7574 matches found
Mozilla Firefox and others: Update to Firefox 20.0 release (important)
The Mozilla suite received security and bugfix updates: Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla Seamonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3...
postgresql92: Various security fixes. Update to 9.2.4. (important)
postgresql was updated to version 9.2.4 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...
postgresql91 to version 9.1.9. (important)
postgresql was updated to version 9.1.9 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
pidgin: 2.10.7 update to fix security issues and bugs (important)
Pidgin was updated to 2.10.7 to fix various security issues and the bug that IRC did not work at all in 12.3. Changes: - Add pidgin-irc-sasl.patch: link irc module to SASL. Allows the IRC module to be loaded bnc806975. - Update to version 2.10.7 bnc804742: + Alien hatchery: - No changes + General...
firebird: fix for remote stack overflow (important)
This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird...
update for perl (important)
Perl was updated to fix 3 security issues: - fix rehash denial of service compute time bnc804415 CVE-2013-1667 - improve CGI crlf escaping bnc789994 CVE-2012-5526 - sanitize input in Maketext.pm to avoid code injection bnc797060 CVE-2012-6329...
update for perl (important)
Perl was updated to fix 3 security issues: - fix rehash denial of service compute time bnc804415 CVE-2013-1667 - improve CGI crlf escaping bnc789994 CVE-2012-5526 - sanitize input in Maketext.pm to avoid code injection bnc797060 CVE-2012-6329 In openSUSE 12.1 also the following non-security bug w...
fix for remote stack overflow (important)
This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird...
seamonkey: update to 2.16.1 (important)
seamonkey was updated to version 2.16.1 fixing a severe security issue. MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor...
MozillaFirefox: Updated to 19.0.2 (important)
Mozilla Firefox was updated to 19.0.2 bnc808243 fixing: MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor could be used for code execution blocklist updates...
xulrunner to 17.0.4esr (important)
xulrunner was updated to 17.0.4esr bnc808243 to fix a important security issue: MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor...
MozillaThunderbird: 17.0.4 release (important)
MozillaThunderbird was updated to 17.0.4 bnc808243 MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor...
flash-player: update to version 11.2.202.275 (critical)
Adobe Flash Player was updated to 11.2.202.275: bnc808973 APSB13-09, CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-09.ht ml...
flash-player: update to version 11.2.202.275 (critical)
Adobe Flash Player was updated to 11.2.202.275: bnc808973 APSB13-09, CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-09.ht ml...
java-1_6_0-openjdk: update to 1.12.4 (important)
java-160-openjdk aka IcedTea was updated to 1.12.4 - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion...
Mozilla updates (FF 19.0.2, SM 2.16.1, TB 17.0.4) (important)
Update to - Firefox 19.0.2 - Seamonkey 2.16.1 - Thunderbird 17.0.4 which fix a use-after-free in HTML Editor which could allow for arbitrary code execution...
java-1_6_0-openjdk: update to 1.12.4 (important)
java-160-openjdk aka IcedTea was updated to 1.12.4 bnc807487 - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion...
pidgin: various security fixes (important)
pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. CVE-2013-0274 - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. CVE-2013-0273 - Fix a bug where the MXit server or a man-in-the-middle could...
pidgin: various security fixes (important)
pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. CVE-2013-0274 - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. CVE-2013-0273 - Fix a bug where the MXit server or a man-in-the-middle could...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACESETREGS ptrace system call in a crafted application, as demonstrated by ptracedeath. CVE-2013-0160...
kernel: fixed local privilege escalation (important)
The Linux kernel was updated to 3.4.33 and to fix a local root privilege escalation and various other security and non-security bugs. CVE-2013-1763: A out of bounds access in sockdiag could be used by local attackers to execute code in kernel context and so become root. CVE-2013-0160: The atime o...
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
java-160-openjdk was updated to IcedTea 1.12.3 bnc804654 containing security and bugfixes: Security fixes - S8006446: Restrict MBeanServer access CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13 CVE-2013-0169 - S8007688: Blacklist known bad certificate issued by DigiCer...
java-1_7_0-openjdk: update to 2.3.6 (critical)
java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
java-160-openjdk was updated to IcedTea 1.12.3 bnc804654 containing security and bugfixes: Security fixes - S8006446: Restrict MBeanServer access CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13 CVE-2013-0169 - S8007688: Blacklist known bad certificate issued by DigiCer...
flash-player: Update to 11.2.202.243 (critical)
Flash Player was updated to 11.2.202.243 CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264,...
update for flash-player (critical)
This version upgrade of flash-player fixed multiple unspecified code execution vulnerabiliies...
flash-player to 11.2.202.262 (critical)
Adobe Flash Player was updated to 11.2.202.262 to fix various security issues and bugs...
flash-player: update to 11.2.202.270 (critical)
Adobe Flash Player was updated to 11.2.202.270: bnc803485 APSB13-05, CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639,...
flash-player: Update to 11.2.202.251 (important)
Flash Player was updated to 11.2.202.251 bnc788450, fixing severe security issues: CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280...
flash-player to 11.2.202.273 (critical)
Flash Player was updated to 11.2.202.273 to fix critical security issues: bnc806415 APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.h tml...
acroread to 9.5.4 (critical)
acroread was updated to 9.5.4 to fix remote code execution problems. CVE-2013-0640, CVE-2013-0641 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-07.ht ml...
flash-player to 11.2.202.238 (critical)
Adobe Flash Player was updated to 11.2.202.238 fixing various bugs and security issues...
flash-player to 11.2.202.273 (critical)
Flash Player was updated to 11.2.202.273 to fix critical security issues: bnc806415 APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.h tml...
flash-player to 11.2.202.273 (critical)
Flash Player was updated to 11.2.202.273 to fix critical security issues: bnc806415 APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.h tml...
acroread to 9.5.4 (critical)
acroread was updated to 9.5.4 to fix remote code execution problems. CVE-2013-0640, CVE-2013-0641 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-07.ht ml...
acroread to 9.5.4 (critical)
acroread was updated to 9.5.4 to fix remote code execution problems. CVE-2013-0640, CVE-2013-0641 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-07.ht ml...
Mozilla: February 2013 update round (Firefox 19) (important)
MozillaFirefox was updated to Firefox 19.0 bnc804248 MozillaThunderbird was updated to Thunderbird 17.0.3 bnc804248 seamonkey was updated to SeaMonkey 2.16 bnc804248 xulrunner was updated to 17.0.3esr bnc804248 chmsee was updated to version 2.0. Changes in MozillaFirefox 19.0: MFSA...
java-1_6_0-openjdk to 1.12.1 (important)
OpenJDK java-160-openjdk was updated to 1.12.1 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...
java-1_6_0-openjdk to 1.12.2 (important)
OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...
flash-player: update to 11.2.202.270 (critical)
Adobe Flash Player was updated to 11.2.202.270: bnc803485 APSB13-05, CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639,...
flash-player: update to 11.2.202.270 (critical)
Adobe Flash Player was updated to 11.2.202.270: bnc803485 APSB13-05, CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639,...
flash-player to 11.2.202.262 (critical)
Adobe Flash Player was updated to 11.2.202.262 to fix various security issues and bugs...
ruby on rails to 2.3.16 (important)
This update updates the RubyOnRails 2.3 stack to 2.3.16. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions w...
flash-player to 11.2.202.262 (critical)
Adobe Flash Player was updated to 11.2.202.262 to fix various security issues and bugs...
ruby on rails to 2.3.16 (important)
This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed...
update for libvirt (important)
Update to libvirt 0.9.11.9 stable release - Fixes CVE-2013-0170 by including cherry picked master commit 46532e3e, bnc800976 - Fix starting lxc VM e.g from OpenStack bnc793900 and rh858104...
libvirt to fix use-after-free in virNetMessageFree() (important)
libvirt was updated to fix some bugs and security issues: Security issues fixed: - Fix crash on error paths of message dispatching, CVE-2013-0170 bnc800976 - security: Fix libvirtd crash possibility CVE-2012-4423 bnc780432 Also bugs were fixed: - qemu: Fix probing for guest capabilities bnc772586...
java-1_7_0-openjdk: update to icedtea-2.3.4 (critical)
java-170-openjdk was updated to icedtea-2.3.4 fixing bugs and also severe security issues: Security fixes - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries - S8006017, CVE-2013-0422: Improve lookup resolutions - S8006125: Update MethodHandles library interactions Bug fixe...