LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
URL: http://www.linuxsecurity.com/
Updated: 9 hours 21 min ago

Mandriva: 2014:034: yaml

Fri, 14/02/2014 - 10:55am
LinuxSecurity.com: A vulnerability has been discovered and corrected in yaml: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute [More...]

Mandriva: 2014:033: socat

Fri, 14/02/2014 - 10:53am
LinuxSecurity.com: A vulnerability has been discovered and corrected in socat: Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the [More...]

Mandriva: 2014:032: flite

Fri, 14/02/2014 - 10:47am
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in flite: The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third [More...]

Mandriva: 2014:029: mysql

Thu, 13/02/2014 - 3:38pm
LinuxSecurity.com: A vulnerabilitt has been discovered and corrected in mysql: Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version [More...]

Mandriva: 2014:028: mariadb

Thu, 13/02/2014 - 3:20pm
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in mariadb: Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version [More...]

Red Hat: 2014:0175-01: piranha: Important Advisory

Thu, 13/02/2014 - 2:30pm
LinuxSecurity.com: An updated piranha package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]

Red Hat: 2014:0174-01: piranha: Important Advisory

Thu, 13/02/2014 - 2:25pm
LinuxSecurity.com: An updated piranha package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

Red Hat: 2014:0173-01: mysql55-mysql: Moderate Advisory

Thu, 13/02/2014 - 2:24pm
LinuxSecurity.com: Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having moderate [More...]

Ubuntu: 2098-2: LibYAML regression

Thu, 13/02/2014 - 11:39am
LinuxSecurity.com: USN-2098-1 introduced a regression in LibYAML.

Mandriva: 2014:027: php

Wed, 12/02/2014 - 3:18pm
LinuxSecurity.com: A vulnerability has been discovered and corrected in php: * Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()) (CVE-2013-7226). [More...]

Ubuntu: 2104-1: LXC vulnerability

Wed, 12/02/2014 - 2:12pm
LinuxSecurity.com: LXC would allow unintended access to the host, bypassing intendedconfinement.

Red Hat: 2014:0164-01: mysql: Moderate Advisory

Wed, 12/02/2014 - 2:00pm
LinuxSecurity.com: Updated mysql packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:0163-01: kvm: Important Advisory

Wed, 12/02/2014 - 2:00pm
LinuxSecurity.com: Updated kvm packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

Mandriva: 2014:026: openldap

Wed, 12/02/2014 - 7:21am
LinuxSecurity.com: A vulnerability has been discovered and corrected in openldap: The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a [More...]

Debian: 2850-2: libyaml: regression

Wed, 12/02/2014 - 3:59am
LinuxSecurity.com: The security update released in DSA-2850-1 for libyaml introduced a regression in libyaml failing to parse a subset of valid yaml documents. For reference the original advisory text follows. [More...]

Debian: 2858-1: iceweasel: Multiple vulnerabilities

Mon, 10/02/2014 - 10:42am
LinuxSecurity.com: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security [More...]

Gentoo: 201402-14 International Components for Unicode: Denial of Service

Mon, 10/02/2014 - 6:12am
LinuxSecurity.com: Two vulnerabilities in International Components for Unicode might allow remote attackers to cause a Denial of Service condition.

Gentoo: 201402-13 DjVu: User-assisted execution of arbitrary code

Sun, 09/02/2014 - 7:55am
LinuxSecurity.com: A vulnerability in DjVu could result in execution of arbitrary code or Denial of Service.

Gentoo: 201402-12 PAM S/Key: Information disclosure

Sun, 09/02/2014 - 6:13am
LinuxSecurity.com: PAM S/Key does not clear provided credentials from memory, allowing local attackers to gain access to cleartext credentials.

Slackware: 2014-039-01: mozilla-firefox: Security Update

Sat, 08/02/2014 - 5:06pm
LinuxSecurity.com: New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]

TechBytes Techrights button

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal

Powered by Drupal, an open source content management system