RUSTSEC-2016-0006 `cassandra` crate is unmaintained; use `cassandra-cpp` instead

The cassandra crate has not seen a release since December 2016, and its author is unresponsive. The cassandra-cpp crate is a maintained fork: https://github.com/Metaswitch/cassandra-rs...

`cassandra` crate is unmaintained; use `cassandra-cpp` instead

The cassandra crate has not seen a release since December 2016, and its author is unresponsive. The cassandra-cpp crate is a maintained fork: https://github.com/Metaswitch/cassandra-rs...

chromium-browser: use after free in blink

WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted JavaScript code...

CVE-2014-9889

drivers/media/platform/msm/camerav2/pproc/cpp/msmcpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803645 and Qualcomm internal bug...

CVE-2014-9889

drivers/media/platform/msm/camerav2/pproc/cpp/msmcpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate CPP frame messages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803645 and Qualcomm internal bug...

CVE-2016-5127

Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascadin...

CVE-2016-2486

mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated memory and the frame size, which allows attackers to gain privileges via a crafted application, a...

java-1.7.0-openjdk security update

1:1.7.0.101-2.6.6.1.0.1 - Update DISTRONAME in specfile 1:1.7.0.101-2.6.6.1 - added Patch666 fontpath.patch to fix tck regressions - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Fix ztos handling in templateTableppc64.cpp to be same as others in 7. - Resolves: rhbz1325425 1:1.7.0.101-2.6.6.0 - Bum...

Fedora Update for qpid-cpp FEDORA-2016-120

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 23 : qpid-cpp-0.34-6.fc23 (2016-120b194a75)

Rebuilt against qpid-proton 0.12.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

Android libstagefright number error vulnerability (CNVD-2015-06610)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. libstagefright is one of the libraries that supports hardcoding. An integer overflow vulnerability exists in the SampleTable.cpp file in libstagefright in Android 4.4.4 and earlier...

Oracle: Security Advisory (ELSA-2012-1269)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2011-0433)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox js/src/proxy/Proxy.cpp Restriction Bypass Vulnerability

Mozilla Firefox is an open source web browser. The Mozilla Firefox js/src/proxy/Proxy.cpp file fails to properly handle the 'receiver' parameter. A remote attacker can exploit the vulnerability to bypass specific window access restrictions...

RHEL 7 : MRG (RHSA-2015:0660)

Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...

chromium-browser: Use-after-free in pdfium.

Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the 1 Document::delay and 2...

Google Chrome PDFium Integer Overflow Vulnerability

Google Chrome is an open source WEB browser. An integer overflow vulnerability exists in the CJBig2Image::expand function in fxcodec/jbig2/JBig2Image.cpp in Google Chrome PDFium, which allows attackers to construct a malicious WEB page and trick users into parsing it, which can execute arbitrary...

Fedora 21 : qpid-cpp-0.32-4.fc21 (2015-9503)

Removed qpid-send and qpid-receive from qpid-cpp-client-devel. Include the qpid.tests module in python-qpid Bumped the release to force a build against Proton 0.9 in F22. Added qpidtoollibs to the qpid-tools package. Fixed path to qpid-ha in the systemd service descriptor. Resolves: BZ1186308 App...

[SECURITY] Fedora 21 Update: qpid-cpp-0.32-4.fc21

Run-time libraries for AMQP client applications developed using Qpid C++. Clients exchange messages with an AMQP message broker using the AMQP protocol...

Fedora Update for qpid-cpp FEDORA-2015-9503

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...