[SECURITY] Fedora 24 Update: dosfstools-3.0.28-3.fc24

The dosfstools package includes the mkdosfs and dosfsck utilities, which respectively make and check MS-DOS FAT filesystems on hard drives or on floppies...

[SECURITY] Fedora 24 Update: fuse-encfs-1.8.1-1.fc24

EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...

Fedora 23 : wpa_supplicant-2.4-6.fc23 (2015-6f16b5e39e)

wpasupplicant-2.4-6.fc23 - Make sure that network filesystems are unmounted when shutting down rh 1214466 - CVE-2015-4142: AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 22 : wpa_supplicant-2.4-7.fc22 (2015-1521e91178)

wpasupplicant-2.4-7.fc22 - Make sure that network filesystems are unmounted when shutting down rh 1214466 - CVE-2015-4142: AP WMM: Fix integer underflow in WMM Action frame parser rh 1221178 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 22 : ecryptfs-utils-109-1.fc22 (2016-7b9a2fe987)

manpage ecryptfs-migrate-home.8: Fix typos - clang static analysis fixes - Refuse to mount over non-standard filesystems. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

GLSA-201509-06 : Git: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-201509-06 Git: Arbitrary command execution A vulnerability in Git causing Git-compatible clients that access case-insensitive or case-normalizing filesystems to overwrite the .git/config when cloning or checking out a repository,...

Git: Arbitrary command execution

Background Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Description A vulnerability in Git causing Git-compatible clients that access case-insensitive or case-normalizing filesystems to...

TestDisk - Partition Recovery and File Undelete for Windows, Linux and Mac

TestDisk is powerful free data recovery software! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software : certain types of viruses or human error such as accidentally deleting a Partition Table...

[SECURITY] Fedora 21 Update: squashfs-tools-4.3-11.fc21

Squashfs is a highly compressed read-only filesystem for Linux. This packa ge contains the utilities for manipulating squashfs filesystems...

FUSE Local Elevation of Privilege Vulnerability

FUSE - Filesystem in Userspace, a Linux module for mounting certain network spaces, such as SSH, to the local filesystem, can be found on SourceForge. FUSE suffers from a local elevation of privilege vulnerability. A local attacker can exploit this vulnerability to overwrite arbitrary files using...

openSUSE Security Update : libgit2 (openSUSE-2015-288)

libgit2 was updated to fix an arbitrary command execution vulnerability on case-insentitive file systems. The following vulnerability was fixed : - When using programs using libgit2 on case-insensitive filesystems, .git/config could be overwritten, which allowed execution of arbitrary commands...

Fedora 20 : e2fsprogs-1.42.12-2.fc20 (2015-2279)

Changes e2fsck.conf so that for filesystems with time-based check intervals set in the superblock, these time-based checks will work again. You may need to wait through an e2fsck on your next reboot in this case. New upstream release Security fix for CVE-2015-0247 Note that Tenable Network Securi...

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

FreeBSD : git -- Arbitrary command execution on case-insensitive filesystems (1d567278-87a5-11e4-879c-000c292ee6b8)

The Git Project reports : When using a case-insensitive filesystem an attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. If you are a hosting...

git -- Arbitrary command execution on case-insensitive filesystems

The Git Project reports: When using a case-insensitive filesystem an attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. If you are a hosting...

USN-2419-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

USN-2416-1: Linux kernel (EC2) vulnerabilities

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

USN-2415-1: Linux kernel vulnerability

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service memory corruption or OOPS. CVE-2014-4608 Andy Lutomirski discovered that the Linux kernel was not checking the CAPSYSADMIN when remounting...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2419-1)

A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2420-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2420-1 advisory. A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A...