gdm security and bug fix update

1:2.6.0.5-7.rhel4.19.el48.2 - Fix tcpwrappers on 64-bit arches Resolves: 625916 1:2.6.0.5-7.rhel4.19.el48.1 - Do less unsavory work after jumping out of a signal handler Resolves: 625818...

Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2

Dear PowerDNS Users, Two major vulnerabilities have recently been discovered in the PowerDNS Recursor all versions up to and including 3.1.7.1. Over the past two weeks, these vulnerabilities have been addressed, resulting in PowerDNS Recursor 3.1.7.2. Given the nature and magnitude of these...

Linux Kernel locks_remove_flock()本地竞争条件漏洞

BUGTRAQ ID: 33237 CVECAN ID: CVE-2008-4307 Linux Kernel是开放源码操作系统Linux所使用的内核。 RHEL4/5内核处理POSIX锁定时fcntl调用可能与关闭相同文件描述符出现竞争，本地攻击者可以利用这个漏洞导致拒绝服务或获得权限提升。 fcntl以如下方式获得POSIX锁定： sysfcntl fget dofcntl fcntlsetlk fput if!count fput locksremoveflock fcntlsetlk调用可能阻塞很长时间，允许同一进程中的其他线程关闭文件描述符： sysclose filpclos...

Moderate: tar security update

1.14-12.5.1.RHEL4 - CVE-2007-4131 tar directory traversal vulnerability 251921...

Moderate: qt security update

3.3.3-11.RHEL4 - Resolves: bz248419, CVE-2007-3388 qt3 format string flaw...

Low: cpio security and bug fix update

2.5-13.RHEL4 - protoize cpio source - Resolves 217375 2.5-12.RHEL4 - improve previous fix of lfs.patch 2.5-11.RHEL4 - improve previous fix of lfs.patch 2.5-10.RHEL4 - fix cpio large filesize buffer overflow 172865 - fix exit codes 183224...

Low: w3c-libwww security and bug fix update

5.4.0-10.1.RHEL4.2 - fix for libwww's handling of multipart/byteranges content and possible stack overflow, CVE-2005-3183 - Resolves: rhbz169495 5.4.0-10.1.RHEL4.1 - fixed type in md5.h for 64bit bug 163664...

Moderate wireshark security update

0.99.4-EL4.1.1 - Oracle OCFS2 network patch 0.99.4-1 - upgrade to 0.99.4, fixes multiple security issues 211993 - use dist tag - CVE-2006-5468 - The HTTP dissector could dereference a null pointer. - CVE-2006-5469 - The WBXML dissector could crash. - CVE-2006-5470 - The LDAP dissector and possibl...