Security Alerts
1. Vulnerability in blkid
(98993)
[28/11/2014]
Vulnerability was identified in the blkid. An
attacker could bypass security restrictions and execute arbitrary code on the
system. The affected version was not
specified.
URL:xforce.iss.net/xforce/xfdb/98993
2. Vulnerability in Canto
(98947)
[28/11/2014]
Vulnerability was identified in the Canto. An
attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects versions prior to 0.9.0 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98947
3. Vulnerability in GNU Project Patch
(98992)
[28/11/2014]
Vulnerability was identified in the GNU Project
Patch. An attacker could bypass security restrictions and execute arbitrary code
on the system. The affected version was not
specified.
URL:xforce.iss.net/xforce/xfdb/98992
4. Vulnerability in Icecast
(98991)
[28/11/2014]
Vulnerability was identified in the Icecast. An
attacker could bypass security restrictions and gain elevated privileges on the
system. This vulnerability affects versions prior to 2.4.0 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98991
5. Vulnerability in MantisBT
(98987)
[28/11/2014]
Vulnerability was identified in the MantisBT. An
attacker could bypass security restrictions, execute arbitrary code and perform
SQL injection attacks. This vulnerability affects versions prior to 1.2.18 of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98987
6. Vulnerability in Mutt
(98989)
[28/11/2014]
Vulnerability was identified in the Mutt. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
version 1.5.23 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/98989
7. Security Updates in Debian
(DSA-3078-1)
[28/11/2014] Debian has
released security update packages for fixing the vulnerability identified in the
libksba package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
application.
URL:www.debian.org/security/2014/dsa-3078
8. Security Updates in Mandriva (MDVSA-2014:230,
MDVSA-2014:231, MDVSA-2014:232, MDVSA-2014:233)
[28/11/2014] Mandriva has released security update packages for fixing the
vulnerabilities identified in the kernel, icecast, glibc and wordpress packages
for version MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker
could bypass security restrictions, gain elevated privileges, obtain sensitive
information, execute arbitrary code, perform cross-site scripting attacks, cause
a denial of service condition and crash the
application.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A230/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A231/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A232/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A233/
9. Security Updates in SUSE
(openSUSE-SU-2014:1508-1)
[28/11/2014] SUSE has
released security update packages for fixing the vulnerability identified in the
flashplayer package of openSUSE Evergreen 11.4. An attacker could bypass
security restrictions and execute arbitrary code on the
system.
URL:lists.opensuse.org/opensuse-security-announce/2014-11/msg00020.html
10.
Security Updates in Ubuntu GNU/Linux
(USN-2425-1, USN-2426-1, USN-2427-1)
[28/11/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the dbus, flac and libksba packages for versions 10.04 LTS, 12.04 LTS, 14.04 LTS
and 14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2425-1/
URL:www.ubuntu.com/usn/usn-2426-1/
URL:www.ubuntu.com/usn/usn-2427-1/
11.
Vulnerability in Cisco Adaptive Security
Appliance (ASA) Software
[27/11/2014] Vulnerability was identified in the Cisco Adaptive Security
Appliance (ASA) Software. An attacker could bypass security restrictions and a
cause a denial of service condition. This vulnerability affects multiple
firmware versions of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407
12.
Vulnerability in GNU Libksba
(98935)
[27/11/2014]
Vulnerability was identified in the GNU Libksba.
An attacker could bypass security restrictions, cause a denial of service
condition and crash the system. This vulnerability affects versions prior to
1.3.2 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98935
13.
Vulnerability in libFLAC
(98938)
[27/11/2014]
Vulnerability was identified in the libFLAC
library. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. This vulnerability
affects versions prior to 1.3.0 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98938
14.
Vulnerabilities in multiple plugins for
WordPress (98940, 98941, 98943, 98944, 98945)
[27/11/2014] Vulnerabilities were identified in the ThemePunch Slider
Revolution Responsive, ThemePunch Showbiz Pro Responsive Teaser, DukaPress,
Google Doc Embedder and wpDataTables Plugins for WordPress. An attacker could
bypass security restrictions, obtain sensitive information, execute arbitrary
code and perform SQL injection attacks. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
the vulnerabilities of the ThemePunch Slider Revolution Responsive, DukaPress
and Google Doc Embedder
Plugins.
URL:xforce.iss.net/xforce/xfdb/98940
URL:xforce.iss.net/xforce/xfdb/98941
URL:xforce.iss.net/xforce/xfdb/98943
URL:xforce.iss.net/xforce/xfdb/98944
URL:xforce.iss.net/xforce/xfdb/98945
15.
Security Updates in Oracle Linux
(ELSA-2014-1911, ELSA-2014-1912)
[27/11/2014] Oracle has
released security update packages for fixing the vulnerabilities identified in
the ruby package for Oracle Linux 6 and 7. Due to multiple errors, an attacker
could bypass security restrictions, cause a denial of service condition and
crash the
system.
URL:linux.oracle.com/errata/ELSA-2014-1911.html
URL:linux.oracle.com/errata/ELSA-2014-1912.html
16.
Security Updates in Debian (DSA-3076-1,
DSA-3077-1)
[27/11/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the wireshark and openjdk-6 packages for multiple versions of Debian GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
application.
URL:www.debian.org/security/2014/dsa-3076
URL:www.debian.org/security/2014/dsa-3077
17.
Security Updates in Mageia
(MGASA-2014-0486, MGASA-2014-0487, MGASA-2014-0488, MGASA-2014-0489,
MGASA-2014-0490, MGASA-2014-0491, MGASA-2014-0492, MGASA-2014-0493,
MGASA-2014-0494, MGASA-2014-0495, MGASA-2014-0496, MGASA-2014-0497,
MGASA-2014-0498)
[27/11/2014] Mageia has
released security update packages for fixing the vulnerabilities identified in
the perl-Plack, clamav, ruby-httpclient, asterisk, avidemux, drupal, wordpress,
icecast, phpmyadmin, glibc, flash-player-plugin and libksba packages for
multiple versions of Mageia. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
perform cross-site scripting attacks, cause a denial of service condition and
crash the
system.
URL:advisories.mageia.org/MGASA-2014-0486.html
URL:advisories.mageia.org/MGASA-2014-0487.html
URL:advisories.mageia.org/MGASA-2014-0488.html
URL:advisories.mageia.org/MGASA-2014-0489.html
URL:advisories.mageia.org/MGASA-2014-0490.html
URL:advisories.mageia.org/MGASA-2014-0491.html
URL:advisories.mageia.org/MGASA-2014-0492.html
URL:advisories.mageia.org/MGASA-2014-0493.html
URL:advisories.mageia.org/MGASA-2014-0494.html
URL:advisories.mageia.org/MGASA-2014-0495.html
URL:advisories.mageia.org/MGASA-2014-0496.html
URL:advisories.mageia.org/MGASA-2014-0497.html
URL:advisories.mageia.org/MGASA-2014-0498.html
18.
Security Updates in Mandriva
(MDVSA-2014:228, MDVSA-2014:229)
[27/11/2014] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the phpmyadmin and libvncserver packages for version MBS1 of Mandriva
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, perform
cross-site scripting attacks, cause a denial of service condition and crash the
application.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A228/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A229/
19.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1911-1, RHSA-2014:1912-1, RHSA-2014:1913-1, RHSA-2014:1914-1,
RHSA-2014:1915-1)
[27/11/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the ruby, ruby193-ruby, ruby200-ruby and Adobe Flash Player packages for Red
Hat Software Collections 1 and Red Hat Enterprise Linux 5, 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the
application.
URL:rhn.redhat.com/errata/RHSA-2014-1911.html
URL:rhn.redhat.com/errata/RHSA-2014-1912.html
URL:rhn.redhat.com/errata/RHSA-2014-1913.html
URL:rhn.redhat.com/errata/RHSA-2014-1914.html
URL:rhn.redhat.com/errata/RHSA-2014-1915.html
20.
Security Updates in Ubuntu GNU/Linux
(USN-2423-1)
[27/11/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the ClamAV package for versions 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.ubuntu.com/usn/usn-2423-1/
21. Vulnerabilities in Adobe Flash Player
(APSB14-26)
[26/11/2014] Vulnerabilities were identified in the Adobe Flash Player. An
attacker could bypass security restrictions, executive arbitrary code, obtain
sensitive information, gain elevated privileges, cause a denial of service
condition and crash the system. These vulnerabilities affect multiple versions
of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:helpx.adobe.com/security/products/flash-player/apsb14-26.html
URL:technet.microsoft.com/en-us/library/security/2755801
URL:www.hkcert.org/my_url/en/alert/14112601
URL:www.us-cert.gov/ncas/current-activity/2014/11/25/Adobe-Releases-Security-Updates-Flash-Player
URL:xforce.iss.net/xforce/xfdb/98932
22.
Vulnerability in Cisco IOS XR
Software
[26/11/2014]
Vulnerability was identified in the Cisco IOS XR
Software. An attacker could bypass security restrictions and cause a denial of
service condition. This vulnerability affects multiple firmware versions of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8005
23.
Vulnerability in TP-Link TL-WR740N Router
(98927)
[26/11/2014]
Vulnerability was identified in the TP-Link
TL-WR740N Router. An attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the system. This
vulnerability affects multiple firmware versions of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/98927
24.
Vulnerabilities in Linux Kernel (98918,
98919, 98920)
[26/11/2014] Vulnerabilities were identified in the Linux Kernel. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
multiple versions of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/98918
URL:xforce.iss.net/xforce/xfdb/98919
URL:xforce.iss.net/xforce/xfdb/98920
25.
Vulnerability in RobotStats
(98915)
[26/11/2014]
Vulnerability was identified in the RobotStats.
An attacker could bypass security restrictions, execute arbitrary code and
perform SQL injection attacks. This vulnerability affects version 1.0 of the
mentioned
product.
URL:xforce.iss.net/xforce/xfdb/98915
26.
Security Updates in Mageia
(MGASA-2014-0484, MGASA-2014-0485)
[26/11/2014] Mageia has
released security update packages for fixing the vulnerabilities identified in
the graphicsmagick and chromium-browser-stable packages for multiple versions of
Mageia. Due to multiple errors, an attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:advisories.mageia.org/MGASA-2014-0484.html
URL:advisories.mageia.org/MGASA-2014-0485.html
27.
Security Updates in Mandriva
(MDVSA-2014:225, MDVSA-2014:226, MDVSA-2014:227)
[26/11/2014] Mandriva has released security update packages for fixing the
vulnerabilities identified in the ruby, imagemagick and ffmpeg packages for
version MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could
bypass security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A225/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A226/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A227/
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1906-1)
[26/11/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the Red Hat OpenShift Enterprise 2. Due to multiple errors, an attacker could
bypass security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
application.
URL:rhn.redhat.com/errata/RHSA-2014-1906.html
29.
Security Updates in Ubuntu GNU/Linux
(USN-2415-1, USN-2416-1, USN-2417-1, USN-2418-1 ,USN-2419-1, USN-2420-1,
USN-2421-1, USN-2422-1)
[26/11/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the linux, linux-ec2, linux-ti-omap4, linux-lts-trusty and squid3 packages for
versions 10.04 LTS, 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2415-1/
URL:www.ubuntu.com/usn/usn-2416-1/
URL:www.ubuntu.com/usn/usn-2417-1/
URL:www.ubuntu.com/usn/usn-2418-1/
URL:www.ubuntu.com/usn/usn-2419-1/
URL:www.ubuntu.com/usn/usn-2420-1/
URL:www.ubuntu.com/usn/usn-2421-1/
URL:www.ubuntu.com/usn/usn-2422-1/
30.
Vulnerability in Cisco IOS XR
Software
[25/11/2014]
Vulnerability was identified in the Cisco IOS XR
Software. An attacker could bypass security restrictions and a cause a denial of
service condition. This vulnerability affects multiple firmware versions of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8004
31.
Vulnerabilities in Novell Products
(5195642, 5195690, 5195691, 5195692)
[25/11/2014] Vulnerabilities were identified in the Novell GroupWise and
Novell GroupWise Mobility Service. An attacker could bypass security
restrictions, obtain sensitive information and execute arbitrary code. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=2XOEfWyu-R4~
URL:download.novell.com/Download?buildid=7Oi1UsDsieQ~
URL:download.novell.com/Download?buildid=adVNltsFnxU~
URL:download.novell.com/Download?buildid=XoayGryMK9M~
32.
Vulnerability in Dell SonicWALL Global
Management System (98911)
[25/11/2014] Vulnerability was identified in the Dell SonicWALL Global
Management System. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affects version 7.2 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98911
33.
Vulnerability in ClamAV
(98882)
[25/11/2014]
Vulnerability was identified in the ClamAV. An
attacker could bypass security restrictions, execute arbitrary code and cause a
denial of service condition. This vulnerability affects versions prior to 0.98.5
of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.clamav.net/download.html
URL:xforce.iss.net/xforce/xfdb/98882
34.
Vulnerability in
FreeBSD
[25/11/2014]
Vulnerability was identified in FreeBSD. An
attacker could bypass security restrictions and cause a denial of service
condition. This vulnerability affects version 5.4 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.freebsd.org/releases/10.1R/relnotes.html
URL:xforce.iss.net/xforce/xfdb/98883
35.
Vulnerability in Privacyware
Privatefirewall (98910)
[25/11/2014] Vulnerability was identified in the Privacyware
Privatefirewall. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affects version 7.0.30.3 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/98910
36.
Security Updates in Oracle Linux
(ELSA-2014-1893)
[25/11/2014] Oracle has
released security update packages for fixing the vulnerabilities identified in
the libXfont package for Oracle Linux 5. Due to multiple errors, an attacker
could bypass security restrictions, cause a denial of service condition and
crash the
system.
URL:linux.oracle.com/errata/ELSA-2014-1893.html
37.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1893-1, RHSA-2014:1894-1)
[25/11/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the libXfont and chromium-browser packages for Red Hat Enterprise Linux 5 and
6 Supplementary. Due to multiple errors, an attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code, perform phishing
attacks, cause a denial of service condition and crash the
application.
URL:rhn.redhat.com/errata/RHSA-2014-1893.html
URL:rhn.redhat.com/errata/RHSA-2014-1894.html
38.
Security Updates in SUSE
(SUSE-SU-2014:1458-3)
[25/11/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox package of SUSE Linux Enterprise 10. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2014-11/msg00019.html
39.
Security Updates in Ubuntu GNU/Linux
(USN-2414-1)
[25/11/2014] Ubuntu has
released security update packages for fixing the vulnerability identified in the
kde-runtime packages for version 12.04 LTS of Ubuntu GNU/Linux. An attacker
could bypass security restrictions and execute arbitrary
code.
URL:www.ubuntu.com/usn/usn-2414-1/
40. Vulnerability in Huawei HiLink Products
(Huawei-SA-20140806-01-HiLink)
[24/11/2014] Vulnerability was identified in Huawei E3276, E3236,
E5180s-22 and E586Bs-2. An attacker could bypass security restrictions, execute
arbitrary code and perform cross-site request forgery attacks. This
vulnerability affects multiple firmware versions of the mentioned products.
Security patches are available to resolve this
vulnerability.
URL:huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-360246.htm
URL:xforce.iss.net/xforce/xfdb/98858
41.
Vulnerabilities in Asterisk
(AST-2014-012, AST-2014-013, AST-2014-014, AST-2014-015, AST-2014-016,
AST-2014-017, AST-2014-018)
[24/11/2014] Vulnerabilities were identified in the Asterisk. An attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:downloads.asterisk.org/pub/security/AST-2014-012.html
URL:downloads.asterisk.org/pub/security/AST-2014-013.html
URL:downloads.asterisk.org/pub/security/AST-2014-014.html
URL:downloads.asterisk.org/pub/security/AST-2014-015.html
URL:downloads.asterisk.org/pub/security/AST-2014-016.html
URL:downloads.asterisk.org/pub/security/AST-2014-017.html
URL:downloads.asterisk.org/pub/security/AST-2014-018.html
URL:xforce.iss.net/xforce/xfdb/98863
URL:xforce.iss.net/xforce/xfdb/98864
42.
Vulnerability in PCRE
(98854)
[24/11/2014]
Vulnerability was identified in the PCRE. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition. This vulnerability affects version 8.36 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/98854
43.
Vulnerabilities in
WordPress
[24/11/2014]
Vulnerabilities were identified in the
WordPress. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
versions prior to 4.0.1 of the mentioned product. Security patches are available
to resolve these
vulnerabilities.
URL:wordpress.org/news/2014/11/wordpress-4-0-1/
URL:www.us-cert.gov/ncas/current-activity/2014/11/21/WordPress-Releases-Security-Update
44.
Security Updates in Oracle
Solaris
[24/11/2014]
Oracle has released security update packages for
fixing the vulnerabilities identified in the XPDF, Common Unix Printing System
(CUPS), Facter, Sendmail, Perl, OpenStack Neutron, OpenStack keystonemiddleware,
Python, GNU patch utility, GnuTLS, OpenStack Compute (Nova) and Wireshark
packages for Oracle Solaris 10, 11.1 and 11.2. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:blogs.oracle.com/sunsecurity/entry/cve_2012_2142_arbitrary_code
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_2856_cross_site
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3248_untrusted_search
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3956_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_4330_buffer_errors
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_6414_unauthenticated_access
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_7144_cryptographic_issues
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_7185_integer_overflow
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_gnu_patch
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_gnutls
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_nova
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark11
45.
Security Updates in Gentoo Linux (GLSA
201411-06, GLSA 201411-07, GLSA 201411-08, GLSA 201411-09, GLSA
201411-10)
[24/11/2014]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the Adobe Flash Player, Openswan,
Aircrack-ng, Ansible and Asterisk packages for multiple versions of Gentoo
Linux. Due to multiple errors, an attacker could bypass security restrictions,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.gentoo.org/security/en/glsa/glsa-201411-06.xml
URL:www.gentoo.org/security/en/glsa/glsa-201411-07.xml
URL:www.gentoo.org/security/en/glsa/glsa-201411-08.xml
URL:www.gentoo.org/security/en/glsa/glsa-201411-09.xml
URL:www.gentoo.org/security/en/glsa/glsa-201411-10.xml
46.
Security Updates in Mandriva
(MDVSA-2014:218, MDVSA-2014:219, MDVSA-2014:200, MDVSA-2014:221, MDVSA-2014:222,
MDVSA-2014:223, MDVSA-2014:224)
[24/11/2014] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the asterisk, srtp, qemu, php-smarty, libvirt, wireshark and krb5 packages
for version MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A218/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A219/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A220/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A221/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A222/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A223/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A224/
47.
Security Updates in Mageia
(MGASA-2014-0460, MGASA-2014-0461, MGASA-2014-0462, MGASA-2014-0463,
MGASA-2014-0464, MGASA-2014-0465, MGASA-2014-0466, MGASA-2014-0467,
MGASA-2014-0468, MGASA-2014-0469, MGASA-2014-0470, MGASA-2014-0471,
MGASA-2014-0472, MGASA-2014-0473, MGASA-2014-0474, MGASA-2014-0475,
MGASA-2014-0476, MGASA-2014-0477, MGASA-2014-0478, MGASA-2014-0479,
MGASA-2014-0480, MGASA-2014-0481, MGASA-2014-0482,
MGASA-2014-0483)
[24/11/2014] Mageia has
released security update packages for fixing the vulnerabilities identified in
the boinc-client, hawtjni, python-djblets, privoxy, ffmpeg, srtp, kdenetwork4,
qemu, usbredir, php-smarty, libvirt, wireshark, ruby, kernel,
kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox,
kmod-xtables-addons, kmod-broadcom-wl, kmod-fglrx, kmod-nvidia173,
kmod-nvidia304, kmod-nvidia-current, python-pillow, python-imaging, krb5,
kdebase4-runtime, kwebkitpart, kernel-vserver, kdebase4-workspace, polarssl,
imagemagick and moodle packages for multiple versions of Mageia. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2014-0460.html
URL:advisories.mageia.org/MGASA-2014-0461.html
URL:advisories.mageia.org/MGASA-2014-0462.html
URL:advisories.mageia.org/MGASA-2014-0463.html
URL:advisories.mageia.org/MGASA-2014-0464.html
URL:advisories.mageia.org/MGASA-2014-0465.html
URL:advisories.mageia.org/MGASA-2014-0466.html
URL:advisories.mageia.org/MGASA-2014-0467.html
URL:advisories.mageia.org/MGASA-2014-0468.html
URL:advisories.mageia.org/MGASA-2014-0469.html
URL:advisories.mageia.org/MGASA-2014-0470.html
URL:advisories.mageia.org/MGASA-2014-0471.html
URL:advisories.mageia.org/MGASA-2014-0472.html
URL:advisories.mageia.org/MGASA-2014-0473.html
URL:advisories.mageia.org/MGASA-2014-0474.html
URL:advisories.mageia.org/MGASA-2014-0475.html
URL:advisories.mageia.org/MGASA-2014-0476.html
URL:advisories.mageia.org/MGASA-2014-0477.html
URL:advisories.mageia.org/MGASA-2014-0478.html
URL:advisories.mageia.org/MGASA-2014-0479.html
URL:advisories.mageia.org/MGASA-2014-0480.html
URL:advisories.mageia.org/MGASA-2014-0481.html
URL:advisories.mageia.org/MGASA-2014-0482.html
URL:advisories.mageia.org/MGASA-2014-0483.html
48.
Security Updates in SUSE
(SUSE-SU-2014:1458-2)
[24/11/2014] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox package of SUSE Linux Enterprise 11. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2014-11/msg00018.html
Source(s)
of above information:
No comments:
Post a Comment