1295 matches found
SuSE 11.3 Security Update : Ruby (SAT Patch Number 9136)
This Ruby update fixes the following security issue : - Fixed entity expansion DoS vulnerability in REXML. CVE-2013-1821. bnc808137 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...
SuSE 11.3 Security Update : curl (SAT Patch Number 9133)
This curl update fixes the following security issues : - wrong re-use of connections. CVE-2014-0138. bnc868627 - IP address wildcard certificate validation. CVE-2014-0139. bnc868629 - --insecure option inappropriately enforcing security safeguard. bnc870444 %NASLMINLEVEL 70300 C Tenable Network...
SuSE 11.3 Security Update : lxc (SAT Patch Number 9084)
The container framework LXC has been updated to fix various bugs and a security issue : - The sshd template allowed privilege escalation on the host. CVE-2013-6441 - SLES container time not aligned with host time. bnc839653 - SLES container boot takes ages. bnc839663 - lxc mounts /dev/pts with...
SuSE 11.3 Security Update : nagios (SAT Patch Number 9071)
The monitoring service Nagios has been updated to fix potential buffer overflows in its CGI scripts. CVE-2014-1878 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyrig...
SuSE 11.3 Security Update : strongswan (SAT Patch Number 9089)
The following security issue is fixed by this update : - strongswan has been updated to fix an authentication problem where attackers could have bypassed the IKEv2 authentication. CVE-2014-2338. bnc870572 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks...
SuSE 11.3 Security Update : python-setuptools (SAT Patch Number 9116)
python-setuptools so far used only HTTP to retrieve packages, which could have lead to man in the middle attacks on newly installed python code. This update adjusts it to use HTTPS, guaranteeing better connection integrity. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...
SuSE 11.3 Security Update : wireshark (SAT Patch Number 9060)
Wireshark was updated to version 1.8.13 to fix security and stability issues. The following security vulnerabilities have been fixed : - The NFS dissector could crash. CVE-2014-2281 - The RLC dissector could crash. CVE-2014-2283 - The MPEG file parser could overflow a buffer. For more information...
SuSE 11.3 Security Update : mutt (SAT Patch Number 9023)
The mailreader mutt was updated to fix a security issue in displaying mail headers, where a crafted e-mail could cause a heap overflow, which in turn might be used by attackers to crash mutt or potentially even execute code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
SuSE 11.3 Security Update : xinetd (SAT Patch Number 9021)
The multiplexing system xinetd was updated to fix security issues and a bug. Security issues fixed : - xinetd ignores user and group directives for tcpmux services. CVE-2013-4342 - xinetd enables all services when tcp multiplexing is used. Bug fixed:. CVE-2012-0862 - Services started by xinetd we...
SuSE 11.3 Security Update : PostgreSQL 9.1 (SAT Patch Number 8970)
The PostgreSQL database server was updated to version 9.1.12 to fix various security issues : - Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The...
SuSE 11.3 Security Update : libssh2 (SAT Patch Number 8982)
This update of libssh fixes the following security issue : - When libssh operates in server mode, the randomness pool was not switched on fork, so two pools could operate on the same randomness and could generate the same keys. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 8974)
The OpenJDK Java Plugin IcedTea Web was released to fix a temporary file access problem. Changes : - Dialogs center on screen before becoming visible. - Support for u45 new manifest attributes Application-Name. - Custom applet permission policies panel in itweb-settings control panel. - Plugin...
SuSE 11.3 Security Update : flash-player (SAT Patch Number 9012)
Adobe Flash Player was updated to version 11.2.202.346 to fix security issues : - A vulnerability that could be used to bypass the same origin policy was fixed. CVE-2014-0503 - A vulnerability that could be used to read the contents of the clipboard was fixed. More information can be found on:...
SuSE 11.3 Security Update : gnutls (SAT Patch Number 8949)
The GnuTLS library received a critical security fix and other updates : - The X.509 certificate verification had incorrect error handling, which could lead to broken certificates marked as being valid. CVE-2014-0092 - A verification problem in handling V1 certificates could also lead to V1...
SuSE 11.3 Security Update : flash-player (SAT Patch Number 8922)
This update of Adobe Flash Player fixes the following issues : - A stack overflow vulnerability that could have resulted in arbitrary code execution. CVE-2014-0498 - A memory leak vulnerability that could have been used to defeat memory address layout randomization. CVE-2014-0499 - A double free...
SuSE 11.3 Security Update : libQt (SAT Patch Number 8907)
The Qt library was updated to fix a XML entity expansion attack XXE. CVE-2013-4549 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. if NASLLEVEL...
SuSE 11.3 Security Update : IBM Java (SAT Patch Number 8878)
This update contains the Oracle January 14 2014 CPU for java-170-ibm. Find more information at: http://www.ibm.com/developerworks/java/jdk/alerts/OracleJanuary142 014CPU %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
SuSE 11.3 Security Update : pwlib (SAT Patch Number 8838)
This update fixes a XML DoS vulnerability in pwlib. CVE-2013-1864 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...
SuSE 11.2 Security Update : openswan (SAT Patch Number 8815)
This update fixes a Denial of Service DoS vulnerability via IKEv2 I1 notifications in openswan. CVE-2013-7294 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information...
SuSE 11.3 Security Update : libvirt (SAT Patch Number 8705)
This update fixes a crash in LXC's memtune code. CVE-2013-6436 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. i...