189 matches found
Low: Red Hat Security Advisory: util-linux security, bug fix, and enhancement update
An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
[SECURITY] [DSA 3313-1] linux security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3313-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 2948-1 (python-bottle - security update)
It was discovered that Bottle, a WSGI-framework for Python, performed a too permissive detection of JSON content, resulting a potential bypass of security mechanisms. OpenVAS Vulnerability Test $Id: deb2948.nasl 6637 2017-07-10 09:58:13Z teissa $ Auto-generated from advisory DSA 2948-1 using nvtg...
Debian Security Advisory DSA 2880-1 (python2.7 - security update)
Multiple security issues were discovered in Python: CVE-2013-4238 Ryan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly. CVE-2014-1912 Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrominto function. OpenVAS...
Scientific Linux Security Update : mysql on SL5.x i386/x86_64
It was found that the MySQL PolyFromWKB function did not sanity check Well-Known Binary WKB data. A remote, authenticated attacker could use specially crafted WKB data to crash mysqld. This issue only caused a temporary denial of service, as mysqld was automatically restarted after the crash...
Scientific Linux Security Update : util-linux-ng on SL6.x i386/x86_64
The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function. Multiple flaws were found in the way the mount and umount commands performed mtab mounted file systems table file updates. A local, unprivileged user allow...
Scientific Linux Security Update : jasper on SL6.x i386/x86_64
JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause...
Scientific Linux Security Update : fence on SL4.x i386/x86_64
Insecure temporary file use flaws were found in fenceegenera, fenceapc, and fenceapcsnmp. A local attacker could use these flaws to overwrite an arbitrary file writable by the victim running those utilities via a symbolic link attack. CVE-2008-4192, CVE-2008-4579 This update also fixes the...
Mandrake Linux Security Advisory : util-linux (MDKSA-2003:016)
The util-linux package provides the mcookie utility, a tool for generating random cookies that can be used for X authentication. The util-linux packages that were distributed with Mandrake Linux 8.2 and 9.0 had a patch that made it use /dev/urandom instead of /dev/random, which resulted in the...