Ubuntu 10.04 LTS / 10.10 / 11.04 : openjdk-6b18 vulnerabilities (USN-1373-2)

USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM armel. This provides the corresponding OpenJDK 6 update for use with the ARM armel architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. It was discover...

java-1.6.0-openjdk security update

1.6.0.0-1.25.1.10.6.0.1.el58 - Add oracle-enterprise.patch 1:1.6.0.0-1.25.1.10.6 - Updated to IcedTea6 1.10.6 - Resolves: rhbz787142 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687:...

java-1_6_0-openjdk: Update to iced tea 1.11.1 b24 security release (important)

java-160-openjdk was updated to the b24 release, fixing multiple security issues: Security fixes - S7082299, CVE-2011-3571: Fix inAtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687,...

Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : openjdk-6 vulnerabilities (USN-1373-1)

It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. CVE-2011-5035 ATTENTION: this update changes previous Java...

USN-1373-1: OpenJDK 6 vulnerabilities

It was discovered that the Java HttpServer class did not limit the number of headers read from a HTTP request. A remote attacker could cause a denial of service by sending special requests that trigger hash collisions predictably. CVE-2011-5035 ATTENTION: this update changes previous Java...

Fedora 15 : java-1.6.0-openjdk-1.6.0.0-63.1.10.6.fc15 (2012-1721)

The update contains the following security fixes : - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687, CVE-2012-0503: Issues with TimeZone class - S7110700,...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security update

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:021)

Multiple security issues were identified and fixed in OpenJDK icedtea6 : Fix issues in java sound CVE-2011-3563. Fix in AtomicReferenceArray CVE-2011-3571. Add property to limit number of request headers to the HTTP Server CVE-2011-5035. Incorect checking for graphics rendering object...

CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

java-1.6.0-openjdk security update

1:1.6.0.0-1.43.1.10.6 - Updated to IcedTea6 1.10.6 - Resolves: rhbz787144 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687: Issues with TimeZone class - S7110700: Enhance exception...

CVE-2012-0789

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service memory consumption by triggering many strtotime function calls, which are not properly handled by the phpdateparsetzfile cache...

CVE-2012-0789

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service memory consumption by triggering many strtotime function calls, which are not properly handled by the phpdateparsetzfile cache...

CVE-2012-0789

CVE-2012-0789 affects PHP before 5.3.9: a memory leak in the timezone handling (php_date_parse_tzfile cache) can be triggered by many strtotime() calls, leading to potential denial of service due to memory exhaustion. Affected vector is remote; remediation is upgrading to PHP 5.3.9 or later, as c...

CVE-2012-0789

Memory leak in the timezone functionality in PHP before 5.3.9 allows remote attackers to cause a denial of service memory consumption by triggering many strtotime function calls, which are not properly handled by the phpdateparsetzfile cache...

glibc: __tzfile_read integer overflow to buffer overflow

Integer overflow in the tzfileread function in glibc before 2.15 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted timezone TZ file, as demonstrated using vsftpd...

glibc: __tzfile_read integer overflow to buffer overflow

Integer overflow in the tzfileread function in glibc before 2.15 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted timezone TZ file, as demonstrated using vsftpd...

Medium: glibc

Issue Overview: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

glibc: __tzfile_read integer overflow to buffer overflow

Integer overflow in the tzfileread function in glibc before 2.15 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted timezone TZ file, as demonstrated using vsftpd...

PHP < 5.3.9 Multiple Vulnerabilities

Binary data 6263.prm...