Update SSL CA certificates (important)

This updates includes the latest SSL root certificates trusted by Mozilla as of 2011-08-31. This includes removing the DigiNotar CA...

apache2: Fixed a remote denial of service via byte-ranges (important)

This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192...

MozillaFirefox: Update to Firefox 6 (important)

Mozilla Firefox was updated to version 6. It brings new features, fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-29.ht ml Mozilla Foundation Security Advisory 2011-29 MFSA 2011-29 Miscellaneous memory safety hazards:...

MozillaThunderbird: Update to 3.1.12 (important)

Mozilla Thunderbird was updated to 3.1.12 fixing various bugs and security issues: Mozilla Foundation Security Advisory 2011-32 MFSA 2011-32 http://www.mozilla.org/security/announce/2011/mfsa2011-32.ht ml Many of the issues listed below are not exploitable through mail since JavaScript is disable...

MozillaFirefox: Update to Firefox 3.6.20 (important)

Mozilla Firefox was updated to version 3.6.20. It fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-30.ht ml Mozilla Foundation Security Advisory 2011-30 MFSA 2011-30 Miscellaneous memory safety hazards Mozilla developers...

seamonkey: Update to Mozilla Seamonkey 2.3 (important)

Mozilla Seamonkey suite was updated to version 2.3. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-33.ht ml Mozilla Foundation Security Advisory 2011-33 MFSA 2011-33 Mozilla Foundation Security Advisory 2011-...

libmodplug: Fixed multiple vulnerabilities reported in <= 0.8.8.3 (important)

This update of libmodplug0 fixes the following issues: 1 An integer overflow error exists within the "CSoundFile::ReadWav" function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WA...

xen: Fixed a security bug and various other bugs (important)

Security / Collective Update for Xen Xen: - bnc702025 - VUL-0: xen: VT-d PCI passthrough MSI trap injection CVE-2011-1898 - bnc703924 - update block-npiv scripts to support BFA HBA - bnc689954 - L3: Live migrations fail when guest crashes: domaincrashsync called from entry.S - bnc693472 - Bridge...

mozilla-nss: Update to 3.12.11 (important)

The mozilla NSS libraries were updated to 3.12.11 to align with newer Mozilla seamonkey and Firefox releases. Interesting changes are: - blacklisting malicious root certificates - several bugfixes...

ecryptfs-utils: Update to fix various symlink race attacks (important)

This update of ecryptfs-utils fixes several security problems: - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 -...

flash-player (critical)

The update to Flash-Player 10.3.188.5 fixes various security issues: - CVE-2011-2130: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P - CVE-2011-2134: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P - CVE-2011-2135: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P - CVE-2011-2136: CVSS v2...

apache2-mod_fcgid: fixed possible stack overflow due to wrong pointer arithmetic (CVE-2010-3872) (important)

A possible stack overflow in apache2-modfcgid due to wrong pointer arithmetic has been fixed. CVE-2010-3872 has been assigned to this issue...

freetype: Fixed several off-by-one / length checks missing (important)

This freetype2 update fixes sign extension problems and missing length checks. This issue was used in one of the last jailbreakme exploits for Apple iPhone/iPad products. CVE-2011-0226...

compat-openssl097g (important)

This update adds openssl patches since 2007 for: - CVE-2008-5077 - CVE-2009-0590 - CVE-2009-0789 - CVE-2009-3555 - CVE-2010-4180...

kvm (important)

A privileged guest user could cause a buffer overflow in the virtio subsystem of the host, therefore crashing the guest or potentially execute arbitrary code on the host CVE-2011-2212, CVE-2011-2512...

bind: fixing remote Denial of Service (CVE-2011-2464) (important)

A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers recursive as well as authoritative to exit. CVE-2011-2464 has been assigned to this issue...

mariadb: Fixed missing innodb support after last update (critical)

The last security version upgrade of MariaDB a MySQL fork removed innodb support, breaking old databases. This update fixes this problem. - 704811: mariadb "security update" breaks database...

MozillaThunderbird: Update to Thunderbird 3.1.11 (important)

Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues: MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards MFSA 2011-20/CVE-2011-2373 bmo617247 Use-after-fre...

java-1_6_0-openjdk (important)

Icedtea as included in java-160-openjdk was updated to fix several security issues: S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win S6618658, CVE-2011-0865: Vulnerability in deserialization S7012520, CVE-2011-0815: Heap overflow...

subversion: security udpate (important)

Subversion was updated to version 1.6.17 to fix several security issues: - CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes al...

subversion security udpate (important)

CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The moddavsvn Apache...

opera (important)

opera 11.11 fixes a security vulnerability. Citing http://www.opera.com/support/kb/view/992/: Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a memory corruption. To inject code, additional...

flash-player: Update to 10.3.181.26 (critical)

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability CVE-2011-2110 could cause a crash and potentiall...

Oracle Java 26 (critical)

Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864,...