68 matches found
RHEL 6 / 7 : rh-java-common-apache-commons-collections (RHSA-2015:2523)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:2523 advisory. The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections...
Heap-Based Buffer Overflow
The libexif packages provide an Exchangeable image file format Exif library. Exif allows metadata to be added to and read from certain types of image files. Multiple flaws were found in the way libexif processed Exif tags. An attacker could create a specially-crafted image file that, when opened ...
CentOS 5 : nss (CESA-2016:0371)
Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from th...
RHEL 6 / 7 : gnutls (RHSA-2016:0012) (SLOTH)
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
Important: Red Hat Security Advisory: libwmf security update
Updated libwmf packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Debian DLA-33-1 : openssl security update
Detailed descriptions of the vulnerabilities can be found at: https://www.openssl.org/news/secadv/20140806.txt It's important that you upgrade the libssl0.9.8 package and not just the openssl package. All applications linked to openssl need to be restarted. You can use the 'checkrestart' tool fro...
Scientific Linux Security Update : libyaml on SL6.x, SL7.x i386/x86_64 (20150128)
An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. CVE-2014-9130 All running applications linked against the libyaml library must be...
Scientific Linux Security Update : rpm on SL7.x x86_64 (20141209)
It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and...
Scientific Linux Security Update : rpm on SL5.x, SL6.x i386/x86_64 (20141209)
It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and...
RHEL 7 : rpm (RHSA-2014:1976)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1976 advisory. The RPM Package Manager RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying,...
CentOS 7 : gnutls (CESA-2014:1846)
Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...
Moderate: Red Hat Security Advisory: libvncserver security update
Updated libvncserver packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...
Amazon Linux AMI : ca-certificates (ALAS-2011-3)
This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure PKI. It was found that a Certificate Authority CA issued fraudulent HTTPS certificates. This update removes that CA's root certificate from the ca-certificates...
RHEL 5 / 6 / 7 : nss (RHSA-2014:1307)
Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: axis security update
Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Debian: Security Advisory (DSA-2998-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openssl security update
Package: openssl Version: 0.9.8o-4squeeze16 CVE ID: CVE-2014-0224 CVE-2012-4929 CVE-2014-0224 This update updates the upstream fix for CVE-2014-0224 to address problems with renegotiation under some conditions. original text: KIKUCHI Masashi discovered that carefully crafted handshakes can force...
Scientific Linux Security Update : python-jinja2 on SL6.x i386/x86_64 (20140611)
It was discovered that Jinja2 did not properly handle bytecode cache files stored in the system's temporary directory. A local attacker could use this flaw to alter the output of an application using Jinja2 and FileSystemBytecodeCache, and potentially execute arbitrary code with the privileges of...
DLA-0003-1 openssl - security update
Bulletin has no description...
CentOS 6 : curl (CESA-2014:0561)
Updated curl packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...