Author Archives: LinuxSecurity.com - Security Advisories

SuSE: 2010-034: flash-player

Posted in Server & Linux Security
LinuxSecurity.com: Flash Player was updated to version 10.1.82.76 fixing several critical security issues: - CVE-2010-0209: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown. - CVE-2010-2188: CVSS v2 Base Score: 6.8: Buffer Errors (CWE-119) [More...]
Add comment | August 13, 2010 - 4:05 am

Mandriva: 2010:148: pidgin

Posted in Server & Linux Security
LinuxSecurity.com: A security vulnerability has been identified and fixed in pidgin: The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and [More...]
Add comment | August 12, 2010 - 4:51 am

Red Hat: 2010:0625-01: wireshark: Moderate Advisory

Posted in Server & Linux Security
LinuxSecurity.com: Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
Add comment | August 11, 2010 - 1:57 pm

Mandriva: 2010:147: firefox

Posted in Server & Linux Security
LinuxSecurity.com: Security issues were identified and fixed in firefox: layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory [More...]
Add comment | August 10, 2010 - 7:03 am

Pardus: 2010-104: Php: Multiple Vulnerabilities

Posted in Server & Linux Security
LinuxSecurity.com: Multiple vulnerabilities have been fixed in PHP
Add comment | August 8, 2010 - 8:20 pm

Mandriva: 2010:145: libtiff

Posted in Server & Linux Security
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service [More...]
Add comment | August 6, 2010 - 5:57 am

Debian: 2088-1: wget: missing input sanitization

Posted in Server & Linux Security
LinuxSecurity.com: It was discovered that wget, a command line tool for downloading files from the WWW, uses server-provided file names when creating local files. This may lead to code execution in some scenarios. [More...]
Add comment | August 4, 2010 - 7:30 pm

Debian: 2087-1: cabextract: programming error

Posted in Server & Linux Security
LinuxSecurity.com: It was discovered that a programming error in the archive test mode of cabextract, a program to extract Microsoft Cabinet files, could lead to the execution of arbitrary code. [More...]
Add comment | August 3, 2010 - 6:01 pm

SuSE: 2010-033: Linux kernel

Posted in Server & Linux Security
LinuxSecurity.com: This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes. Notable larger bugfixes and changes: - The btrfs filesystem received backports of lots of fixes from 2.6.35. - A OCFS2 data corruption during high load was fixed. [More...]
Add comment | August 2, 2010 - 1:04 am

SuSE: 2010-032: Mozilla Firefox

Posted in Server & Linux Security
LinuxSecurity.com: Various security issues have been found in the Mozilla suite, and the various browsers have been updated to fix these issues. Mozilla Firefox was brought to the 3.5.11 security release. Mozilla Firefox on openSUSE 11.3 was brought to the 3.6.8 security release. Mozilla Thunderbird was brought to the 3.0.11 release on openSUSE [More...]
Add comment | July 30, 2010 - 1:11 am

All trademarks and copyrights owned by their respective owners and are used for illustration only
Kokopelli Creative Web Design
Bear
Webhosting Admin | Bargain Host | Host Wiki | domainRIFFIC | Domain Rates | WHOIS Gator