net: sock: fix hardened usercopy panic in sock_recv_errqueue

...

SUSE SLED11 / SLES11 Security Update : openssh (SUSE-SU-2015:1695-1) (Logjam)

OpenSSH was updated to fix several security issues and bugs. Please note that due to a bug in the previous shipped openssh version, sshd might not correctly restart. Please verify that the ssh daemon is running after installing this update. These security issues were fixed : - CVE-2015-5352: The...

SUSE SLED11 / SLES11 Security Update : openssh (SUSE-SU-2015:1581-1) (Logjam)

openssh was updated to fix several security issues and bugs. These security issues were fixed : - CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for...

openSUSE: Security Advisory for bash (openSUSE-SU-2014:1254-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:1581-1 Security update for openssh

openssh was updated to fix several security issues and bugs. These security issues were fixed: CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remo...

SUSE SLED11 Security Update : openssh (SUSE-SU-2015:1547-2) (Logjam)

openssh was updated to fix several security issues and bugs. These security issues were fixed : - CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for...

SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2015:1544-1) (Logjam)

openssh was updated to fix several security issues. These security issues were fixed : - CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remote...

SUSE SLES11 Security Update : openssh (SUSE-SU-2015:1547-1) (Logjam)

openssh was updated to fix several security issues and bugs. These security issues were fixed : - CVE-2015-5352: The x11openhelper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for...

[slackware-security] glibc

New glibc packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/glibc-2.17-i486-8slack14.1.txz: Rebuilt. This update fixes several security issues, and adds an extra security hardening patch from...

openSUSE Security Update : bash (openSUSE-SU-2014:1254-1) (deprecated)

This patch was withdrawn by the openSUSE team, as the software was fixed prior to release. No replacement patches/plugins exist. bash was updated to fix command injection via environment variables. CVE-2014-6271,CVE-2014-7169 Also a hardening patch was applied that only imports functions over...

[slackware-security] bash

New bash packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bash-4.2.050-i486-1slack14.1.txz: Upgraded. Another bash update. Here's some information included with the...

php -- _ecalloc Integer Overflow Vulnerability

Stefan Esser reports: The PHP 5 branch of the PHP source code lacks the protection against possible integer overflows inside ecalloc that is present in the PHP 4 branch and also for several years part of our Hardening-Patch and our new Suhosin-Patch. It was discovered that such an integer overflo...

Advisory 02/2006: PHP ext/mysqli Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP ext/mysqli Format String Vulnerability Release Date: 2006/01/12 Last Modified: 2006/01/12 Author: Stefan Esser [email protected] Application: PHP5.1 = 5.1.1 Not...

Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: phpMyAdmin Variable Overwrite Vulnerability Release Date: 2005/12/07 Last Modified: 2005/12/07 Author: Stefan Esser [email protected] Application: phpMyAdmin 2.7.0-rc1...

[Full-disclosure] Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str()

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP registerglobals Activation Vulnerability in parsestr Release Date: 2005/10/31 Last Modified: 2005/10/31 Author: Stefan Esser [email protected] Application: PHP4 =...

[Full-disclosure] Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo()

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP Cross Site Scripting XSS Vulnerability in phpinfo Release Date: 2005/10/31 Last Modified: 2005/10/31 Author: Stefan Esser [email protected] Application: PHP4 = 4.4.0...

CVE-2002-1361

CVE-2002-1361 affects Sun Cobalt RaQ4 with the Security Hardening Patch (SHP) installed. The overflow.cgi CGI script did not properly filter input, allowing a POST to set the email parameter to shell metacharacters and enabling remote code execution with superuser privileges. Public sources descr...