Fedora 21 : thunderbird-enigmail-1.7.2-1.fc21 (2014-9919)

Upstream annoncement : - This is a bugfix release, fixing several major issues found in v1.7. - A security bug CVE-2014-5369 has been fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora 19 : thunderbird-enigmail-1.7.2-1.fc19 (2014-9954)

Upstream annoncement : - This is a bugfix release, fixing several major issues found in v1.7. - A security bug CVE-2014-5369 has been fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

openSUSE Security Update : enigmail (openSUSE-SU-2014:1096-1)

enigmail was updated to version 1.7.2 bnc893330 - bugfix release which contains several bugfixes including mail with only Bcc recipients sent in plain text CVE-2014-5369 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Fedora 20 : drupal7-7.31-1.fc20 (2014-9278)

Update to upstream 7.31 release for SA-CORE-2014-004 This is a bugfix release. For complete details, refer to: https://www.drupal.org/drupal-7.30-release-notes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

kernel: security and bugfix update (important)

The Linux kernel was updated to fix security issues and bugs: Security issues fixed: CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users ...

kernel: security and bugfix update (important)

The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a...

kernel: security and bugfix release (important)

The Linux kernel was updated to fix security issues and bugs: Security issues fixed: CVE-2014-3153: The futexrequeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEXREQUEUE...

kernel: security and bugfix update (important)

The Linux kernel was updated to fix security issues and bugs. Security issues fixed: CVE-2014-3153: The futexrequeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEXREQUEUE...

openSUSE Security Update : typo3-cms-4_5/typo3-cms-4_6/typo3-cms-4_7 (openSUSE-SU-2013:0510-1)

The Typo3 CMS versions were updated to receive security and bug fixes. - Raised to version 4.5.25 - bugfix: External URL regression by jumpurl security fix Helmut Hummel, t346071 - Raised to version 4.5.24 - Raise submodule pointer TYPO3 Release Team - security: Open redirection with jumpurl Fran...

openSUSE Security Update : perl (openSUSE-SU-2013:0497-1)

Perl was updated to fix 3 security issues : - fix rehash denial of service compute time bnc804415 CVE-2013-1667 - improve CGI crlf escaping bnc789994 CVE-2012-5526 - sanitize input in Maketext.pm to avoid code injection bnc797060 CVE-2012-6329 In openSUSE 12.1 also the following non-security bug...

openSUSE Security Update : Mozilla Firefox and others (openSUSE-SU-2013:0630-1)

The Mozilla suite received security and bugfix updates : Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla SeaMonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3...

openSUSE Security Update : postgresql (openSUSE-SU-2012:0480-1)

Security and bugfix release 9.1.3 : - Require execute permission on the trigger function for 'CREATE TRIGGER' CVE-2012-0866, bnc749299. - Remove arbitrary limitation on length of common name in SSL certificates CVE-2012-0867, bnc749301. - Convert newlines to spaces in names written in pgdump...

openSUSE Security Update : postgresql / postgresql-libs (openSUSE-SU-2012:1288-1)

Security and bugfix release 9.1.5 : - Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler CVE-2012-2655 bnc765069 - Fix incorrect password transformation in 'contrib/pgcrypto''s DES crypt function CVE-2012-2143 bnc766799 - Prevent access to external files/URLs via...

openSUSE Security Update : python3 (openSUSE-SU-2012:0861-1)

python3 was fixed for : - Fix bnc758993 - CVE-2012-2135: python3 utf-16 decoder unicodedecodecallerrorhandler alignedend is not updated %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : nginx (openSUSE-SU-2014:0450-1)

nginx was updated to 1.4.7 to fix bugs and security issues. Fixed security issues : - CVE-2014-0133: nginx:heap-based buffer overflow in SPDY implementation New upstream release 1.4.7 bnc869076 CVE-2014-0133 Security: a heap memory buffer overflow might occur in a worker process while handling a...

openSUSE Security Update : python3 (openSUSE-SU-2014:0498-1)

Python was updated to 3.3.5 fixing bugs and security issues : - bugfix-only release, closes several security bugs - CVE-2013-1752 bnc856836 - DoS flaws with unbounded reads from network - disable SSLv2 by default - DoS on maliciously crafted zip files CVE-2013-7338, bnc869222 -...

openSUSE Security Update : postgresql (openSUSE-SU-2012:1173-1)

Postgresql was updated to the security and bugfix release 9.1.3 : - Require execute permission on the trigger function for 'CREATE TRIGGER' CVE-2012-0866, bnc749299. - Remove arbitrary limitation on length of common name in SSL certificates CVE-2012-0867, bnc749301. - Convert newlines to spaces i...

openSUSE Security Update : wireshark (openSUSE-SU-2012:1633-1)

This update fixes the following issues for wireshark : - Security update to 1.8.4 : https://www.wireshark.org/docs/relnotes/wireshark-1.8.4.html http://seclists.org/oss-sec/2012/q4/378 CVE-2012-5592 Wireshark 1 pcap-ng hostname disclosure wnpa-sec-2012-30 CVE-2012-5593 Wireshark 2 DoS infinite lo...

openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)

The Opera browser received a security and bugfix update to 11.51. More information can be found here: http://www.opera.com/docs/changelogs/unix/1151/ CVE-2011-3388 - incorrect security information display CVE-2011-3389 - unspecified 'low severity issue, as reported by Thai Duong and Juliano Rizzo...

openSUSE Security Update : python (openSUSE-SU-2014:0380-1)

Python was updated to 2.7.6 to fix bugs and security issues : - bugfix-only release - SSL-related fixes - upstream fix for CVE-2013-4238 - upstream fixes for CVE-2013-1752 - added patches for CVE-2013-1752 bnc856836 issues that are missing in 2.7.6: python-2.7.6-imaplib.patch...