RHEL 6 : Storage Server (RHSA-2014:0377) (Heartbleed)

Updated openssl packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 4 / 5 / 6 : openssl (RHSA-2014:0627)

Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat...

RHEL 5 : pki (RHSA-2012:1550)

Updated pki-common and pki-tps packages that fix multiple security issues are now available for Red Hat Certificate System 8.1. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

RHEL 5 : php (RHSA-2014:0312)

Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 and 5.6 Long Life, and Red Hat Enterprise Linux 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability...

RHEL 5 / 6 : php (RHSA-2013:1824)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1824 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A memory corruption flaw was found in the way the...

RHEL 5 : php53 (RHSA-2013:1825)

Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 and 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Serious Remote Root Access Bug in Belkin N750 Router

A serious vulnerability in a popular Belkin router could be exploited by a local, unauthenticated attacker to gain full control over affected devices. The good news is that the bug has already been patched by Belkin. The bad news is that approximately nobody installs router firmware updates. The...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.34-i486-1slack14.1.txz: Upgraded. This update fixes bugs and security issues. 68044 Integer overflow in unserialize 32-bit...

Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20141030)

A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. CVE-2014-3670 An integer overflo...

CentOS 5 : php53 (CESA-2014:1768)

Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

CentOS Update for php CESA-2014:1767 centos6

Check the version of php SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882074";...

RHEL 6 / 7 : php (RHSA-2014:1767)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1767 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif...

RHEL 5 : php53 (RHSA-2014:1768)

Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

RedHat Update for php RHSA-2014:1767-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Important: Red Hat Security Advisory: php53 security update

Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

CentOS 6 / 7 : openssl (CESA-2014:1652)

Updated OpenSSL packages that contain a backported patch to mitigate the CVE-2014-3566 issue known as SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability POODLE, and fixed two security issues that are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has...

Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 (20140930)

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. CVE-2014-3587 ...

Amazon Linux AMI : httpd (ALAS-2014-331)

It was found that the moddav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the moddav module for example when using the moddavsvn module, a remote attacker could send a specially crafted DAV request that would...

Amazon Linux AMI : httpd (ALAS-2011-9)

It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connec...