SUSE SLES11 Security Update : libevent (SUSE-SU-2018:0263-1)

This update for libevent fixes the following issues : - CVE-2016-10195: DNS remote stack overread vulnerability bsc1022917 - CVE-2016-10196: stack/buffer overflow in evutilparsesockaddrport bsc1022918 backport for 2.0.21 - CVE-2016-10197: out-of-bounds read in searchmakenew bsc1022919 Note that...

SUSE-SU-2018:0263-1 Security update for libevent

This update for libevent fixes the following issues: - CVE-2016-10195: DNS remote stack overread vulnerability bsc1022917 - CVE-2016-10196: stack/buffer overflow in evutilparsesockaddrport bsc1022918 backport for 2.0.21 - CVE-2016-10197: out-of-bounds read in searchmakenew bsc1022919...

openSUSE Security Update : libevent (openSUSE-2018-95)

This update for libevent fixes the following security issues : - CVE-2016-10195: DNS remote stack overread vulnerability bsc1022917 - CVE-2016-10196: stack/buffer overflow in evutilparsesockaddrport bsc1022918 - CVE-2016-10197: out-of-bounds read in searchmakenew bsc1022919 This update was import...

SUSE SLED12 / SLES12 Security Update : libevent (SUSE-SU-2018:0200-1)

This update for libevent fixes the following security issues : - CVE-2016-10195: DNS remote stack overread vulnerability bsc1022917 - CVE-2016-10196: stack/buffer overflow in evutilparsesockaddrport bsc1022918 - CVE-2016-10197: out-of-bounds read in searchmakenew bsc1022919 Note that Tenable...

SUSE-SU-2018:0200-1 Security update for libevent

This update for libevent fixes the following security issues: - CVE-2016-10195: DNS remote stack overread vulnerability bsc1022917 - CVE-2016-10196: stack/buffer overflow in evutilparsesockaddrport bsc1022918 - CVE-2016-10197: out-of-bounds read in searchmakenew bsc1022919...

Debian: Security Advisory (DLA-824-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Advisory - Three Vulnerabilities in Huawei GaussDB

There is a information leak vulnerability in libevent of Huawei GaussDB. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending a forged DNS response to an application using libevent. Successful exploit of the vulnerability could lead to reading data o...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)

The Mozilla Firefox was updated to the new ESR 52.2 release, which fixes the following issues bsc1043960 : - MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder - MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading - MFSA 2017-16/CVE-2017-7751 Use-after-free with content...

EulerOS 2.0 SP1 : libevent (EulerOS-SA-2017-1090)

According to the versions of the libevent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the...

EulerOS 2.0 SP2 : libevent (EulerOS-SA-2017-1091)

According to the versions of the libevent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the...

libevent: Stack-buffer overflow in evutil_parse_sockaddr_port()

A vulnerability was found in libevent with the parsing of IPv6 addresses. If an attacker could cause an application using libevent to parse a malformed address in IPv6 notation of more than 2GiB in length, a stack overflow would occur leading to a crash...

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...

libevent: Stack-buffer overflow in the name_parse() function

A vulnerability was found in libevent with the parsing of DNS requests and replies. An attacker could send a forged DNS response to an application using libevent which could lead to reading data out of bounds on the heap, potentially disclosing a small amount of application memory...

GLSA-201705-01 : libevent: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201705-01 libevent: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libevent. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary co...

libevent: Multiple vulnerabilities

Background libevent is a library to execute a function when a specific event occurs on a file descriptor. Description Multiple vulnerabilities have been discovered in libevent. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrar...

Mozilla Thunderbird < 52.1 Multiple Vulnerabilities (macOS)

The version of Mozilla Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities : - Multiple flaws exist in the Libevent library, within files evdns.c and evutil.c, due to improper validation of input when handling IP...

Mozilla Thunderbird < 52.1

The version of Thunderbird installed on the remote Windows host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-13 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 - A...

Security fix for the ALT Linux 10 package thunderbird version 52.1.0-alt1

May 2, 2017 Andrey Cherepanov 52.1.0-alt1 - New version 52.0.1 - Security fixes: + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5430: Memory safety bugs fixed in Firefox 53, Firefox ESR + CVE-2017-5432: Use-after-free in text input selection + CVE-2017-5433:...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0013

An update of cracklib,libevent,libgcrypt,httpd,glibc packages for PhotonOS has been released...

Mozilla Firefox ESR < 52.1

The version of Firefox ESR installed on the remote Windows host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-12 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. CVE-2017-5469 - A...