libvirt security and bug fix update

0.8.1-27.0.1.el60.6 - Replace docs/et.png in tarball with blank image 0.8.1-27.el60.6 - Properly initialize supplementary groups for qemu process rhbz668692 - Make error reporting in libvirtd thread safe CVE-2011-1486...

Google Fixes More Than 25 Bugs in Chrome, Pays $16,500 in Bounties

Google has released another new version of Chrome that fixes a total of 27 different bugs on various platforms. The company paid out $16,500 in bounties to researchers for the vulnerabilities they reported, including one $3,000 payment for a high-severity bug. The new version of Chrome, version...

Google Chrome < 11.0.696.57 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 11.0.696.57. Such versions of Chrome are affected by multiple vulnerabilities: - A stale pointer exists in floating object handling. Issue 61502 - It may be possible to bypass the pop-up blocker via plug-ins. Issue 70538 -...

Fedora 13 : libvirt-0.8.2-6.fc13 (2011-4870)

Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe Fix specfile to create /var/lib/libvirt with proper permissions. fix a lack of API check on read-only connections this build fix one crash in the the error handling fix a lack of API check on read-only connections Note that...

[SECURITY] Fedora 15 Update: quagga-0.99.18-2.fc15

Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Rout...

Google Chrome < 11.0.696.57 Multiple Vulnerabilities

Binary data 800937.prm...

Google Chrome < 11.0.696.57 Multiple Vulnerabilities

Binary data 5899.pasl...

CVE-2011-0990

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service plugin crash or...

Fedora 14 : libvirt-0.8.3-9.fc14 (2011-4896)

Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe Fix specfil to create /var/lib/libvirt with proper permissions. fix a lack of API check on read-only connections this build fix one crash in the the error handling fix a lack of API check on read-only connections Note that...

[SECURITY] Fedora 14 Update: mhonarc-2.6.18-3.fc14

MHonArc is a Perl mail-to-HTML converter. MHonArc provides HTML mail archiving with index, mail thread linking, etc; plus other capabilities including support for MIME and powerful user customization features...

kernel: posix-cpu-timers: workaround to suppress the problems with mt exec

Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...

ClubHack : CHMag Issue 14th, March 2011 Download !

ClubHack : CHMag Issue 14th, March 2011 Download ! Description: 14th issue of ClubHACK magazine is out. Contents of this issue: Tech Gyan - Remote Thread Execution in System Process Tool Gyan - JS Recon: Java Script Network Reconnaissance Tool Mom's Guide - Choosing Right Secure Mobile Legal Gyan...

CVE-2011-0455

Cross-site scripting XSS vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-0455

The CVE-2011-0455 issue affects Things BBS and BBS Thread prior to version 2.0.3, where a cross-site scripting (XSS) vulnerability could allow an arbitrary script to execute in a user’s browser. Public sources (NVD, JVN) indicate the affected products are Things BBS and BBS Thread up to version 2...

CVE-2011-0455

Cross-site scripting XSS vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

JVN#20982938: Multiple Things CGI products vulnerable to cross-site scripting

BBS and BBS Thread provided by Things are bulletin board software. BBS and BBS Thread contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided...

Low: Red Hat Security Advisory: rgmanager security and bug fix update

An updated rgmanager package that fixes multiple security issues and several bugs is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 7303)

This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. The following security issues were fixed : - A local attacker could use a Oops kernel crash caused by other flaws to write a 0 byte to a attacker controlled address in the kernel. This could lea...

RedHat Update for kernel RHSA-2011:0163-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

kernel: posix-cpu-timers: workaround to suppress the problems with mt exec

Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...