7843 matches found
MozillaThunderbird: 17.0.7 (important)
MozillaThunderbird was updated to Thunderbird 17.0.7 bnc825935 Security issues fixed: MFSA 2013-49/CVE-2013-1682 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687 bmo863933, bmo8668...
regular updates for Mozilla applications (FF/TB) (important)
update to Firefox 22.0 and Thunderbird 17.0.7 including the following security fixes MFSA 2013-49 Miscellaneous memory safety hazards MFSA 2013-50 Memory corruption found using Address Sanitizer MFSA 2013-51 Privileged content access and execution via XBL MFSA 2013-52 Arbitrary code execution...
kernel (critical)
The openSUSE 12.3 kernel was updated to fix a critical security issue and two reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target...
kernel: security and bugfix update (critical)
The openSUSE 12.2 kernel was updated to fix security issue and other bugs. Security issues fixed: CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi...
kernel (critical)
The openSUSE 12.1 kernel was updated to fix a critical security issue and also some reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi...
flash-player to 11.2.202.285 (important)
flash-player was updated to security update to 11.2.202.285 APSB13-14, CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335...
kernel: security and bugfix update (critical)
The openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perfsweventinit function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain...
MozillaFirefox: update to version 21.0 (important)
MozillaFirefox was updated to Firefox 21.0 bnc819204 MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-43/CVE-2013-1671 bmo842255 File input control has access to full path MF...
xulrunner to 17.0.6esr (important)
Mozilla xulrunner was updated to 17.0.6esr bnc819204 MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-46/CVE-2013-1674 bmo860971 Use-after-free with video and onresize event...
kernel: security and bugfix update (important)
The Linux kernel was updated to 3.0.74 to fix various bugs and security issues...
MozillaThunderbird: update to 17.0.6 (important)
MozillaThunderbird was updated to security update Thunderbird 17.0.6 bnc819204: MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-46/CVE-2013-1674 bmo860971 Use-after-free wit...
flash-player to 11.2.202.285 (important)
flash-player was updated to security update to 11.2.202.285: APSB13-14, CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335...
kernel: security and bugfix update (important)
The openSUSE 12.1 kernel was updated to fix a severe secrutiy issue and various bugs. Security issues fixed: CVE-2013-2094: The perfsweventinit function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted...
MozillaThunderbird: update to 17.0.6 (important)
MozillaThunderbird was updated to security update Thunderbird 17.0.6 bnc819204: MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-46/CVE-2013-1674 bmo860971 Use-after-free wit...
xulrunner to 17.0.6esr (important)
Mozilla xulrunner was updated to 17.0.6esr bnc819204 MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-46/CVE-2013-1674 bmo860971 Use-after-free with video and onresize event...
MozillaFirefox: update to version 21.0 (important)
MozillaFirefox was updated to Firefox 21.0 bnc819204 MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-43/CVE-2013-1671 bmo842255 File input control has access to full path MF...
flash-player update to 11.2.202.280 (important)
Adobe Flash Player was updated to 11.2.202.280: http://www.adobe.com/support/security/bulletins/apsb13-11.ht ml APSB13-11, CVE-2013-1378, CVE-2013-1379, CVE-2013-1380, CVE-2013-2555...
postgresql: security and bugfix update to 9.0.13 (important)
Postgresql was updated to version 9.0.13 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...
Mozilla Firefox and others: Update to 20.0/17.0.5 releases (important)
The Mozilla suite received security and bugfix updates: Firefox was updated to version 20.0. Thunderbird was updated to version 17.0.5. Seamonkey was updated to version 2.17 mozilla-nss was updated to version 3.14.3. mozilla-nspr was updated to version 4.9.6. mozilla-nspr was updated to version...
Mozilla Firefox and others: Update to Firefox 20.0 release (important)
The Mozilla suite received security and bugfix updates: Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla Seamonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3...
postgresql92: Various security fixes. Update to 9.2.4. (important)
postgresql was updated to version 9.2.4 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...
postgresql91 to version 9.1.9. (important)
postgresql was updated to version 9.1.9 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
pidgin: 2.10.7 update to fix security issues and bugs (important)
Pidgin was updated to 2.10.7 to fix various security issues and the bug that IRC did not work at all in 12.3. Changes: - Add pidgin-irc-sasl.patch: link irc module to SASL. Allows the IRC module to be loaded bnc806975. - Update to version 2.10.7 bnc804742: + Alien hatchery: - No changes + General...
firebird: fix for remote stack overflow (important)
This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird...
update for perl (important)
Perl was updated to fix 3 security issues: - fix rehash denial of service compute time bnc804415 CVE-2013-1667 - improve CGI crlf escaping bnc789994 CVE-2012-5526 - sanitize input in Maketext.pm to avoid code injection bnc797060 CVE-2012-6329...
update for perl (important)
Perl was updated to fix 3 security issues: - fix rehash denial of service compute time bnc804415 CVE-2013-1667 - improve CGI crlf escaping bnc789994 CVE-2012-5526 - sanitize input in Maketext.pm to avoid code injection bnc797060 CVE-2012-6329 In openSUSE 12.1 also the following non-security bug w...
fix for remote stack overflow (important)
This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird...
seamonkey: update to 2.16.1 (important)
seamonkey was updated to version 2.16.1 fixing a severe security issue. MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor...
MozillaFirefox: Updated to 19.0.2 (important)
Mozilla Firefox was updated to 19.0.2 bnc808243 fixing: MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor could be used for code execution blocklist updates...
xulrunner to 17.0.4esr (important)
xulrunner was updated to 17.0.4esr bnc808243 to fix a important security issue: MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor...
MozillaThunderbird: 17.0.4 release (important)
MozillaThunderbird was updated to 17.0.4 bnc808243 MFSA 2013-29/CVE-2013-0787 bmo848644 Use-after-free in HTML Editor...
flash-player: update to version 11.2.202.275 (critical)
Adobe Flash Player was updated to 11.2.202.275: bnc808973 APSB13-09, CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-09.ht ml...
flash-player: update to version 11.2.202.275 (critical)
Adobe Flash Player was updated to 11.2.202.275: bnc808973 APSB13-09, CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375 More information can be found on: http://www.adobe.com/support/security/bulletins/apsb13-09.ht ml...
java-1_6_0-openjdk: update to 1.12.4 (important)
java-160-openjdk aka IcedTea was updated to 1.12.4 - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion...
Mozilla updates (FF 19.0.2, SM 2.16.1, TB 17.0.4) (important)
Update to - Firefox 19.0.2 - Seamonkey 2.16.1 - Thunderbird 17.0.4 which fix a use-after-free in HTML Editor which could allow for arbitrary code execution...
java-1_6_0-openjdk: update to 1.12.4 (important)
java-160-openjdk aka IcedTea was updated to 1.12.4 bnc807487 - S8007014, CVE-2013-0809: Improve image handling - S8007675, CVE-2013-1493: Improve color conversion...
pidgin: various security fixes (important)
pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. CVE-2013-0274 - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. CVE-2013-0273 - Fix a bug where the MXit server or a man-in-the-middle could...
pidgin: various security fixes (important)
pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. CVE-2013-0274 - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. CVE-2013-0273 - Fix a bug where the MXit server or a man-in-the-middle could...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACESETREGS ptrace system call in a crafted application, as demonstrated by ptracedeath. CVE-2013-0160...
kernel: fixed local privilege escalation (important)
The Linux kernel was updated to 3.4.33 and to fix a local root privilege escalation and various other security and non-security bugs. CVE-2013-1763: A out of bounds access in sockdiag could be used by local attackers to execute code in kernel context and so become root. CVE-2013-0160: The atime o...
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
java-160-openjdk was updated to IcedTea 1.12.3 bnc804654 containing security and bugfixes: Security fixes - S8006446: Restrict MBeanServer access CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13 CVE-2013-0169 - S8007688: Blacklist known bad certificate issued by DigiCer...
java-1_7_0-openjdk: update to 2.3.6 (critical)
java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
java-160-openjdk was updated to IcedTea 1.12.3 bnc804654 containing security and bugfixes: Security fixes - S8006446: Restrict MBeanServer access CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13 CVE-2013-0169 - S8007688: Blacklist known bad certificate issued by DigiCer...
flash-player: Update to 11.2.202.243 (critical)
Flash Player was updated to 11.2.202.243 CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264,...
update for flash-player (critical)
This version upgrade of flash-player fixed multiple unspecified code execution vulnerabiliies...
flash-player to 11.2.202.262 (critical)
Adobe Flash Player was updated to 11.2.202.262 to fix various security issues and bugs...
flash-player: update to 11.2.202.270 (critical)
Adobe Flash Player was updated to 11.2.202.270: bnc803485 APSB13-05, CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639,...
flash-player: Update to 11.2.202.251 (important)
Flash Player was updated to 11.2.202.251 bnc788450, fixing severe security issues: CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280...