790 matches found
SUSE SLED11 / SLES11 Security Update : gtk2 (SUSE-SU-2016:0282-1)
This update for gtk2 fixes the following security issues : - CVE-2015-7552: various overflows, including heap overflow in flipping bmp files bsc958963 The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding...
SUSE-SU-2016:0282-1 Security update for gdk2
This update for gdk2 fixes the following security issues: - CVE-2015-7552: various overflows, including heap overflow in flipping bmp files bsc958963 The following non-security issues were fixed: - bsc960155: fix a possible divide by zero...
Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2016-0049)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0049 advisory. 1:1.8.0.71-2.b15 - Add md5sum for previous java.security file so it gets updated. - Resolves: rhbz1295753 1:1.8.0.71-1.b15 - Restore upstream version o...
MGASA-2016-0023 Updated qemu packages fix security vulnerabilities
A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...
SUSE-SU-2016:0050-1 Security update for libpng12
This update fixes the following security issue CVE-2015-8126 Multiple buffer overflows in the pngsetPLTE and pnggetPLTE functions allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact bsc954980...
SUSE-SU-2016:0010-1 Security update for kvm
This update for kvm fixes the following issues: Security issues fixed: - CVE-2015-7512: The receive packet size is now checked in the emulated pcnet driver, eliminating buffer overflow and potential security issue by malicious guest systems. bsc957162 - CVE-2015-8345: A infinite loop in processin...
SUSE-SU-2015:2386-1 Security update for grub2
This update for grub2 provides the following fixes: A security issues with a bufferoverflow when reading username and password was fixed bsc956631, CVE-2015-8370 Bugs fixed: - Expand list of grub.cfg search path in PV Xen guests for systems installed on btrfs snapshots. bsc946148, bsc952539 - Add...
Security update for grub2 (important)
This update for grub2 fixes the following issue: Changes in grub2: - CVE-2015-8370: Fix for overflow in grubpasswordget and grubuserget functions bnc956631...
Oracle: Security Advisory (ELSA-2013-0983)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : pcre-8.37-4.fc22 (2015-14235)
This release fixes a heap overflow when compiling certain regular expressions with named refecences. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
SUSE-SU-2015:1424-1 Security update for glibc
This update for glibc provides fixes for security and non-security issues. These security issues have been fixed: - CVE-2015-1781: Buffer length after padding in resolv/nssdns/dns-host.c. bsc927080 - CVE-2013-2207: ptchown did not properly check permissions for tty files, which allowed local user...
SUSE-SU-2015:1341-1 Security update for e2fsprogs
Two security issues were fixed in e2fsprogs: Security issues fixed: CVE-2015-0247: Various heap overflows were fixed in e2fsprogs fsck, dumpe2fs, e2image.... CVE-2015-1572: Fixed a potential buffer overflow in closefs bsc918346...
SUSE-SU-2015:1253-1 Security update for php5
This security update of PHP fixes the following issues: Security issues fixed: CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. CVE-2015-4026 bnc931776: pcntlexec did not check path validity. CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that resulted in a...
SUSE SLED11 / SLES11 Security Update : kernel (SUSE-SU-2014:0189-1)
The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to 3.0.101 and also includes various other bug and security fixes. A new feature was added : - supported.conf: marked net/netfilter/xtset as supported bnc851066fate313309 The following security bugs have been fixed : CVE-2013-4587:...
SUSE SLED12 / SLES12 Security Update : spice (SUSE-SU-2015:0884-1)
The remote desktop software SPICE was updated to address one security issue. The following vulnerabilitiy was fixed : - A stack-based buffer overflow in the password handling code allowed remote attackers to cause a denial of service crash via a long password in a SPICE ticket. bsc848279,...
MGASA-2015-0134 Updated php and libzip packages fix security vulnerabilities
Heap overflow vulnerability in regcomp.c in the ereg extension in PHP before 5.5.23 on 32-bit systems CVE-2015-2305. Integer overflow in zip extension in PHP before 5.5.23 leads to writing past heap boundary CVE-2015-2331. Use after free vulnerability in unserialize in PHP before 5.5.23...
DLA-25-3 python2.6 - regression update
Bulletin has no description...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix security issues and bugs. Security issues fixed: CVE-2014-3153: The futexrequeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEXREQUEUE...
[musl] Security advisory for musl libc - remote stack-based buffer overflow in DNS response parsing [CVE-2014-3484]
A remote stack-based buffer overflow has been found in musl libc's dns response parsing code. The overflow can be triggered in programs linked against musl libc and making dns queries via one of the standard interfaces getaddrinfo, getnameinfo, gethostbyname, gethostbyaddr, etc. if one of the...
openSUSE Security Update : libsndfile (openSUSE-SU-2011:0855-1)
An integer overflow in libsndfile while processing certain PAF files has been fixed. CVE-2011-2696 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...