1822 matches found
kernel: ima: fix add LSM rule bug
The imalsmruleinit function in security/integrity/ima/imapolicy.c in the Linux kernel before 2.6.37, when the Linux Security Modules LSM framework is disabled, allows local users to bypass Integrity Measurement Architecture IMA rules in opportunistic circumstances by leveraging an administrator's...
PT-2012-1497 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37 Description: The issue allows local users to bypass Integrity Measurement Architecture IMA rules under certain circumstances when the Linux Security Modules LSM framework is disabled. This can happen when...
Mandriva Linux Security Advisory : openldap (MDVSA-2011:055)
Multiple vulnerabilities has been identified and fixed in openldap : chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicyforwardupdates aka authentication-failure forwarding is used, allows remote authenticated users to bypass...
[SECURITY] Fedora 14 Update: policycoreutils-2.0.85-19.fc14
Security-enhanced Linux is a feature of the Linux=C2=AE kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security o...
MDVA-2011:011 : mono-tools
A dependency problem was discovered with mono-tools in that it required a much older version of libxulrunner than the current latest one, this advisory addresses this problem. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:...
HITB MagazineVolume 1, Issue 5 Download !
Contents of HITB Magazine Issue 005: Linux Security: Investigating Kernel Return Codes with the Linux Audit System Network Security: Secure Shell Attack Measurement and Mitigation and ARP Spoofing Attacks & Methods for Detection and Prevention: Exploiting Web Virtual Hosting –Malware Infections...
Mandriva Linux Security Advisory : dhcp (MDVSA-2011:022)
A vulnerability has been found and corrected in dhcp : The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service assertion failure and daemon crash by sending a message over...
MDVA-2011:002 : cyrus-sasl
The saslauth daemon cyrus-sasl could crash under heavy load. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/productinfo.php?cPath=149&productsid=490 The updated packages has been patched to address this...
SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3276 / 3280 / 3284)
This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes. The following security issues were fixed : - local users could crash the system by causing a NULL deref in the keyctlsessiontoparent function. CVE-2010-2960 - local users could crash th...
MDVA-2010:241 : nss
A bug it the NSS source rpm package did not pull in the latest and required version of NSPR 4.8.6 when building NSS 61964. Additionally the rootcerts package was updated with the latest certdata.txt file from the mozilla cvs 20101202 and is also provided with this advisory. %NASLMINLEVEL 70300...
MDVA-2010:231 : x11-driver-input-evtouch
The evtouch Xorg driver was not working because its ABI Application Binary Interface was too old. The new version contains the necessary ABI updates, so the driver can now work correctly. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a...
MDVA-2010:228 : firefox
This is a maintenance and bugfix release of firefox that upgrades firefox to the 3.6.12 version and adds missing localization packages for the Georgian, Kurdish, Occitan and Serbian languages. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn...
RedHat Update for systemtap RHSA-2010:0894-01
Check for the Version of systemtap OpenVAS Vulnerability Test RedHat Update for systemtap RHSA-2010:0894-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
MDVA-2010:226 : perl-URPM
This advisory fixes the gpg keys parsing, which were resulting in some warnings bug 61636. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was automatical...
[ MDVSA-2010:224 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:224 http://www.mandriva.com/security/ Package : php Date : November 9, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability was discovered...
Mandriva Linux Security Advisory : apr-util (MDVSA-2010:192)
A denial of service attack against aprbrigadesplitline was discovered in apr-util CVE-2010-1623. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/productinfo.php?cPath=149&productsid=4 90 The update...
MDVA-2010:196 : firefox
This is a maintenance release of mozilla firefox and thunderbird that upgrades firefox to 3.6.10 and thunderbird to 3.0.8. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:...
MDVA-2010:108 : kde4
In mandriva 2010.0, we provided KDE 4.3.2, this update brings KDE to version 4.3.5, overall, it provides many bug fixes and enhancements. For a complete list with changes, access the official announcement at http://www.kde.org/announcements/announce-4.3.5.php In addiction we are providing new...
MDVA-2010:129 : netcdf
This updates fixes a wrong Obsoletes: tag on netcdf package which would break upgrades to 2010.1. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...
MDVA-2009:070 : x11-driver-video-ati
When using the ati Xorg driver with two monitors attached the mouse cursor might be drawn incorrectly. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network...