[SECURITY] Fedora 20 Update: libserf-1.3.7-1.fc20

The serf library is a C-based HTTP client library built upon the Apache Portable Runtime APR library. It multiplexes connections, running the read/write communication asynchronously. Memory copies and transformations are kept to a minimum to provide high performance operation...

AIX Java Advisory : java_apr2014_advisory.asc

The version of Java SDK installed on the remote host is potentially affected by the following vulnerabilities : - There is an information disclosure flaw in libjpeg and libjpeg-turbo allowing remote attackers access to uninitialized memory via crafted JPEG images. CVE-2013-6629 - A vulnerability ...

Debian DSA-2971-1 : dbus - security update

Several vulnerabilities have been discovered in dbus, an asynchronous inter-process communication system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2014-3477 Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an AccessDenied error to...

[SECURITY] [DSA 2971-1] dbus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2971-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 02, 2014 http://www.debian.org/security/faq -...

PT-2015-4025 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.13 Description: The issue is related to the filesystem implementation in the Linux kernel, which uses an inappropriate locking approach when performing certain operations on lists of files. This can be exploit...

kernel: ext4: AIO vs fallocate stale data exposure

Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, whi...

Fedora Update for nodejs-graceful-fs FEDORA-2013-12908

Check for the Version of nodejs-graceful-fs OpenVAS Vulnerability Test Fedora Update for nodejs-graceful-fs FEDORA-2013-12908 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

PT-2013-4201 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue allows remote attackers to execute arbitrary code via a malformed asynchronous RPC request. An elevation of privilege vulnerability exists in the way that Windows...

August 2013 Microsoft Patch Tuesday Security Updates

Microsoft took less than a month to incorporate an Oracle Outside In patch and fix a critically rated remote code execution bug in Exchange Servers. The Microsoft patch is among three critical bulletins—eight overall—released today as part of its August 2013 Patch Tuesday security updates. Oracle...

Microsoft Windows RPC Elevation Of Privilege (MS13-062; CVE-2013-3175)

An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests...

Fedora Update for nodejs-vows FEDORA-2013-11780

Check for the Version of nodejs-vows OpenVAS Vulnerability Test Fedora Update for nodejs-vows FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

[SECURITY] Fedora 19 Update: nodejs-graceful-fs-2.0.0-2.fc19

Just like node.js' fs module, but it does an incremental back-off when EMFI LE is encountered. Useful in asynchronous situations where one needs to try to o pen lots and lots of files...

[SECURITY] Fedora 18 Update: nodejs-graceful-fs-2.0.0-2.fc18

Just like node.js' fs module, but it does an incremental back-off when EMFI LE is encountered. Useful in asynchronous situations where one needs to try to o pen lots and lots of files...

[SECURITY] Fedora 18 Update: nodejs-vows-0.7.0-6.fc18

Vows is an asynchronous behavior-driven development BDD framework for Node.js. Vows was built from the ground up to test asynchronous code. It executes your tests in parallel when it makes sense, and sequentially when there are dependencies. Emphasis was put on speed of execution, clarity and use...

Oracle Linux 6 : qpid (ELSA-2012-1269)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-1269 advisory. python-qpid 0.14-11 - BZs: 825078 - Resolves: rhbz840053 qpid-cpp 0.14-22.0.1.el63 - Update summary and description in specfile to be product neutral 0.14-22 -...

tomcat: Information disclosure in asynchronous context when using AsyncListeners that threw RuntimeExceptions

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

tomcat: Information disclosure in asynchronous context when using AsyncListeners that threw RuntimeExceptions

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

tomcat: Information disclosure in asynchronous context when using AsyncListeners that threw RuntimeExceptions

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...