64: gzip-1.3.3-18.el4_8.1.ia64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.ia64.rpm ppc: gzip-1.3.3-18.el4_8.1.ppc.rpm gzip-debuginfo-1.3.3-18.el4_8.1.ppc.rpm s390: gzip-1.3.3-18.el4_8.1.s390.rpm gzip-debuginfo-1.3.3-18.el4_8.1.s390.rpm s390x: gzip-1.3.3-18.el4_8.1.s390x.rpm gzip-debuginfo-1.3.3-18.el4_8.1.s390x.rpm x86_64: gzip-1.3.3-18.el4_8.1.x86_64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: gzip-1.3.3-18.el4_8.1.i386.rpm gzip-debuginfo-1.3.3-18.el4_8.1.i386.rpm x86_64: gzip-1.3.3-18.el4_8.1.x86_64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: gzip-1.3.3-18.el4_8.1.i386.rpm gzip-debuginfo-1.3.3-18.el4_8.1.i386.rpm ia64: gzip-1.3.3-18.el4_8.1.ia64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.ia64.rpm x86_64: gzip-1.3.3-18.el4_8.1.x86_64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: i386: gzip-1.3.3-18.el4_8.1.i386.rpm gzip-debuginfo-1.3.3-18.el4_8.1.i386.rpm ia64: gzip-1.3.3-18.el4_8.1.ia64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.ia64.rpm x86_64: gzip-1.3.3-18.el4_8.1.x86_64.rpm gzip-debuginfo-1.3.3-18.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: gzip-1.3.5-11.el5_4.1.i386.rpm gzip-debuginfo-1.3.5-11.el5_4.1.i386.rpm x86_64: gzip-1.3.5-11.el5_4.1.x86_64.rpm gzip-debuginfo-1.3.5-11.el5_4.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: gzip-1.3.5-11.el5_4.1.i386.rpm gzip-debuginfo-1.3.5-11.el5_4.1.i386.rpm ia64: gzip-1.3.5-11.el5_4.1.ia64.rpm gzip-debuginfo-1.3.5-11.el5_4.1.ia64.rpm ppc: gzip-1.3.5-11.el5_4.1.ppc.rpm gzip-debuginfo-1.3.5-11.el5_4.1.ppc.rpm s390x: gzip-1.3.5-11.el5_4.1.s390x.rpm gzip-debuginfo-1.3.5-11.el5_4.1.s390x.rpm x86_64: gzip-1.3.5-11.el5_4.1.x86_64.rpm gzip-debuginfo-1.3.5-11.el5_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details onhow to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-0001 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLVx9NXlSAg2UNWIIRApjhAJ9+c+Bzh3mS1JbhhfDo40hd9sL31wCgwXuq jeUZSXwz0XzRRD8YzkEYAvc=sDt9 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Jan 20, 2010
Red Hat
98
security advisoryRed HatupdateRed Hat Enterprise Linux 3: RHSA-2009:1500-01 Important: xpdf Integer Issue
An updated xpdf package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: xpdf security update Advisory ID: RHSA-2009:1500-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1500.html Issue date: 2009-10-15 CVE Names: CVE-2009-0791 CVE-2009-3604 CVE-2009-3606 CVE-2009-3609 ==================================================================== 1. Summary: An updated xpdf package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Multiple integer overflow flaws were found in Xpdf. An attacker could create a malicious PDF file that would cause Xpdf to crash or, potentially, execute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604, CVE-2009-3606, CVE-2009-3609) Red Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604 issue. Users are advised to upgrade to this updated package, which contains a backported patch to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed(http://bugzilla.redhat.com/): 491840 - CVE-2009-0791 xpdf: multiple integer overflows 526877 - CVE-2009-3606 xpdf/poppler: PSOutputDev::doImageL1Sep integer overflow 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow 526911 - CVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and missing allocation return value check 6. Package List: Red Hat Enterprise Linux AS version 3: Source: i386: xpdf-2.02-17.el3.i386.rpm xpdf-debuginfo-2.02-17.el3.i386.rpm ia64: xpdf-2.02-17.el3.ia64.rpm xpdf-debuginfo-2.02-17.el3.ia64.rpm ppc: xpdf-2.02-17.el3.ppc.rpm xpdf-debuginfo-2.02-17.el3.ppc.rpm s390: xpdf-2.02-17.el3.s390.rpm xpdf-debuginfo-2.02-17.el3.s390.rpm s390x: xpdf-2.02-17.el3.s390x.rpm xpdf-debuginfo-2.02-17.el3.s390x.rpm x86_64: xpdf-2.02-17.el3.x86_64.rpm xpdf-debuginfo-2.02-17.el3.x86_64.rpm Red Hat Desktop version 3: Source: i386: xpdf-2.02-17.el3.i386.rpm xpdf-debuginfo-2.02-17.el3.i386.rpm x86_64: xpdf-2.02-17.el3.x86_64.rpm xpdf-debuginfo-2.02-17.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: i386: xpdf-2.02-17.el3.i386.rpm xpdf-debuginfo-2.02-17.el3.i386.rpm ia64: xpdf-2.02-17.el3.ia64.rpm xpdf-debuginfo-2.02-17.el3.ia64.rpm x86_64: xpdf-2.02-17.el3.x86_64.rpm xpdf-debuginfo-2.02-17.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: i386: xpdf-2.02-17.el3.i386.rpm xpdf-debuginfo-2.02-17.el3.i386.rpm ia64: xpdf-2.02-17.el3.ia64.rpm xpdf-debuginfo-2.02-17.el3.ia64.rpm x86_64: xpdf-2.02-17.el3.x86_64.rpm xpdf-debuginfo-2.02-17.el3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-0791 https://www.cve.org/CVERecord?id=CVE-2009-3604 https://www.cve.org/CVERecord?id=CVE-2009-3606 https://www.cve.org/CVERecord?id=CVE-2009-3609 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat securitycontact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. . Important patch released for xpdf in Red Hat RHEL 3 fixes severe security vulnerabilities. Update immediately to safeguard your system.. xpdf Update, Red Hat Security, Integer Overflow Fix, RHEL Updates, xpdf Issues. . Severity: Important. LinuxSecurity.com Team
Oct 15, 2009
•Important
Red Hat
98
security advisorymoderateRed Hat Enterprise LinuxRed Hat EL 5: RHSA-2008:0575-01 Moderate: rdesktop Crash Risk
An updated rdesktop package that fixes a security issue is now available for Red Hat Enterprise Linux 5.An integer underflow and integer signedness issue were discovered in the rdesktop. If an attacker could convince a victim to connect to a malicious RDP server, the attacker could cause the victim's rdesktop to crash or, possibly, execute an arbitrary code. (CVE-2008-1801, CVE-2008-1803) . ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rdesktop security update Advisory ID: RHSA-2008:0575-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2008:0575.html Issue date: 2008-07-24 CVE Names: CVE-2008-1801 CVE-2008-1803 ==================================================================== 1. Summary: An updated rdesktop package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: rdesktop is an open source client for Microsoft Windows NT Terminal Server and Microsoft Windows 2000 and 2003 Terminal Services, capable of natively using the Remote Desktop Protocol (RDP) to present the user's NT desktop. No additional server extensions are required. An integer underflow and integer signedness issue were discovered in the rdesktop. If an attacker could convince a victim to connect to a malicious RDP server, the attacker could cause the victim's rdesktop to crash or, possibly, execute an arbitrary code. (CVE-2008-1801, CVE-2008-1803) Users of rdesktop should upgrade to these updated packages, which contain a backported patches to resolve these issues. 4. Solution: Before applying this update, makesure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 445825 - CVE-2008-1801 rdesktop: iso_recv_msg() Integer Underflow Vulnerability 445829 - CVE-2008-1803 rdesktop: channel_process() Integer Signedness Vulnerability 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: rdesktop-1.4.1-6.i386.rpm rdesktop-debuginfo-1.4.1-6.i386.rpm x86_64: rdesktop-1.4.1-6.x86_64.rpm rdesktop-debuginfo-1.4.1-6.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: rdesktop-1.4.1-6.i386.rpm rdesktop-debuginfo-1.4.1-6.i386.rpm ia64: rdesktop-1.4.1-6.ia64.rpm rdesktop-debuginfo-1.4.1-6.ia64.rpm ppc: rdesktop-1.4.1-6.ppc.rpm rdesktop-debuginfo-1.4.1-6.ppc.rpm s390x: rdesktop-1.4.1-6.s390x.rpm rdesktop-debuginfo-1.4.1-6.s390x.rpm x86_64: rdesktop-1.4.1-6.x86_64.rpm rdesktop-debuginfo-1.4.1-6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2008-1801 https://www.cve.org/CVERecord?id=CVE-2008-1803 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. . A recent rdesktop patch for Red Hat addresses integer problems that could result in possible crashes or unauthorized code execution.. rdesktop Security Update, Integer Underflow Risk, Remote Desktop Threat, Red Hat Advisory. . Severity: Important. LinuxSecurity.com Team
Jul 24, 2008
•Important
Red Hat
200
security advisorymoderate severityinteger overflowScientific Linux 41: tetex Moderate Issue with Integer Overflow
Updated tetex packages that fix several integer overflows are . Date: Thu, 2 Feb 2006 17:32:48 -0600 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for "tetex" on SL 41 ia64 now available Comments: To:
Feb 02, 2006
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!