163 matches found
Mandriva Linux Security Advisory : lcms2 (MDVSA-2015:107)
Updated lcms2 packages fix security vulnerability : Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D CVE-2014-0459. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...
openSUSE Security Update : lcms2 (openSUSE-SU-2013:1236-1)
This version update of lcms2 to release 2.5 fixes several security issues plus several other color management bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-602. The text...
CVE-2013-4160
Little CMS lcms2 before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service NULL pointer dereference and crash via vectors related to 1 cmsStageAllocLabV2ToV4curves, 2 cmsPipelineDup, 3 cmsAllocProfileSequenceDescription, 4 CurvesAlloc, and ...
CVE-2013-4160
CVE-2013-4160 affects Little CMS (lcms2) up to version 2.5; used in OpenJDK 7 and possibly other products. It allows remote denial of service via a NULL pointer dereference in multiple components (cmsStageAllocLabV2ToV4curves, cmsPipelineDup, cmsAllocProfileSequenceDescription, CurvesAlloc, cmsna...
CVE-2013-4160
Little CMS lcms2 before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service NULL pointer dereference and crash via vectors related to 1 cmsStageAllocLabV2ToV4curves, 2 cmsPipelineDup, 3 cmsAllocProfileSequenceDescription, 4 CurvesAlloc, and ...
MGASA-2014-0011 Updated dcraw and ufraw package fix security vulnerability
Due to flaws in the embedded copy of LibRaw in dcraw and ufraw, corrupt input files might trigger a division by zero, an infinite loop, or a null pointer dereference CVE-2013-1438. The dcraw and ufraw packages have been updated to their newest versions and patched to fix the flaws in the embedded...
Updated dcraw and ufraw package fix security vulnerability
Due to flaws in the embedded copy of LibRaw in dcraw and ufraw, corrupt input files might trigger a division by zero, an infinite loop, or a null pointer dereference CVE-2013-1438. The dcraw and ufraw packages have been updated to their newest versions and patched to fix the flaws in the embedded...
java-1.6.0-openjdk security update
1:1.6.0.0-1.68.1.11.14 - updated to icedtea6-1.11.14.tar.gz - added and applied 1.11.14-fixes.patch, patch10 to fix build issues - adapted patch8 java-1.6.0-openjdk-timezone-id.patch - Resolves: rhbz1017618 1:1.6.0.1-1.67.1.13.0 - reverted previous update - Resolves: rhbz1017618...
CVE-2013-4276
Multiple stack-based buffer overflows in LittleCMS aka lcms or liblcms 1.19 and earlier allow remote attackers to cause a denial of service crash via a crafted 1 ICC color profile to the icctrans utility or 2 TIFF image to the tiffdiff utility...
FreeBSD : lcms2 -- NULL pointer Dereference Denial of Service Vulnerability (9a0a892e-05d8-11e3-ba09-000c29784fd1)
Mageia security team reports : It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash CVE-2013-4160. %NASLMINLEVEL 70300 C...
Mandriva Linux Security Advisory : lcms2 (MDVSA-2013:211)
Updated lcms2 packages fixes security vulnerability : It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash CVE-2013-4160...
Ubuntu: Security Advisory (USN-1911-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for lcms2 USN-1911-1
Check for the Version of lcms2 OpenVAS Vulnerability Test $Id: gbubuntuUSN19111.nasl 8526 2018-01-25 06:57:37Z teissa $ Ubuntu Update for lcms2 USN-1911-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...
Ubuntu 12.04 LTS / 12.10 / 13.04 : lcms2 vulnerability (USN-1911-1)
It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash. Note that Tenable Network Security has extracted the preceding...
USN-1911-1: Little CMS vulnerability
It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash...
[USN-1911-1] Little CMS vulnerability
========================================================================== Ubuntu Security Notice USN-1911-1 July 29, 2013 lcms2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
[USN-1911-1] Little CMS vulnerability
========================================================================== Ubuntu Security Notice USN-1911-1 July 29, 2013 lcms2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
SuSE 11.3 Security Update : lcms2 (SAT Patch Number 8091)
lcms2 has been updated to the version 2.5 which is a maintenance release to fix various security and other bugs. - User defined parametric curves can now be saved in ICC profiles. - RGB profiles using same tone curves for several channels are storing now only one copy of the curve - update black...
Fedora 18 : java-1.7.0-openjdk-1.7.0.25-2.3.10.3.fc18 (2013-11285)
Updated to latest IcedTea7-forest 2.3.10 - arm tarball updated to 2.1.9 - build bumped to 25 - temporarly swithced to intree lcms as it have security fixes patch 500 - added GENSRCDIR='$PWD/generated.build' to be able to - removed buildrequires lcms2-devel - this update is known to break...
Fedora 19 : java-1.7.0-openjdk-1.7.0.25-2.3.10.3.fc19 (2013-11257)
Updated to latest IcedTea7-forest 2.3.10 - arm tarball updated to 2.1.9 - build bumped to 25 - All full-paths now have arch - temporarly swithced to intree lcms as it have security fixes patch 500 - added GENSRCDIR='$PWD/generated.build' to be able to - removed buildrequires lcms2-devel - this...