855 matches found
EUVD-2010-0772
Malware in sbrugna...
North Korea's Red Star OS (Looks Like Mac OS X) Spies on its Own People
North Korea has its own homegrown computer operating system that looks remarkably just like Apple’s OS X, which not only prevents potential foreign hacking attempts but also provides extensive surveillance capabilities. Two German researchers have just conducted an in-depth analysis of the...
Directory traversal
Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operating systems, allows local users to gain privileges via .. dot dot sequences in the label for a pluggable storage device...
Fedora 11 : tar-1.22-5.fc11 (2010-4306)
CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially crafted archive 572149 - realloc within checkexclusiontags caused invalid write 570591 - not closing file descriptors for excluded files/dirs with exlude-tag... options could cause descriptor exhaustion 570591 - do not...
Fedora 11 : cpio-2.9.90-8.fc11 (2010-4302)
CVE-2010-0624 fix heap-based buffer overflow by expanding a specially- crafted archive572150 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 11 : moin-1.8.8-1.fc11 (2010-9876)
This update fixes XSS issues found in moin 1.8.7: http://moinmo.in/SecurityFixes For a list of bug fixes and new features refer to http://hg.moinmo.in/moin/1.8 /raw-file/1.8.8/docs/CHANGES Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 11 : python-paste-1.7.4-1.fc11 (2010-10400)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...
Fedora 11 : gif2png-2.5.1-1102.fc11 (2010-0330)
Tue Jan 5 2010 Enrico Scholz - 2.5.1-1102 - catch another possible overflow when appending a numbered suffix detected to Tomas Hoger - applied the -overflow patch... - Sat Jan 2 2010 Enrico Scholz - 2.5.1-1101 - changed -overflow patch to abort on bad filenames instead of processing truncated...
Fedora 11 : dpkg-1.15.5.6-4.fc11 (2010-4344)
This update fixes CVE-2010-0396 - dpkg path traversal issue http://www.debian.org/security/2010/dsa-2011 http://seclists.org/fulldisclosure/2010/Mar/201 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempt...
Fedora 11 : systemtap-1.1-1.fc11 (2010-0671)
Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...
Fedora 11 : kernel-2.6.30.10-105.2.4.fc11 (2010-0919)
Security update: CVE-2010-0003 CVE-2010-0006 CVE-2010-0007 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 11 : transmission-1.77-2.fc11 (2010-0388)
Fix potential data loss by maliciously-crafted .torrent files. http://trac.transmissionbt.com/wiki/Changesversion-1.77 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and form...
Fedora 11 : puppet-0.25.4-1.fc11 (2010-1079)
The update from 0.24.x to 0.25.x brings many, many changes and improvements to puppet. The upstream release notes cover them in detail: http://reductivelabs.com/trac/puppet/wiki/ReleaseNotes Of note is that 0.25.x clients do not work with 0.24.x masters, so it is important to update the master...
Fedora 11 : dvipng-1.13-1.fc11 (2010-8279)
Upgrades dvipng to version 1.13 which fixes CVE-2010-0829. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 11 : java-1.6.0-openjdk-1.6.0.0-34.b17.fc11 (2010-6039)
Add latest security patches. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 11 : ruby-1.8.6.383-6.fc11 (2010-0533)
A security vulnerability is found on WEBrick module in Ruby currently shipped on Fedora 11 that WEBrick lets attackers to inject malicious escape sequences to its logs, making it possible for dangerous control characters to be executed on a victim's terminal emulator. This issue has now been tagg...
Fedora 11 : znc-0.090-2.fc11 (2010-10082)
Bug 603915 - znc: NULL pointer dereference flaw leads to segfault under certain conditions A Debian bug report 1 noted that ZNC would segfault under certain conditions, such as clicking 'traffic' in the webadmin pages or issuing the traffic command on the /znc shell. This has been corrected...
Fedora 11 : zabbix-1.6.8-1.fc11 (2010-0278)
Update to 1.6.8 - Upstream changelog: http://www.zabbix.com/rn1.6.8.php - fixes 2 issues from 551331 CVE-2009-4499 - https://support.zabbix.com/browse/ZBX-1031 CVE-2009-4501 - https://support.zabbix.com/browse/ZBX-1355 Note that Tenable Network Security has extracted the preceding description...
Fedora 11 : httpd-2.2.15-1.fc11.1 (2010-6131)
The Apache HTTP Server Project is proud to announce the release of version 2.2.15 of the Apache HTTP Server 'httpd'. This version is principally a security and bugfix release. Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses...
Fedora 11 : maildrop-2.4.0-12.fc11 (2010-1927)
This update brings maildrop to the latest upstream version closing CVE-2010-0301. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...