Updated vino packages fix CVE-2013-5745

Updated vino package fixes security vulnerability: The vinoserverclientdatapending function in vino-server.c in GNOME Vino 3.7.3 and earlier, when encryption is disabled, does not properly clear client data when an error causes the connection to close during authentication, which allows remote...

Updated gnupg2 packages fix multiple vulnerabilities

Updated gnupg2 package fixes security vulnerabilities: RFC 4880 permits OpenPGP keyholders to mark their primary keys and subkeys with a "key flags" packet that indicates the capabilities of the key. These are represented as a set of binary flags, including things like "This key may be used to...

Updated nas packages fix security vulnerabilities

Updated nas packages fix security vulnerabilities: Buffer overflow when parsing display number and various other buffer overflows CVE-2013-4256. Heap overflow when using AUDIOHOST environment variable CVE-2013-4257. Race when opening a TCP device nas289...

Updated ruby-RubyGems package fixes security vulnerabilies

Updated ruby-RubyGems package fixes security vulnerability: RubyGems validates versions with a regular expression that is vulnerable to denial of service due to a backtracking regular expression. For specially crafted RubyGems versions attackers can cause denial of service through CPU consumption...

Updated ssmtp package fixes security vulnerability

It was reported that ssmtp, an extremely simple MTA to get mail off the system to a mail hub, did not perform x509 certificate validation when initiating a TLS connection to server. A rogue server could use this flaw to conduct man-in- the-middle attack, possibly leading to user credentials leak...

Updated proftpd package fixes security vulnerability

A bug in ProFTPd's modsftp and modsftppam modules can be used to trigger a large heap allocation and exhaust all available system memory of the underlying operating system CVE-2013-4359...

Updated libvirt package fixes security vulnerabilities

It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service CVE-2013-4296. It was discovered that libvirt incorrectly handled certain bitmap operations. A remote attacker could...

Updated polkit package and the packages that call polkit fixes security vulnerability

A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges CVE-2013-4288...

Updated openjpa packages fix CVE-2013-1768

Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...

Updated libtiff package fixes security vulnerability

A possible heap-based buffer overflow flaw was found in the readgifimage function in gif2tiff, a tool to convert GIF images to TIFF. A remote attacker could provide a specially-crafted GIF file that, when processed by gif2tiff, would cause gif2tiff to crash or, potentially, execute arbitrary code...

Updated polarssl package fixes security vulnerabilities

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in PolarSSL before 1.2.6, does not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and...

Updated perl-Crypt-DSA package fixes security vulnerability

The Crypt::DSA aka Crypt-DSA module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack CVE-2011-3599. This update removes t...

Updated glpi package fixes security vulnerabilities

Multiple security vulnerabilities due to improper sanitation of user input in GLPI before versions 0.83.9 CVE-2013-2226, 0.83.91 CVE-2013-2225, and 0.84.2 CVE-2013-5696. This update provides GLPI version 0.83.91, with a patch from GLPI 0.84.2, to fix these issues...

Updated firefox and thunderbird packages fix security vulnerabilities

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox or Thunderbird CVE-2013-1718, CVE-2013-1722,...

Updated lightdm package fixes security vulnerability

lightdm before 1.4.3, 1.6.2 and 1.7.14 created .Xauthority files with world-readable permissions CVE-2013-4331. Additionally, an issue where a user logged into a graphical desktop environment through lightdm would lose privleges to local devices such as the sound card when using the 'su' command...

Updated wordpress and php-phpmailer packages fix security vulnerabilities

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations CVE-2013-4338. WordPress before 3.6.1 does not properly validate URLs before...

Updated python-django package fixes multiple vulnerabilities

Updated python-django package fixes security vulnerabilities: Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to...

Updated python-django package fixes security vulnerability

Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to represent allowed prefixes for the % ssi % template tag, is...

Updated wireshark package fixes security vulnerabilities

The NBAP dissector could crash CVE-2013-5718. The ASSA R3 dissector could go into an infinite loop CVE-2013-5719. The RTPS dissector could overflow a buffer CVE-2013-5720. The MQ dissector could crash CVE-2013-5721. The LDAP dissector could crash CVE-2013-5722. The Netmon file parser could crash...

Updated wireshark package fixes security vulnerabilities

The ASSA R3 dissector could go into an infinite loop CVE-2013-5719. The RTPS dissector could overflow a buffer CVE-2013-5720. The MQ dissector could crash CVE-2013-5721. The LDAP dissector could crash CVE-2013-5722. The Netmon file parser could crash wpna-sec-2013-60...

Updated moodle package fixes multiple security vulnerabilities

Updated moodle package fixes security vulnerabilities: Null characters were allowed in query strings in Moodle before 2.4.6, which caused sql statements to terminate and fail, potentially allowing sql injection in Moodle's SQL Server driver CVE-2013-4313. Links to external blogs were not being...

Updated freeswitch packages fix security vulnerability

In FreeSWITCH before 1.2.12, if the routing configuration includes regular expressions that don't constrain the length of the input, buffer overflows are possible. Since these regular expressions are matched against untrusted input, remote code execution may be possible CVE-2013-2238...

Updated chromium-browser-stable package fix security vulnerabilities

The chrome 29 development team found various issues from internal fuzzing audits, and other studies CVE-2013-2887. Krystian Bigaj discovered a file handling path sanitization issue CVE-2013-2900. Alex Chapman discovered an integer overflow issue in ANGLE, the Almost Native Graphics Layer...

Updated python-OpenSSL package fixes security vulnerability

The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate spoofing CVE-2013-4314...

Updated mediawiki package fixes security vulnerabilities

Full path disclosure in MediaWiki before 1.20.7, when an invalid language is specified in ResourceLoader CVE-2013-4301. Several API modules in MediaWiki before 1.20.7 allowed anti-CSRF tokens to be accessed via JSONP CVE-2013-4302. An issue with the MediaWiki API in MediaWiki before 1.20.7 where ...

Updated subversion package fixes security vulnerability.

svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has been directed at is not a symlink. If the pid file is in a directory writeable by unprivileged users, the destination could be replaced by a...

Updated python-setuptools and python-virtualenv packages fix security vulnerability

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product CVE-2013-1633...

Updated flash-player-plugin package fixes critical security vulnerabilities

Adobe Flash Player 11.2.202.310 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead...

Updated php-pear-Auth_OpenID package fixes security vulnerability

Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via XRDS data containing an external entity declaration in conjunction with an entity...

Updated libmodplug packages fixes security vulnerabilities

An integer overflow within the "abcsetparts" function src/loadabc.cpp can be exploited to corrupt heap memory via a specially crafted ABC file CVE-2013-4233. An error within the "abcMIDIdrum" and "abcMIDIgchord" functions src/loadabc.cpp can be exploited to cause a buffer overflow via a specially...

Updated roundcubemail package fixes security vulnerability

XSS vulnerabilities when saving HTML signatures and when editing a message "as new" or draft in roundcubemail before 0.9.3 CVE-2013-5645...

Updated kde packages fix security issues

This update provides the last stable version of KDE for the 4.10.x branch. Some of the new packages fixes additional issues open on our tracker : - A memory leak in kde-workspace kde 314919 & mga 7953 - A memory leak in kmix mga 10702 & kde 309464 - A packaging issue affecting kdebase4-runtime...

Updated libdigidoc packages fix CVE-2013-5648

Updated libdigidoc packages fix security vulnerability: Fixed one critical bug in the DDOC parsing routines. By persuading a victim to open a specially-crafted DDOC file, a remote attacker could exploit this vulnerability to overwrite arbitrary files on the system with the privileges of the victi...

Updated libtiff packages fix CVE-2013-4244

Updated libtiff packages fix security vulnerability: Pedro Ribeiro and Huzaifa S. Sidhpurwala discovered multiple vulnerabilities in various tools shipped by the tiff library. Processing a malformed file may lead to denial of service or the execution of arbitrary code CVE-2013-4244...

Updated asterisk package fixes security vulnerabilities

A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present CVE-2013-5641. A remotely exploitable crash vulnerability exists in the S...

Updated ngircd package fixes CVE-2013-5580

Updated ngircd package fixes security vulnerability: Denial of service bug server crash in ngIRCd before 20.3 which could happen when the configuration option "NoticeAuth" is enabled which is NOT the default and ngIRCd failed to send the "notice auth" messages to new clients connecting to the...

Updated php packages fix CVE-2013-4248 and prevent the two gd packages being installed at once

Updated php packages fix security vulnerability: The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows...

Updated 389-ds-base packag fixes security vulnerabilies and incorrect group usage

Updated 389-ds-base packages fix security vulnerabilities: It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker with permission to query the Directory Server could use this flaw to determine th...

Updated nagstamon package fixes security vulnerability

A user details information exposure flaw was found in the way Nagstamon performed automated requests to get information about available updates. Remote attackers could use this flaw to obtain user credentials for servers monitored by the desktop status monitor due to their improper base64...

Updated xpdf packages fixes security vulnerability

PDF files could be used to inject shell code when xpdf was run from some terminal emulators, due to the use of escape sequences in error messages CVE-2012-2142...

Updated lcms package fixes security vulnerability

Three buffer overflows in Little CMS version 1.19 that could possibly be exploited through user input CVE-2013-4276...

Updated puppet and puppet3 package fix security vulnerabilities

It was discovered that Puppet incorrectly handled the resourcetype service. A local attacker on the master could use this issue to execute arbitrary Ruby files CVE-2013-4761. It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with...

Updated libtiff packagess fix multiple security vulnerabilities

Updated libtiff packages fix security vulnerabilities: Pedro Ribeiro discovered a buffer overflow flaw in rgb2ycbcr, a tool to convert RGB color, greyscale, or bi-level TIFF images to YCbCr images, and multiple buffer overflow flaws in gif2tiff, a tool to convert GIF images to TIFF. A remote...

Updated znc package fixes CVE-2013-2130

Updated znc packages fix security vulnerability: Multiple vulnerabilities were reported in ZNC version 1.0 which can be exploited by malicious authenticated users to cause a denial of service. These flaws are due to errors when handling the "editnetwork", "editchan", "addchan", and "delchan" page...

Updated python-django packages fix CVE-2013-4249

Updated python-django package fixes security vulnerability: The issafeurl function has been modified to properly recognize and reject URLs which specify a scheme other than HTTP or HTTPS, to prevent cross-site scripting attacks through redirecting to other schemes, such as javascript. CVE-2013-42...

Updated spice packages fix CVE-2013-4130

Updated spice packages fix security vulnerability: An user able to initiate spice connection to the guest could use a flaw in server/redchannel.c to crash the guest CVE-2013-4130...

Updated perl-Proc-ProcessTable packages fix CVE-2011-4363

Updated perl-Proc-ProcessTable package fixes security vulnerability: ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS CVE-2011-4363...

Updated rubygem-passenger package fixes CVE-2013-4136 & apache module

Updated rubygem-passenger package fixes security vulnerability: It was reported that Phusion Passenger would reuse existing server instance directories temporary directories which could cause Passenger to remove or overwrite files belonging to other instances CVE-2013-4136. Additionally, the...

Updated python3, bzr and some python packages fix security vulnerabilties

Updated python3 packages fix security vulnerabilities: A denial of service flaw was found in the way SSL module implementation of Python 3 performed matching of the certificate's name in the case it contained many '' wildcard characters. A remote attacker, able to obtain valid certificate with it...

Updated libimobiledevice packages fix CVE-2013-2142

Updated libimobiledevice packages fix security vulnerability: Paul Collins discovered that libimobiledevice incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files and access device keys. In the default Ubuntu installation, this issue shoul...