Scientific Linux Security Update : openssl on SL5.x, SL6.x i386/x86_64 (20120424)

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1...

Scientific Linux Security Update : libsoup on SL6.x i386/x86_64

libsoup is an HTTP client/library implementation for GNOME. A directory traversal flaw was found in libsoup's SoupServer. If an application used SoupServer to implement an HTTP service, a remote attacker who is able to connect to that service could use this flaw to access any local files accessib...

Scientific Linux Security Update : jasper on SL6.x i386/x86_64

JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause...

Scientific Linux Security Update : systemtap on SL5.x i386/x86_64

SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap...

Scientific Linux Security Update : libtiff on SL5.x, SL6.x i386/x86_64 (20120410)

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaw...

Scientific Linux Security Update : squid on SL6.x i386/x86_64

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. An input validation flaw was found in the way Squid calculated the total number of resource records in the answer section of multiple name server responses. An attacker could use this...

Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20120202)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the fix for CVE-2011-4885 released via in a previous update for php53 introduced an uninitialized memory use flaw. A remote attacker could send a specially crafted HTTP request to cause th...

Scientific Linux Security Update : foomatic on SL4.x, SL5.x i386/x86_64

Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in Perl...

Scientific Linux Security Update : dhcp on SL4.x, SL5.x, SL6.x i386/x86_64

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. Two denial of service flaws were found in the way the dhcpd daemon handle...

Scientific Linux Security Update : krb5 on SL6.x i386/x86_64

Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center KDC. A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS...

Scientific Linux Security Update : raptor on SL6.x i386/x86_64 (20120322)

Raptor provides parsers for Resource Description Framework RDF files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially crafted RDF file, it could possibly allow a remote attacker to obtain a cop...

Scientific Linux Security Update : samba on SL5.x i386/x86_64 (20120223)

Samba is a suite of programs used by machines to share files, printers, and other information. An input validation flaw was found in the way Samba handled Any Batched AndX requests. A remote, unauthenticated attacker could send a specially crafted SMB packet to the Samba server, possibly resultin...

Scientific Linux Security Update : apr on SL4.x, SL5.x i386/x86_64

The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the aprfnmatch function when the APRFNMPATHNAME matching flag was...

Scientific Linux Security Update : rpm on SL5.x, SL6.x i386/x86_64 (20120403)

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially crafted RPM package...

Scientific Linux Security Update : conga on SL4.x i386/x86_64

The conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to rea...

Scientific Linux Security Update : postgresql on SL4.x, SL5.x, SL6.x i386/x86_64

PostgreSQL is an advanced object-relational database management system DBMS. A signedness issue was found in the way the crypt function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII...

Scientific Linux Security Update : foomatic on SL6.x i386/x86_64

Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An...

Scientific Linux Security Update : php on SL5.x, SL6.x i386/x86_64 (20120507)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially crafted request to a PHP script that would result in the que...

Scientific Linux Security Update : icu on SL5.x, SL6.x i386/x86_64

The International Components for Unicode ICU library provides robust and full-featured Unicode services. A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially crafted locale representation was opened in an...

Scientific Linux Security Update : sudo on SL5.x, SL6.x i386/x86_64 (20120716)

The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run...