5303 matches found
Fedora Core 4 : squirrelmail-1.4.6-0.cvs20050812.1.fc4 (2005-780)
It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4. This snapshot worked on my personal server for the past week, so hopefully it will be good for...
[SECURITY] [DSA 751-1] New squid packages fix IP spoofing vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 751-1 [email protected] http://www.debian.org/security/ Martin Schulze July 11th, 2005 http://www.debian.org/security/faq -...
pam_ldap/nss_ldap password leak in a master+slave+start_tls LDAP setup
pamldap/nssldap fail to re-start TLS when following referred connections. This can result in credentials being sent in clear text when pamldap/nssldap attempt to rebind. This affects any LDAP infrastructure which can generate referrals during NSS or PAM operations generally a master+slave LDAP...
Security fix for the ALT Linux 5 package sudo version 1:1.6.7p5-alt5
June 21, 2005 Dmitry V. Levin 1:1.6.7p5-alt5 - Backported upstream fix so a sudoers entry with sudo ALL no longer overwrites the value of safecmnd CAN-2005-1993...
gnutls security update
CentOS Errata and Security Advisory CESA-2005:430 Updated GnuTLS packages that fix a remote denial of service vulnerability are available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GnuTLS library...
gd security update
CentOS Errata and Security Advisory CESA-2004:638 Updated gd packages that fix security issues with overflow in various memory allocation calls are now available. Updated 24 May 2005 Multilib packages have been added to this advisory The gd packages contain a graphics library used for the dynamic...
Fedora Core 2 : squid-2.5.STABLE9-1.FC2.2 (2005-275)
Tue Mar 29 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.2 - more upstream patches - include -libbind patch, to prevent squid from picking up a dependency on libbind. - remove references to /etc/squid/errors, since squid now uses datadir/squid/errors/English by default. overridable in squid.conf - Mark...
php security update
CentOS Errata and Security Advisory CESA-2005:405 Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache...
Security fix for the ALT Linux 5 package cvs version 1.11.19-alt1
April 6, 2005 Dmitry V. Levin 1.11.19-alt1 - Updated to 1.11.19. - Updated patches. - Applied upstream security fixes for CAN-2005-0753 issue...
Fedora Core 2 : kernel-2.6.9-1.6_FC2 (2004-450)
This update brings a rebase to 2.6.9, including various security fixes incorporated into the upstream kernel, and also includes Alan Cox's -ac patchset, which adds additional security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Debian DSA-019-1 : squid - insecure tempfile handling
WireX discovered a potential temporary file race condition in the way that squid sends out email messages notifying the administrator about updating the program. This could lead to arbitrary files to get overwritten. However the code would only be executed if running a very bleeding edge release ...
Security fix for the ALT Linux 5 package cvs version 1.11.15-alt3
May 25, 2004 Dmitry V. Levin 1.11.15-alt3 - Applied upstream fix for pserver heap overflow CAN-2004-0414...
Security fix for the ALT Linux 5 package cvs version 1.11.15-alt2
May 10, 2004 Dmitry V. Levin 1.11.15-alt2 - Applied upstream fix for pserver heap overflow CAN-2004-0396...
DSA-422 cvs - remote vulnerability
Bulletin has no description...
[SECURITY] [DSA-205-1] gtetrinet buffer overflows
------------------------------------------------------------------------ Debian Security Advisory DSA-205-1 [email protected] http://www.debian.org/security/ Wichert Akkerman December 10, 2002 - ------------------------------------------------------------------------ Package : gtetrinet Problem...
[SECURITY] [DSA 163-1] New mhonarc packages fix cross site scripting problems
-------------------------------------------------------------------------- Debian Security Advisory DSA 163-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 140-2] New libpng packages fix potential buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 140-2 [email protected] http://www.debian.org/security/ Martin Schulze August 5th, 2002 - -------------------------------------------------------------------------- Package : libpng, libpng3...
CVE-2022-0931
The Red Hat 3scale gateway exposes a JWT verification flaw: it does not properly verify the algorithm claim in the token header, enabling an attacker to craft a signed token with improper claims and bypass security restrictions.
CVE-2023-24593
CVE-2023-24593 is a GLib2 vulnerability described in connected advisories as a DoS caused by GLib handling of non-normal GVariants (text-form variant) that can crash or degrade service when a malicious input is processed. Affected advisories reference multiple vendor advisories (e.g., IBM/EulerOS...
CVE-2023-25180
CVE-2023-25180 is a GLib2 vulnerability described in connected advisories as a denial-of-service issue caused by processing a malicious text-form variant, enabling looping or resource exhaustion. Affected products reference GLib2 packages (glib2) across multiple Linux distributions; upstream note...