Linux Advisory Watch: April 12th, 2013

Timur Yunusov and Alexey Osipov from Positive Technologies discovered that the XML files parser of ModSecurity, an Apache module whose purpose is to tighten the Web application security, is vulnerable to XML external entities attacks. A specially-crafted XML file provided by a [More...]

Several vulnerabilities were discovered in PostgreSQL database server. CVE-2013-1899 [More...]

A vulnerability was discovered in PostgreSQL database server. Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess. [More...]

Two vulnerabilities in NVIDIA drivers may allow a local attacker to gain escalated privileges.

Multiple vulnerabilities has been discovered and corrected in postgresql: PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare [More...]

Updated libxslt packages fix security vulnerability: Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could [More...]

Multiple vulnerablilities was identified and fixed in asterisk: The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x [More...]

This fixes a format string vulnerability in the LogVHdrMessageVerb function in os/log.c when handling input device names in X.Org X11 server (CVE-2012-2118). MBS1 is not vulnerable to arbitrary code execution via this [More...]

Updated x11-driver-video-qxl package fixes security vulnerability: A flaw was found in the way the host's qemu-kvm qxl driver and the guest's X.Org qxl driver interacted when a SPICE connection terminated. A user able to initiate a SPICE connection to a guest [More...]

This update provides WordPress 3.4.2, a maintenance and security release. [More...] _______________________________________________________________________

Updated weechat packages fix security vulnerability: A buffer overflow is causing a crash or freeze of WeeChat (0.36 to 0.39) when decoding IRC colors in strings. The packages have been patched to fix this problem (CVE-2012-5854). [More...]

Updated vte packages fix security vulnerability: A denial of service flaw was found in the way VTE, a terminal emulator widget, processed certain escape sequences with large repeat counts. A remote attacker could provide a specially-crafted file, which once [More...]

Updated viewvc packages fix security vulnerabilities: complete authz support for remote SVN views (CVE-2012-3356). log msg leak in SVN revision view with unreadable copy source [More...]

Updated usbmuxd packages fix security vulnerability: It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd [More...]

Updated tor package fixes security vulnerabilities: Tor before 0.2.2.34, when configured as a client or bridge, sends a TLS certificate chain as part of an outgoing OR connection, which allows remote relays to bypass intended anonymity properties by reading this [More...]

Updated taglib packages fix security vulnerabilities: taglib before 1.7.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file (CVE-2012-2396). [More...]

Updated stunnel packages fix security vulnerability: stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code [More...]

Updated squid packages fix security vulnerability: Due to missing input validation, the Squid cachemgr.cgi tool in Squid before 3.1.22 and 3.2.4 is vulnerable to a denial of service attack when processing specially crafted requests (CVE-2012-5643). [More...]

Updated squashfs-tools packages fix security vulnerabilities: remote arbitrary code execution via crafted list file (CVE-2012-4024). integer overflow in queue_init() may lead to abitrary code execution [More...]

Updated socat package fixes security vulnerability: Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE [More...]

Updated snack packages fix security vulnerability: Two vulnerabilities have been discovered in Snack Sound Toolkit, which are caused due to missing boundary checks in the GetWavHeader() function (generic/jkSoundFile.c) when parsing either format sub-chunks [More...]

Updated sleuthkit packages fix security vulnerabilities: A security flaw was found in the way the Sleuth Kit (TSK), a collection of UNIX-based command line tools allowing to investigate a computer, performed management of \'.\' (dotfile) file system entry. An attacker [More...]

Updated ruby packages fix security vulnerabilities: Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions [More...]

Updated rpmdevtools package fixes security vulnerability: A TOCTOU race condition was found in the way 'annotate-output' (used to execute a program annotating the output linewise with time and stream) tool of rpmdevtools before 8.3 performed management of its [More...]

Updated quagga package fixes security vulnerability: The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending [More...]

Updated qemu packages fix security vulnerability: A flaw was found in how qemu, in snapshot mode (-snapshot command line argument), handled the creation and opening of the temporary file used to store the difference of the virtualized guest's read-only [More...]

Updated python-pycrypto package fixes security vulnerability: PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct [More...]

python-httplib2 ships its own copy of the Mozilla NSS certificates, but it should use the system-wide ones provided by the rootcerts package instead. This has been corrected. [More...] _______________________________________________________________________

Updated python-feedparser package fixes security vulnerability: Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII [More...]

Updated python packages fix security vulnerabilities: A race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is [More...]

Updated pixman packages fix security vulnerability: Stack-based buffer overflow in libpixman has unspecified impact and attack vectors (CVE-2013-1591). [More...] _______________________________________________________________________

Updated php-ZendFramework packages fix security vulnerabilities: Zend_Dom, Zend_Feed, Zend_Soap, and Zend_XmlRpc in Zend Framework before 1.11.13 and 1.12.0 are vulnerable to XML Entity Expansion (XEE) vectors, leading to Denial of Service vectors. XEE attacks occur when [More...]

Multiple vulnerabilities has been discovered and corrected in php: ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to [More...]

Updated perl packages fix security vulnerability: It was discovered that Perl's 'x' string repeat operator is vulnerable to a heap-based buffer overflow. An attacker could use this to execute arbitrary code (CVE-2012-5195). [More...]

Updated otrs package fixes security vulnerabilities: Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.13, 3.0.x before 3.0.15, and 3.1.x before 3.1.9, and OTRS ITSM 2.1.x before 2.1.5, [More...]

Updated openslp packages fix security vulnerability: The extension parser in slp_v2message.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (infinite loop) via a packet with a next extension offset that references this extension [More...]

Updated openjpeg packages fix security vulnerability: An out-of heap-based buffer bounds read and write flaw, leading to invalid free, was found in the way a tile coder / decoder (TCD) implementation of OpenJPEG, an open-source JPEG 2000 codec written in [More...]

Updated open-iscsi package fixes security vulnerability: Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to overwrite arbitrary files with root privileges (CVE-2009-1297). [More...]

Updated openconnect packages fix security vulnerability: A stack-based buffer overflow flaw was found in the way OpenConnect, a client for Cisco's AnyConnect VPN, performed processing of certain host names, paths, or cookie lists, received from the VPN gateway. A [More...]

Updated ocaml-xml-light packages fix security vulnerability: OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service [More...]

Updated nss-pam-ldapd packages fixes the following security vulnerability: Garth Mollett discovered that a file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd can lead to a stack-based buffer [More...]

Updated munin packages fix security vulnerabilities: The qmailscan plugin for Munin before 2.0 rc6 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names (CVE-2012-2103). [More...]

Updated mosh package fixes security vulnerability: Mosh versions 1.2 and earlier allow an application to cause the mosh-server to consume large amounts of CPU time with a short ANSI escape sequence. In addition, a malicious mosh-server can cause the [More...]

Updated mesa packages fix security vulnerability: The glsl shaders are vulnerable to a buffer overrun in parcel_out_uniform_storage::visit_field. When too many uniforms are used, the error will now be caught in check_resources [More...]

Updated mariadb packages includes fixes for the following security vulnerabilities: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity [More...]

Updated lynx package fixes security vulnerability: Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to [More...]

Updated libytnef package fixes security vulnerability: Function DecompressRTF() in libytnef 1.5 leads to a buffer overflow on certain TNEF files (presumably, on files, generated by some recent versions of MS software). [More...]

The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the Connection: TE,,Keep-Alive header (CVE-2012-5533). [More...]

Updated libupnp packages fix security vulnerabilities: The Portable SDK for UPnP Devices libupnp library contains multiple buffer overflow vulnerabilities. Devices that use libupnp may also accept UPnP queries over the WAN interface, therefore exposing the [More...]

A vulnerability was found and corrected in libotr: Just Ferguson discovered that libotr, an off-the-record (OTR) messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can [More...]

Updated keepalived package fixes security vulnerability: The pidfile_write function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the (1) keepalived.pid, (2) checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local [More...]

Updated java-1.7.0-openjdk packages fix security vulnerabilities: Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2012-3174, [More...]

Updated jakarta-poi packages fix security vulnerability: It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the [More...]

Updated ircd-hybrid packages fix security vulnerability: Bob Nomnomnom reported a Denial of Service vulnerability in IRCD-Hybrid, an Internet Relay Chat server. A remote attacker may use an error in the masks validation and crash the server (CVE-2013-0238). [More...]

Updated imagemagick packages fix security vulnerability: The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 and earlier does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service [More...]

Updated icecast package fixes security vulnerability: Icecast didn't strip newlines from log entries, therefore allowing users to forge log entries (CVE-2011-4612) [More...] _______________________________________________________________________

A security issue was identified and fixed in icclib: An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or [More...]

A security issue was identified and fixed in argyllcms: An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or [More...]

This hplip update addresses the folloving issues: Print/Fax queues can now be analyzed by running hp-diagnose-queues fixes some issues and duplex scanning support with newer AIO devices [More...]

Multiple security issues was identified and fixed in mozilla firefox: Mozilla community member Tobias Schula reported that if gfx.color_management.enablev4 preference is enabled manually in about:config, some grayscale PNG images will be rendered incorrectly [More...]

Multiple vulnerabilities has been found and corrected in groff: contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file (CVE-2009-5044). [More...]

Multiple vulnerabilities has been found and corrected in groff: contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file (CVE-2009-5044). [More...]

Updated gnome-keyring package fixes security vulnerability: gnome-keyring seems to obey the configuration asking it to stop caching passphrases, but after a while it doesn't cache nor does it ask for the passphrase (CVE-2012-3466). [More...]

Updated glib2.0 packages fix security vulnerability: It was discovered that the version of glib shipped with MBS 1 does not sanitise certain DBUS related environment variables. When used in combination with a setuid application which utilises dbus via [More...]

Updated gimp packages fix security vulnerabilities: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could [More...]

Updated gegl packages fix security vulnerability: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm (Portable Pixel Map) image files. An attacker could create a specially-crafted .ppm file [More...]

Updated ganglia packages fix security vulnerability: There is a security issue in Ganglia Web going back to at least 3.1.7 which can lead to arbitrary script being executed with web user privileges possibly leading to a machine compromise. [More...]

Updated ffmpeg packages fix security vulnerabilities: h264: Add check for invalid chroma_format_idc (CVE-2012-0851) h263dec: Disallow width/height changing with frame threads [More...]

Updated fail2ban package fixes security vulnerability: fail2ban before 0.8.8 didn't escape the content of \<matches\> (if used in custom action files), which could cause issues on the system running fail2ban as it scans log files, depending on what content is matched, [More...]

Updated ettercap package fixes security vulnerability: The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read\(\) [More...]

Updated emacs packages fix security vulnerabilities: Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede [More...]

Updated elinks package fixes security vulnerability: Marko Myllynen discovered that ELinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate (CVE-2012-4545). [More...]

Updated drupal packages fix security vulnerabilities: Drupal core's text filtering system provides several features including removing inappropriate HTML tags and automatically linking content that appears to be a link. A pattern in Drupal's text matching was [More...]

Updated dokuwiki package fixes security vulnerabilities: DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by [More...]

Updated dnsmasq packages fix security vulnerabilities: When dnsmasq before 2.63 is used in conjunctions with certain configurations of libvirtd, network packets from prohibited networks (e.g. packets that should not be passed in) may be sent to the dnsmasq [More...]

Updated dbus-glib packages fix security vulnerability: A privilege escalation flaw was found in the way dbus-glib, the D-Bus add-on library to integrate the standard D-Bus library with the GLib thread abstraction and main loop, performed filtering of the message [More...]

Updated dbus packages fix security vulnerability: It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting [More...]

Updated cups-pk-helper package fixes security vulnerability: cups-pk-helper, a PolicyKit helper to configure CUPS with fine-grained privileges, wraps CUPS function calls in an insecure way. This could lead to uploading sensitive data to a CUPS resource, or overwriting [More...]

When using the authpgsql module and if the Postgres server goes down, authpgsql will start leaking memory. A packaging flaw was discovered that caused the courier-authlib-devel package to be installed when installing for example maildrop. [More...]

Updated couchdb packages fix security vulnerabilities: A security flaw was found in the way Apache CouchDB, a distributed,fault- tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API, processed certain [More...]

Multiple vulnerablilities was identified and fixed in bugzilla: The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x before 3.6.10, 3.7.x and 4.0.x before 4.0.7, 4.1.x and 4.2.x before 4.2.2, and 4.3.x before 4.3.2 does not check whether an attachment [More...]

Updated boost packages fix security vulnerability: A security flaw was found in the way ordered_malloc() routine implementation in Boost, the free peer-reviewed portable C++ source libraries, performed 'next-size' and 'max_size' parameters [More...]

Updated bogofilter package fixes security vulnerability: In bogofilter before 1.2.3, bogofilter's/bogolexer's base64 could overwrite heap memory in the character set conversion in certain pathological cases of invalid base64 code that decodes to incomplete [More...]

Updated bip package fixes security vulnerability: Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file [More...]

Updated backuppc packages fix security vulnerabilities: Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share [More...]

Updated accountsservice packages fix security vulnerability: Florian Weimer discovered that AccountsService incorrectly handled privileges when copying certain files to the system cache directory. A local attacker could exploit this issue to read arbitrary files, [More...]

Multiple XXS vulnerabilities was found and corrected in awstats (CVE-2012-4547). The updated packages have been patched to correct this issue. [More...] _______________________________________________________________________

A security issue was identified and fixed in ISC DHCP: libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack [More...]

A security issue was identified and fixed in ISC BIND: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory [More...]

A security issue was identified and fixed in xinetd: builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access [More...]

Multiple vulnerabilities was found and corrected in libxml2: A heap-buffer overflow was found in the way libxml2 decoded certain XML entitites. A remote attacker could provide a specially-crafted XML file, which once opened in an application linked against libxml [More...]

Multiple vulnerabilities has been found and corrected in wireshark: Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed. Discovered by Laurent Butti (https://www.wireshark.org/security/wnpa-sec-2012-08.html [More...]

Multiple vulnerabilities has been found and corrected in sudo: A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the [More...]

A vulnerability has been found and corrected in proftpd: ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands [More...]

Multiple vulnerabilities has been found and corrected in openssl: OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL [More...]

A vulnerability has been found and corrected in openssh: The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial [More...]

Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not [More...]

A vulnerability has been discovered and corrected in net-snmp: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend [More...]

Multiple vulnerabilities has been discovered and corrected in ncpfs: ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, [More...]

A vulnerability has been discovered and corrected in libxslt: The XSL implementation in libxslt allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors (CVE-2012-2825). [More...]

Updated libtiff packages fix security vulnerabilities: libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would [More...]

Updated libssh packages fix security vulnerabilities: Multiple double free flaws, buffer overflow flaws, invalid free flaws, and improper overflow checks in libssh before 0.5.3 could enable a denial of service attack against libssh clients, or possibly [More...]

A vulnerability has been discovered and corrected in libjpeg: A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create [More...]

This update fixes insecure getenv() usage in libgssglue, which could be used under some circumstances by local attackers do gain root privileges (CVE-2011-2709). [More...] _______________________________________________________________________

Multiple vulnerabilities has been discovered and corrected in krb5: Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the create privilege (CVE-2012-1013). [More...]

A vulnerability has been found and corrected in html2ps: Directory traversal vulnerability in html2ps before 1.0b7 allows remote attackers to read arbitrary files via directory traversal sequences in SSI directives (CVE-2009-5067). [More...]

Nadhem Alfardan and Kenny Paterson devised an attack that recovers some bits of the plaintext of a GnuTLS session that utilizes that CBC ciphersuites, by using timing information (CVE-2013-1619). The gnutls package has been updated to latest 3.0.28 version to fix [More...]

A vulnerability has been found and corrected in gnupg: Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a [More...]

Updated freetype2 packages fixes security vulnerabilities: A null pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format (BDF) fonts. A remote attacker could provide a specially-crafted BDF font [More...]

Updated freeradius packages fixes security vulnerabilities: It was found that the unix module ignored the password expiration setting in /etc/shadow. If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with [More...]

A vulnerability has been discovered and corrected in exif: An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information [More...]

Multiple vulnerabilities has been found and corrected in fetchmail: Fetchmail version 6.3.9 enabled all SSL workarounds (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, [More...]

Multiple vulnerabilities has been discovered and corrected in libexif: A heap-based out-of-bounds array read in the exif_entry_get_value function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain [More...]

Updated cups packages fixes bugs and security vulnerabilities: During the process of CUPS socket activation code refactoring in favour of systemd capability a security flaw was found in the way CUPS service honoured Listen localhost:631 cupsd.conf configuration option. The [More...]

Updated cronie package fixes the following issue: It was reported that cronie 1.4.8 would leak certain file descriptors. On systems where /etc/crontab is not world-readable this could be an information disclosure concern (CVE-2012-6097). [More...]

Multiple vulnerabilities has been found and corrected in coreutils: Long line inputs could trigger a segfault in the sort, uniq and join utilities (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223). [More...]

A vulnerability was found and corrected in bash: A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names ('test' command) and evaluating /dev/fd file [More...]

A vulnerability has been discovered and corrected in arpwatch: arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities [More...]

A vulnerability has been discovered and corrected in automake: A race condition in automake (lib/am/distdir.am) could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck (CVE-2012-3386). [More...]

A vulnerability has been discovered and corrected in apache-mod_security: ModSecurity <= 2.6.8 is vulnerable to multipart/invalid part ruleset bypass, this was fixed in 2.7.0 (released on2012-10-16) [More...]

A vulnerability was found and corrected in bash: A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names ('test' command) and evaluating /dev/fd file [More...]

A vulnerability has been discovered and corrected in automake: A race condition in automake (lib/am/distdir.am) could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck (CVE-2012-3386). [More...]

A vulnerability has been discovered and corrected in arpwatch: arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities [More...]

A vulnerability has been discovered and corrected in apache-mod_security: ModSecurity <= 2.6.8 is vulnerable to multipart/invalid part ruleset bypass, this was fixed in 2.7.0 (released on2012-10-16) [More...]

Multiple vulnerabilities has been found and corrected in apache (ASF HTTPD): Various XSS (cross-site scripting vulnerability) flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, [More...]

Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]

An updated haproxy package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate [More...]

Updated kvm packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

This update fixes one security issue in multiple rubygem packages for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate [More...]

An updated stunnel package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

Updated puppet packages that fix several security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having [More...]

Updated openstack-nova packages that fix two security issues and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More...]

Updated openstack-glance packages that fix one security issue and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More...]

Updated openstack-keystone packages that fix two security issues and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More...]

New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues. [More Info...]

New subversion packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. [More Info...]

NVIDIA graphics drivers could be made to run programs as an administrator.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

Several security issues were fixed in Thunderbird.

This update provides a compatible version of Unity Firefox Extension forFirefox 20.

Firefox could be made to crash or run programs as your login if itopened a malicious website.

Libav could be made to crash or run programs as your login if it opened aspecially crafted file.

Several security issues were fixed in PostgreSQL.