SUSE SLES11 Security Update : apache2-mod_jk (SUSE-SU-2018:3970-1)

This update for apache2-modjk fixes the following issues : Security issues fixed : CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd bsc1114612. CVE-2014-8111: Apache Tomcat Connectors modjk ignored JkUnmount rules for subtrees of previous JkMount rules, whic...

Scientific Linux Security Update : php on SL5.x i386/x86_64 (20141106)

A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. CVE-2014-3670 A stack-based buff...

Scientific Linux Security Update : php on SL5.x i386/x86_64 (20140318)

A buffer overflow flaw was found in the way PHP parsed floating point numbers from their text representation. If a PHP application converted untrusted input strings to numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with th...

CentOS 5 / 6 : php / php53 (CESA-2013:1813)

Updated php53 and php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

RHEL 5 / 6 : php53 and php (RHSA-2013:1813)

Updated php53 and php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

Scientific Linux Security Update : php on SL3.x, SL4.x, SL5.x i386/x86_64

A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. CVE-2008-5557 A flaw was found in the handling...

Scientific Linux Security Update : mod_auth_mysql on SL6.x i386/x86_64

A flaw was found in the way modauthmysql escaped certain multibyte-encoded strings. If modauthmysql was configured to use a multibyte character set that allowed a backslash '' as part of the character encodings, a remote attacker could inject arbitrary SQL commands into a login request...

Scientific Linux Security Update : mod_auth_mysql on SL5.x i386/x86_64

A flaw was found in the way modauthmysql escaped certain multibyte-encoded strings. If modauthmysql was configured to use a multibyte character set that allowed a backslash '' as part of the character encodings, a remote attacker could inject arbitrary SQL commands into a login request...

RedHat Security Advisory RHSA-2009:1148

The remote host is missing updates announced in advisory RHSA-2009:1148. The Apache HTTP Server is a popular Web server. A denial of service flaw was found in the Apache modproxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume...