1879 matches found
MGASA-2014-0263 Updated qt3 packages fix security vulnerabilities
Updated qt3 packages fix security vulnerabilities: QXmlSimpleReader in Qt versions prior to 5.2 supports expansion of internal entities in XML documents without placing restrictions to ensure the document does not cause excessive memory usage. If an application using this API processes untrusted...
Updated qt3 packages fix security vulnerabilities
Updated qt3 packages fix security vulnerabilities: QXmlSimpleReader in Qt versions prior to 5.2 supports expansion of internal entities in XML documents without placing restrictions to ensure the document does not cause excessive memory usage. If an application using this API processes untrusted...
openSUSE Security Update : subversion (openSUSE-SU-2014:0307-1)
Apache Subversion was updated to version 1.8.8 : It fix a remotely triggerable segfault in moddavsvn when svn is handling the server root and SVNListParentPath is on bnc862459 CVE-2014-0032 - Client-side bugfixes : - fix automatic relocate for wcs not at repository root - wc: improve performance...
openSUSE Security Update : subversion (openSUSE-SU-2014:0334-1)
Apache Subversion was updated to 1.7.16 bnc862459 This release addresses one security issue: CVE-2014-0032: moddavsvn DoS vulnerability with SVNListParentPath. Affects servers with moddavsvn when configured on the root path of the server and SVNListParentPath is on. - Client-side bugfixes : - cop...
CVE-2014-3122
The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings...
Code injection
The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings...
CVE-2014-3122
The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings...
CVE-2014-3122
CVE-2014-3122 affects the Linux kernel local memory-management path. The advisory centers on the try_to_unmap_cluster function in mm/rmap.c, where the code path did not consistently lock pages, enabling a local user to trigger a memory-usage pattern that can force removal of page-table mappings a...
CVE-2014-3122
The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings...
CVE-2014-3122
The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires removal of page-table mappings...
ModSecurity v2.8.0 - Open Source Web Application Firewall
ModSecurity ™is an open source, free web application firewall WAF Apache module. With over 70% of all attacks now carried out over the web application level, organizations need all the help they can get in making their systems secure. Changelog v2.8.0 Bug fix Build issue: Now using autotools to...
firefox security update
24.5.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.5.0-1 - Update to 24.5.0 ESR 24.4.0-3 - Added a workaround for Bug 1054242 - RHEVM: Extremely high memory usage in Firefox 24 ESR on RHEL 6.5 24.4.0...
Fedora 19 : subversion-1.7.16-1.fc19 (2014-3567)
This update includes the latest stable release of Apache Subversion 1.7, fixing a security issue CVE-2014-0032 : Subversion's moddavsvn Apache HTTPD server module will crash when it receives an OPTIONS request against the server root and Subversion is configured to handle the server root and...
MGASA-2014-0007 Updated nodejs package fixes security vulnerabilities
A denial of service flaw was found in the way Node.js handled pipelined HTTP requests. A remote attacker could use this flaw to send an excessive amount of HTTP requests over a network connection, causing Node.js to use an excessive amount of memory and possibly exit when all available memory is...
[SECURITY] Fedora 20 Update: nginx-1.4.4-1.fc20
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Veeam ONE v7 R2 update
Challenge Release Notes for Veeam ONE v7 R2 update Cause Please confirm you are running version 7.0.0.876 prior to installing this update. You can check this under Help | About in Veeam ONE Monitor Client. After upgrading, your build will be version 7.0.0.919. This update should be applied to...
qt4-xml -- XML Entity Expansion Denial of Service
Richard J. Moore reports: QXmlSimpleReader in Qt versions prior to 5.2 supports expansion of internal entities in XML documents without placing restrictions to ensure the document does not cause excessive memory usage. If an application using this API processes untrusted data then the application...
Fedora Update for nginx FEDORA-2013-21826
Check for the Version of nginx OpenVAS Vulnerability Test Fedora Update for nginx FEDORA-2013-21826 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
[SECURITY] Fedora 19 Update: nginx-1.4.4-1.fc19
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:267)
Updated java-1.7.0-openjdk packages fix security vulnerabilities : Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...