Updated axis package fixes security vulnerability

Apache Axis did not verify that the server hostname matched the domain name in the subject's Common Name CN or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name CVE-2012-578...

Updated jakarta-commons-httpclient package fixes security vulnerability

The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name CN or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for...

Updated wordpress package fixes security vulnerabilities

A denial of service flaw was found in the way Wordpress, a blog tool and publishing platform, performed hash computation when checking password for password protected blog posts. A remote attacker could provide a specially- crafted input that, when processed by the password checking mechanism of...

Updated xen package fixes security issues

This update fixes the following security issues: XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV...

Updated otrs package fixes security vulnerabilities

An attacker with a valid agent login could manipulate URLs in the ticket watch mechanism to see contents of tickets they are not permitted to see CVE-2013-3551, CVE-2013-4088...

Updated autotrace package fixes security vulnerability

Stack-based buffer overflow in bmp parser CVE-2013-1953. Updated autotrace package corrects the issue...

Updated chromium-browser-stable packages fixes security vulnerabilities

Use-after-free vulnerability in the SVG implementation allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors CVE-2013-2837. Google V8, as used in Chromium before 27.0.1453.93, allows remote attackers to cause a denial of service...

Updated xml-security-c package fixes multiple security vulnerabilities

The implementation of XML digital signatures in the Santuario-C++ library is vulnerable to a spoofing issue allowing an attacker to reuse existing signatures with arbitrary content CVE-2013-2153. A stack overflow, possibly leading to arbitrary code execution, exists in the processing of malformed...

Updated fail2ban packages fix CVE-2013-2178

Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...

Updated tomcat7 packages fix CVE-2013-2071

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other application...

Updated mesa packages fix multiple vulnerabilties

An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs Mozilla Firefox does this, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Updated Firefox and Thunderbird packages fix multiple vulnerabilities

Updated firefox packages fix security vulnerabilities.. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2013-1682,...

Updated curl packages fix CVE-2013-2174

libcurl is vulnerable to a case of bad checking of the input data which may lead to heap corruption. The function curleasyunescape decodes URL encoded strings to raw binary data. URL encoded octets are represented with %HH combinations where HH is a two-digit hexadecimal number. The decoded strin...

Updated puppet packages fix remote code execution vulnerability

When making REST api calls, the puppet master takes YAML from an untrusted client, deserializes it, and then calls methods on the resulting object. A YAML payload can be crafted to cause the deserialization to construct an instance of any class available in the ruby process, which allows an...

Updated X.org packages fix multiple security vulnerabilities

Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to...

Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities

Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption CVE-2013-2470, CVE-2013-2471, CVE-2013-2472...

Updated perl-Module-Signature package fixes CVE-2013-2145

Arbitrary code execution vulnerability in Module::Signature before 0.72 CVE-2013-2145...

Updated perl-Dancer package fixes CVE-2012-5572

A security flaw was found in the way Dancer.pm, lightweight yet powerful web application framework / Perl language module, performed sanitization of values to be used for cookie and cookies methods. A remote attacker could use this flaw to inject arbitrary headers into responses from Perl...

Updated ffmpeg packages fix several security vulnerabilities

ffmpeg prior to 1.1.5 contains several security vulnerabilities CVE-2013-3671: The formatline function in log.c in libavutil uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service invalid pointer dereference and application...

Updated wireshark packages fix multiple security vulnerabilities

The CAPWAP dissector could crash CVE-2013-4074. The GMR-1 BCCH dissector could crash CVE-2013-4075. The PPP dissector could crash CVE-2013-4076. The NBAP dissector could crash CVE-2013-4077. The RDP dissector could crash CVE-2013-4078. The GSM CBCH dissector could crash CVE-2013-4079. The Assa...

Updated wireshark packages fix multiple security vulverabilities

The CAPWAP dissector could crash CVE-2013-4074. The HTTP dissector could overrun the stack CVE-2013-4081. The DCP ETSI dissector could crash CVE-2013-4083...

apache-mod_security new security issue CVE-2013-2765

Updated apache-modsecurity packages fix security vulnerability: When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on...

Updated nfs-utils packages fix security vulnerability

It was reported that rpc.gssd in nfs-utils is vulnerable to DNS spoofing due to it depending on PTR resolution for GSSAPI authentication. Because of this, if a user where able to poison DNS to a victim's computer, they would be able to trick rpc.gssd into talking to another server perhaps with le...

Updated flash-player-plugin package fixes memory corruption vulnerability

Advisory: Adobe Flash Player 11.2.202.291 contains a fix to a critical security vulnerability found in earlier versions. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves a memory corruption vulnerability that cou...

Updated php package fixes several issues

Fixed php bug 64879 Heap based buffer overflow in quotedprintableencode, CVE-2013-2110. Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang...

Updated subversion packages fix security vulnerabilities

Subversion repositories with the FSFS repository data store format can be corrupted by newline characters in filenames. A remote attacker with a malicious client could use this flaw to disrupt the service for other users using that repository CVE-2013-1968. Subversion's svnserve server process ma...

Updated apache packages fix security vulnerabilities

It was found that modrewrite did not filter terminal escape sequences from its log file. If modrewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the modrewrite log file. If a victim viewed the...

Updated dbus packages fix security vulnerability

Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in dbusprintfstringupperbound. This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead to...

Updated php packages fix security vulnerabilies

Heap based buffer overflow in quotedprintableencode in PHP before version 5.4.16 CVE-2013-2110. Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service applicati...

Updated owncloud package fixes security vulnerabilities

Cross-site scripting XSS vulnerabilities in js/viewer.js inside the filesvideoviewer application via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files CVE-2013-2150...

Updated telepathy-gabble package fixes security vulnerability

Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass TLS verification and perform a man-in-the-middle attack...

Updated qemu packages fix security vulnerability

It was found that QEMU Guest Agent the "qemu-ga" service created certain files with world-writable permissions when run in daemon mode the default mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the content...

Updated sssd packages fix security vulnerability

A TOCTOU time-of-check time-of-use race condition was found in the way SSSD, System Security Services Daemon, performed copying and removal of user directory trees.A local attacker, with permissions to write into directory of the victim, being actively / currently copied / removed via the sssd...

Updated moodle package fix security vulnerabilities

The assignment module in Moodle before 2.4.4 was not checking capabilities for users downloading all assignments as a zip CVE-2013-2079. The Gradebook's Overview report in Moodle before 2.4.4 was showing grade totals that may have incorrectly included hidden grades CVE-2013-2080. When registering...

Updated libraw packages fix security vulnerability

A double-free error exits when handling damaged full-color within Foveon and sRAW files in libraw before 0.15.2 CVE-2013-2126...

Updated nginx package fixes security vulnerability

A security problem related to CVE-2013-2028 was identified, affecting some previous nginx versions if proxypass to untrusted upstream HTTP servers is used. The problem may lead to a denial of service or a disclosure of a worker process memory on a specially crafted response from an upstream proxi...

Updated socat package fixes security vulnerability

Under certain circumstances an FD leak occurs and can be misused for denial of service attacks against socat running in server mode CVE-2013-3571...

Updated krb5 packages fix security vulnerability

The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack CVE-2002-2443...

Updated flightgear package fixes security vulnerability

It was reported that FlightGear suffers from improper handling of format strings when FlightGear is started with allowances for remote access via the --props or --telnet commandline arguments. If a remote attacker were able to connect to FlightGear and set special parameters related with clouds, ...

Updated php-geshi package fix security vulnerabilities

A directory traversal and information disclosure local file inclusion flaws were found in the cssgen contrib module application to generate custom CSS files of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote...

Updated wireshark packages fix security vulnerability (Mageia 2)

The ASN.1 BER dissector could crash CVE-2013-3557...

Updated libvirt packages fix security vulnerability

It was found that libvirtd leaked file descriptors when listing all volumes for a particular pool. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to cause libvirtd to consume all available file descriptors, preventing other users from using libvirtd...

Updated wireshark packages fix security vulnerabilities (Mageia 3)

The RELOAD dissector could go into an infinite loop CVE-2013-2486, CVE-2013-2487. The GTPv2 dissector could crash CVE-2013-3555. The ASN.1 BER dissector could crash CVE-2013-3557. The PPP CCP dissector could crash CVE-2013-3558. The DCP ETSI dissector could crash CVE-2013-3559. The MPEG DSM-CC...