7848 matches found
XEN: security and bugfix update (important)
This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...
XEN: security and bugfix update (important)
This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...
update for libotr (important)
This update of libotr fixed multiple buffer overflows...
update for plib (important)
This update of plib fixed two stack-based buffer overflows...
opera to 12.10 (important)
This Opera 12.10 security update fixes following security issues: -an issue that could cause Opera not to correctly check for certificate revocation; -an issue where CORS requests could incorrectly retrieve contents of cross origin pages; -an issue where data URIs could be used to facilitate...
flash-player: Update to 11.2.202.251 (important)
Flash Player was updated to 11.2.202.251 bnc788450, fixing severe security issues: CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280...
update for cgit (important)
Specially-crafted commits can cause code to be executed on the clients due to improperly quoted arguments...
update for cgit (important)
Specially-crafted commits can cause code to be executed on the clients due to improperly quoted arguments...
java-1_6_0-openjdk: update to 1.11.5 (important)
java 1.6.0 openjdk / icedtea was updated to 1.11.5 bnc785433 Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7167656, CVE-2012-5077: Multiple Seeders a...
java-1_6_0-openjdk: update to 1.11.5 icedtea (important)
This version upgrade to 1.11.5 fixed various security and non-security issues...
update for cgit (important)
Specially-crafted commits could trigger a heap-based buffer overflow...
update for cgit (important)
Specially-crafted commits could trigger a heap-based buffer overflow...
java-1_7_0-openjdk: Update to icedtea-2.3.3 (important)
java-170-opendjk was updated to icedtea-2.3.3 bnc785814 Security fixes - S6631398, CVE-2012-3216: FilePermission improved path checking - S7093490: adjust package access in rmiregistry - S7143535, CVE-2012-5068: ScriptEngine corrected permissions - S7158796, CVE-2012-5070: Tighten properties...
Mozilla Suite: Update to 16.0.2 (important)
Mozilla Firefox, Thunderbird and XULRunner were updated to 16.0.2. Mozilla Seamonkey was updated to 2.13.2. Tracker bug: bnc786522 A security issues was fixed: MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 bmo800666, bmo793121, bmo802557 Fixes for Location object issues The update also...
exim: overflow in DKIM handling fixed (critical)
This update fixes a remotely exploitable overflow in DKIM handling...
update for chromium (important)
Chromium was upgraded to version 24.0.1290 which fixed multiple security flaws...
bind: Specially crafted DNS data can cause a lockup in named. (important)
The bind nameserver was updated to fix specially crafted DNS data can cause a lockup in named...
MozillaFirefox: update to Firefox 16.0.1 (important)
The Mozilla suite received following security updates bnc783533: Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1. MFSA 2012-88/CVE-2012-4191 bmo798045 Miscellaneous memory safety...
kernel: security and bugfix update (important)
This kernel update to 3.4.11 fixes various bugs and security issues. The changes up to 3.4.11 contain both security and bugfixes and are not explicitly listed here. Following security issues were fixed: CVE-2012-3520: Force passing credentials, otherwise local services could be fooled to assume...
flash-player: Update to 11.2.202.243 (critical)
Flash Player was updated to 11.2.202.243 CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264,...
ghostscript (important)
The following security issue was fixed in ghostscript: Multiple integer underflows in the icmLutallocate function in International Color Consortium ICC Format library icclib, as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service crash...
update for dbus-1, dbus-1-x11 (important)
This update fixed CVE-2012-3524 getenv vulnerability, which can be used by local attackers to escalate privileges to root...
chromium: update to 21.0.1180.88 (important)
Chromium was updated to 21.0.1180.88 to fix various bugs and security issues. Security fixes and rewards: Please see the Chromium security pagehttp://sites.google.com/a/chromium.org/dev/Home/chromiu m-securityfor more detail. Note that the referenced bugs may be kept private until a majority of o...
freeradius: fix stack overflow in TLS handling (important)
This update of freeradius fixes a stack overflow in TLS handling, which can be exploited by remote attackers able to access Radius to execute code...
bind: fixed a remote denial of service attack (abort) (critical)
A remote denial of service attack was fixed in the BIND DNS nameserver, which could be caused by attackers providing a specifically prepared zone file for recursive transfer. CVE-2012-4244...
java-1_6_0-openjdk: icedtea-web update to 1.11.4 (bnc#) (critical)
The icedtea-web Java plugin was updated to 1.11.4 to fix critical security issues: Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7163201, CVE-2012-0547: Simplify toolkit internals references OpenJDK - S7182135: Impossible to use some editors directly -...
Security Update for Xen (important)
Security Update for Xen Following fixes were done: - bnc776995 - attaching scsi control luns with pvscsi - xend/pvscsi: fix passing of SCSI control LUNs xen-bug776995-pvscsi-no-devname.patch - xend/pvscsi: fix usage of persistant device names for SCSI devices...
Security Update for Xen (important)
Security Update for Xen Following bug and security fixes were applied: - bnc776995 - attaching scsi control luns with pvscsi - xend/pvscsi: fix passing of SCSI control LUNs xen-bug776995-pvscsi-no-devname.patch - xend/pvscsi: fix usage of persistant device names for SCSI devices...
qemu: Fix buffer overflow in console VT100 emulation (important)
qemu was fixed to add bounds checking for VT100 escape code parsing and cursor placement. Also qemu was updated on 12.2 and 11.4 to the latest stable release v1.1.1 and v0.14.1 respectively...
java-1_7_0-openjdk: security fix for remote exploit (critical)
Java-170-openjdk was updated to fix a remote exploit CVE-2012-4681. Also bugfixes were done: - fix build on ARM and i586 - remove files that are no longer used - zero build can be enabled using rpmbuild osc build --with zero - add hotspot 2.1 needed for zero - fix filelist on %ix86 Security fixes...
gimp to fix various issues (important)
Multiple integer overflows in various decoder plug-ins of GIMP have been fixed...
MozillaFirefox: Update to version 15 (critical)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...
MozillaFirefox: Update to version 15 (critical)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...
calligra: security and bugfix update. (important)
Fix buffer overflow in MS Word ODF filter among other non-security related bugs. Also a version update to 2.4.3 happened: Words: - Always show vertical scroll bar to avoid race condition kde301076 - Do not save with an attribue that makes LibreOffice and OpenOffice crash kde298689 Kexi: - Fixed...
flash-player to 11.2.202.238 (critical)
Adobe Flash Player was updated to 11.2.202.238 fixing various bugs and security issues...
update for chromium, v8 (important)
Version upgrade of chromium to address multiple security vulnerabilities...
opera to 12.01 (important)
Opera was updated to version 12.1, fixing various bugs and security issues. http://www.opera.com/docs/changelogs/unix/1201/ Fixes and Stability Enhancements since Opera 12.00 General and User Interface Several general fixes and stability improvements Website thumbnail memory usage improvements...
update for icedtea-web (important)
This update of icedtea-web fixed multiple hewap buffer overflows...
icedtea-web: Update to 1.2.1 (bnc#) (important)
update to 1.2.1 bnc773458 - Security Updates CVE-2012-3422, RH840592: Potential read from an uninitialized memory location CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings - NetX PR898: signed applications with big jnlp-file doesn't start webstart affect like "frozen"...
rubygem-actionpack/activerecord-2_3 (important)
3 Security issues were fixed in rails 2.3 core components. 2 NULL query issues where fixed in the actionpack gem. 1 SQL injection was fixed in the activerecord gem...
seamonkey: Update to Seamonkey 2.11 (important)
Seamonkey was updated to version 2.11 bnc771583 MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1 952 Gecko memory corruption MFSA 2012-45/CVE-2012-1955 bmo757376 Spoofing issue with location MFSA...
xulrunner to 14.0.1 (critical)
Mozilla XULRunner was updated to 14.0.1, fixing bugs and security issues: Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed eviden...
MozillaThunderbird: update to Thunderbird 14.0 (important)
Mozilla Thunderbird was updated to version 14.0 bnc771583 MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1 952 Gecko memory corruption MFSA 2012-45/CVE-2012-1955 bmo757376 Spoofing issue with location MF...
MozillaFirefox to 14.0.1 (critical)
MozillaFirefox was updated to 14.0.1 to fix various bugs and security issues. Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...
xen (critical)
This update of XEN fixed multiple security flaws that could be exploited by local attackers to cause a Denial of Service or potentially escalate privileges. Additionally, several other upstream changes were backported...
update for opera (important)
update to 12.00 full changelog available at: http://www.opera.com/docs/changelogs/unix/1120/ - fixes bnc767045...
mysql (CVE-2012-2122) (important)
Fixing CVE-2012-2122: authentication bypass due to incorrect type casting...
ClamAV: 0.97.5 update (important)
This update addresses possible evasion cases in some archive formats and stability issues in portions of the bytecode engine...
java-1_6_0-openjdk: critical (critical)
This version upgrade of java-160-openjdk fixes multiple security flaws: - S7079902, CVE-2012-1711: Refine CORBA data models - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. - S7143614, CVE-2012-1716: SynthLookAndFeel stability...
MozillaFirefox, MozillaThunderbird, mozilla-nss, seamonkey, xulrunner: June (important)
Changes in MozillaFirefox: - update to Firefox 13.0 bnc765204 MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards MFSA 2012-36/CVE-2012-1944 bmo751422 Content Security Policy inline-script bypass MFSA 2012-37/CVE-2012-1945 bmo670514 Information disclosure...