|
(May 13) |
|
Security Report Summary
|
|
(May 13) |
|
Security Report Summary
|
|
(May 12) |
|
Security Report Summary
|
|
(May 11) |
|
Security Report Summary
|
|
(May 10) |
|
Security Report Summary
|
|
(May 10) |
|
Security Report Summary
|
|
(May 9) |
|
Security Report Summary
|
|
(May 7) |
|
Security Report Summary
|
|
(May 7) |
|
Security Report Summary
|
|
|
|
(May 14) |
|
Update to new upstream.
|
|
(May 14) |
|
Update to new upstream.
|
|
(May 14) |
|
Security fix for CVE-2015-3146
|
|
(May 14) |
|
updated to 3.3.15 (#1218426,#1218513)
|
|
(May 14) |
|
This is an update to the set of CA certificates released with NSS version 3.18.1However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the "ca-legacy disable" command.This update adds a manual page for the ca-legacy command.This update changes the names of the possible values in the ca-legacy configuration file. It still uses the term legacy=disable to override the compatibility option and follow the upstream Mozilla.org decision. However it now uses the term legacy=default for the default configuration, to make it more obvious that the legacy certificates won't be kept enabled forever.
|
|
(May 12) |
|
Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patch .Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840
|
|
(May 12) |
|
This update addresses a security vulnerability identified as CVE-2015-1863 . More information on this vulnerability is provided by upstream at https://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt . An extract:Attacker (or a system controlled by the attacker) needs to be within radio range of the vulnerable system to send a suitably constructed management frame that triggers a P2P peer device information to be created or updated.The vulnerability is easiest to exploit while the device has started an active P2P operation (e.g., has ongoing P2P_FIND or P2P_LISTEN control interface command in progress). However, it may be possible, though significantly more difficult, to trigger this even without any active P2P operation in progress.
|
|
(May 12) |
|
Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patchSecurity fix for CVE-2014-8625 and Security fix for CVE-2015-0840
|
|
(May 12) |
|
ClamAV 0.98.7=============This release contains new scanning features and bug fixes. - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305. - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. - Improve detections within xar/pkg files.
|
|
(May 12) |
|
The 3.19.7 update contains an number of important fixes across the tree.The 3.19.6 stable update contains an number of fixes across the kernel tree
|
|
(May 12) |
|
insecure use of /tmp in mktexlsr
|
|
(May 12) |
|
Fixed dcraw vulnerability in ljpeg_start()
|
|
(May 11) |
|
updated to 3.3.15 (#1218426,#1218513)
|
|
(May 11) |
|
This is an update of NetworkManager, the VPN plugins, applet and connection editor to 1.0.2 stable release.The update includes bug fixes, feature additions, translation updates and a fix for the CVE-2015-2924 denial of service security issue with low impact.
|
|
(May 11) |
|
This is an update of NetworkManager, the VPN plugins, applet and connection editor to 1.0.2 stable release.The update includes bug fixes, feature additions, translation updates and a fix for the CVE-2015-2924 denial of service security issue with low impact.
|
|
(May 11) |
|
This is an update of NetworkManager, the VPN plugins, applet and connection editor to 1.0.2 stable release.The update includes bug fixes, feature additions, translation updates and a fix for the CVE-2015-2924 denial of service security issue with low impact.
|
|
(May 11) |
|
This is an update to the set of CA certificates released with NSS version 3.18.1However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the "ca-legacy disable" command.
|
|
(May 11) |
|
This is an update of NetworkManager, the VPN plugins, applet and connection editor to 1.0.2 stable release.The update includes bug fixes, feature additions, translation updates and a fix for the CVE-2015-2924 denial of service security issue with low impact.
|
|
(May 11) |
|
This is an update of NetworkManager, the VPN plugins, applet and connection editor to 1.0.2 stable release.The update includes bug fixes, feature additions, translation updates and a fix for the CVE-2015-2924 denial of service security issue with low impact.
|
|
(May 11) |
|
This is an update of NetworkManager, the VPN plugins, applet and connection editor to 1.0.2 stable release.The update includes bug fixes, feature additions, translation updates and a fix for the CVE-2015-2924 denial of service security issue with low impact.
|
|
(May 11) |
|
The 4.0.2 stable update contains a number of important fixes across the tree.
|
|
(May 11) |
|
t1utils Version 1.39 (2015-02-26)================================= * t1disasm: Security fixes for buffer overrun reported by Jakub Wilk and Niels Thykier.t1utils Version 1.38 (2013-09-29)================================= * t1disasm: Fix an infinite loop on some fonts reported by Niels Thykier.
|
|
(May 11) |
|
Security fix for CVE-2015-2694
|
|
(May 10) |
|
Security fix for
|
|
(May 10) |
|
New upstream - 37.0.2
|
|
(May 10) |
|
New upstream - 37.0.2
|
|
(May 10) |
|
Update to version 31.6.
|
|
(May 10) |
|
Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4)
|
|
(May 10) |
|
Prosody 0.9.8=============A summary of changes in this release:High---- * Ensure only valid UTF-8 is passed to libidn. It was found (CVE-2015-2059) that libidn can read beyond the boundaries of the provided buffer when an input string contains invalid UTF-8 sequences.Systems where Prosody is compiled to use libICU are not affected by this issue.Medium------ * DNS: Fix traceback caused when DNS server IP is unroutable (issue 473) * HTTP client: More robust handling of chunked encoding across packet boundaries * Stanza router: Fix handling of 'error' 's with multiple childrenMinor----- * c2s: Fix error reply when clients try to bind multiple resources on the same stream (issue 484) * s2s: Ensure to/from attributes are always present on stream headers, even if empty (issue 468) * Build scripts: Add --libdir option to ./configure to simplify building on some platforms * Fix traceback in datamanager when used outside of Prosody (e.g. in some migration tools) * mod_admin_telnet: Fix potential traceback in server:memory() command (issue 471) * HTTP server: Improved debug loggingProsody 0.9.7=============A summary of changes in this release: * util.stanza: Don't XML-escape whitespace * prosodyctl: Fix traceback in 'about' command with LuaRocks 2.2.0Prosody 0.9.6=============Note: This release disables SSLv3 by default, which has been shown to be insecure when used by clients. Clients that only support SSLv3 will no longer be able to connect. There are not many of these nowadays, but they exist.A summary of changes in this release: * certmanager, net.http: Disable SSLv3 by default * net.http.parser: Support status code 101 and allow handling of the received data by plugins * util.filters: Ignore filters being added twice (fixes issues on removal, i.e. when some plugins are reloaded/unloaded) * mod_s2s: Close offending s2s streams missing an 'id' attribute with a stream error instead of throwing an unhandled error * Networking API: Add 'ondetach' callback for listener objects, to prevent leaks when connections have their listener changed * core.stanza_router: Stricter validation of stanzas * mod_admin_adhoc: Mark 'accountjids' field as required in 'end user sessions' command (thanks Lloyd) * mod_admin_adhoc: Add required to field in user deletion form too * net.dns: Avoid duplicate cache entries * util.stanza: Escape newlines and tabs ( ) when serializing stanzas. * util/dataforms: Make sure we iterate over field tags only * mod_s2s: Capitalize log message * mod_pubsub: Fix error type of 'forbidden' (change from 'cancel' to 'auth')Prosody 0.9.5=============A summary of changes in this release: * C2S: Fix traceback if a client opens a stream to component, which could cause a crash in combination with some versions of LuaEvent * C2S, S2S: Log received invalid stream headers * S2S: Fix case where stream headers were sometimes sent twice * DNS: Ensure all pending requests get notified of a timeout when looking up a record * DNS: Fix duplicated cache insertions by limiting outstanding queries per name to one * xmppstream: Disable LuaExpat's buffering * xmppstream: Disable CharacterData merging after stream restarts * xmppstream: Pass invalid stream headers to error handling * Privacy lists: Correctly sort privacy list rules by order * prosody: Check dependencies later in the startup sequence * Config: Delay importing LuaFileSystem until needed by an Include line * Config: Normalize VirtualHost and Component names * prosodyctl: Normalize JIDs for adduser/passwd/deluser * POSIX: Fix error reporting from disk space allocation * POSIX: Verify that 'pidfile' is a string, show friendly error otherwise * Dependency checking: Check that prosody is running under Lua 5.1. We don't currently support any other versions. (LuaJIT identifies as 5.1) * Compliance: Reset stream ID when resetting stream * Compression: Log compression setup errors * Console: Fix commands for adding and replacing name servers * Console MUC commands: Fix error when a non-existent host is entered * Filters: Prevent filters from being added twice * Network: Transfer all available data between linked sockets * dataforms: Add support for XEP-0221: Data Forms Media ElementProsody 0.9.4=============A summary of changes in this release: * Compression: Disallow compression on unauthenticated streams * Core: Limit default read size and maximum stanza size * Core: Enable SASL EXTERNAL by default for component s2s * S2S: Warn if `s2s_secure_auth` and `s2s_require_encryption` have been set in conflicting ways * S2S: Warn if no local network addresses were found, preventing successful s2s * MUC: Fix traceback when a non-occupant tried to change an occupant's role * MUC: API: Fire an event when temporary rooms are destroyed after the last person leaves * Telnet: Fixed traceback when listing users * Telnet: Apply normalization to JIDs in user management commands * HTTP: Fix directory detection in file server on Windows * Plugins: Fix paths on Windows * MOTD: Don't strip blank lines from the message provided in the config * prosodyctl: Better error reporting when generating certificates * Makefile: Improve FreeBSD compatibility * Multiple fixes to our migration tools, and support for importing MUCs from ejabberdProsody 0.9.3=============A summary of changes in this release: * A config file passed as command line argument is no longer forgotten when config is reloaded * MUC: Allow admins to always bypass restrict_room_creation * Strip trailing '.' when normalizing hostnames * HTTP: Prevent silent connection failures * Components: Alow easier overriding of component authentication by plugins * Components: Enable TCP keepalives * Migrator: Better error reporting and improved robustness * S2S: Include IP in log messages, if hostname is unavailable * TLS: Log error when initialization failsProsody 0.9.2=============Note: If you are upgrading from 0.8.x or earlier, please read the 0.9.0 upgrade notes at http://prosody.im/doc/release/0.9.0 !A summary of changes in this release: * Debian/Ubuntu packages fixed to always generate per-system certs * TLS: Improved cipher string, and use Prosody's preferred ciphers instead of the client's * MUC: Fix for Spark clients not displaying room listsFor more details behind the security improvements, see the release announcement at http://blog.prosody.im/prosody-0-9-2-released/.
|
|
(May 10) |
|
Vadim Melihow reported a critical issue with proftpd installations that use the mod_copy module's SITE CPFR/SITE CPTO commands; mod_copy allows these commands to be used by unauthenticated clientsUpstream report: http://bugs.proftpd.org/show_bug.cgi?id=4169Note that mod_copy is not loaded/enabled by default in the Fedora package.
|
|
(May 10) |
|
CVE-2015-1774: out-of-bounds write in HWP file filter
|
|
(May 10) |
|
insecure use of /tmp in mktexlsr
|
|
(May 10) |
|
Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4)
|
|
(May 10) |
|
Security fix for
|
|
(May 8) |
|
Fix build for all versions, previous try wasn't correct and back with dpkg-perl-libexecdir.patchRevert location of dpkg/parsechangelog . Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840 Security fix for CVE-2014-8625 and Security fix for CVE-2015-0840
|
|
(May 8) |
|
**WordPress 4.2 “Powell” *** Upstream announcement https://wordpress.org/news/2021/02/wordpress-is-freedom/ 4.2.1 Security Release*** Upstream announcement https://wordpress.org/news/2015/04/wordpress-4-2-1/
|
|
(May 8) |
|
Fix for ARM-only CVE-2014-3152
|
|
(May 8) |
|
Fix for ARM-only CVE-2014-3152
|
|
(May 8) |
|
Fixes for security issues: rhbz#1205752 rhbz#1205753
|
|
(May 8) |
|
Security fix for CVE-2013-7398, CVE-2013-7397
|
|
(May 8) |
|
Fix for ARM-only CVE-2014-3152
|
|
(May 8) |
|
Security fix for CVE-2014-0225
|
|
(May 8) |
|
TestDisk 7.0 fixes several stack overflows. The new photorec is faster.qphotorec is a qt4 version of PhotoRec.Full release notes: https://www.cgsecurity.org/wiki/TestDisk_7.0_Release
|
|
|
|
(May 13) |
|
Multiple vulnerabilities have been found in Ettercap, the worst of which allows remote attackers to execute arbitrary code.
|
|
|
|
Mandriva: 2015:232: libtasn1 (May 8) |
|
Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function _asn1_extract_der_octet() (CVE-2015-3622). [More...]
|
|
Mandriva: 2015:231: perl-XML-LibXML (May 7) |
|
Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain [More...]
|
|
|
|
Red Hat: 2015:0999-01: qemu-kvm: Important Advisory (May 13) |
|
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:1007-01: java-1.7.0-ibm: Critical Advisory (May 13) |
|
Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
|
|
Red Hat: 2015:1005-01: flash-plugin: Critical Advisory (May 13) |
|
An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
|
|
Red Hat: 2015:1003-01: kvm: Important Advisory (May 13) |
|
Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:1004-01: qemu-kvm-rhev: Important Advisory (May 13) |
|
Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0, Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6 and 7, and Red Hat Enterprise Linux OpenStack Platform 6.0. [More...]
|
|
Red Hat: 2015:1006-01: java-1.6.0-ibm: Critical Advisory (May 13) |
|
Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
|
|
Red Hat: 2015:1002-01: xen: Important Advisory (May 13) |
|
Updated xen packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0998-01: qemu-kvm: Important Advisory (May 13) |
|
Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0983-01: tomcat: Moderate Advisory (May 12) |
|
Updated tomcat packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0986-01: kexec-tools: Moderate Advisory (May 12) |
|
Updated kexec-tools packages that fix one security issue, one bug, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0981-01: kernel-rt: Important Advisory (May 12) |
|
Updated kernel-rt packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0989-01: kernel-rt: Important Advisory (May 12) |
|
Updated kernel-rt packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0991-01: tomcat6: Moderate Advisory (May 12) |
|
Updated tomcat6 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0990-01: pcs: Important Advisory (May 12) |
|
Updated pcs packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0980-01: pcs: Important Advisory (May 12) |
|
Updated pcs packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0987-01: kernel: Important Advisory (May 12) |
|
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0988-01: firefox: Critical Advisory (May 12) |
|
Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security [More...]
|
|
|
|
(May 13) |
|
New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
|
|
(May 12) |
|
New mysql packages are available for Slackware 14.0 to fix security issues. [More Info...]
|
|
(May 12) |
|
New wpa_supplicant packages are available for Slackware 14.0, 14.1, and -current to fix security issues. [More Info...]
|
|
(May 12) |
|
New mariadb packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
|
|
|
|
Ubuntu: 2602-1: Firefox vulnerabilities (May 13) |
|
Firefox could be made to crash or run programs as your login if itopened a malicious website.
|
|
Ubuntu: 2608-1: QEMU vulnerabilities (May 13) |
|
Several security issues were fixed in QEMU.
|
|
Ubuntu: 2607-1: Module::Signature vulnerabilities (May 12) |
|
Several security issues were fixed in Module::Signature.
|
|
Ubuntu: 2606-1: OpenSSL update (May 12) |
|
OpenSSL TLSv1.2 client support has been enabled in Ubuntu 12.04 LTS.
|
|
Ubuntu: 2605-1: ICU vulnerabilities (May 11) |
|
ICU could be made to crash or run programs as your login if it processedspecially crafted data.
|
|
Ubuntu: 2604-1: Libtasn1 vulnerability (May 11) |
|
Libtasn1 could be made to crash or run programs if it processed speciallycrafted data.
|
|
Ubuntu: 2600-2: Linux kernel regression (May 8) |
|
USN-2600-1 Introduced a regression in the Linux kernel.
|
|
Ubuntu: 2598-2: Linux kernel regression (May 8) |
|
USN-2598-1 Introduced a regression in the Linux kernel.
|
|
Ubuntu: 2599-2: Linux kernel (Utopic HWE) vulnerability (May 8) |
|
USN-2599-1 Introduced a regression in the Linux kernel.
|
|
Ubuntu: 2597-2: Linux kernel (Trusty HWE) regression (May 8) |
|
USN-2597-1 Introduced a regression in the Linux kernel.
|
