1. Vulnerabilities in OpenH264 plugin for Mozilla Firefox (MFSA
2015-10)
[06/02/2015]
Vulnerabilities were identified in the OpenH264
plugin for Mozilla Firefox. An attacker could bypass security restriction,
execute arbitrary code, cause a denial of service condition and crash the
application. These vulnerabilities affect versions prior to 1.3 of the mentioned
product. Security patches are available to resolve these
vulnerabilities.
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-10/
2. Vulnerabilities in Adobe Flash Player
(APSB15-04)
[06/02/2015] Vulnerabilities were identified in the Adobe Flash Player. An
attacker could bypass security restrictions, execute arbitrary code and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:helpx.adobe.com/security/products/flash-player/apsb15-04.html
URL:technet.microsoft.com/library/security/2755801.aspx
URL:www.hkcert.org/my_url/en/alert/15020601
URL:www.us-cert.gov/ncas/current-activity/2015/02/05/Adobe-Releases-Security-Updates-Flash-Player
3. Vulnerabilities in Google
Chrome
[06/02/2015]
Vulnerabilities were identified in the Google
Chrome. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise an affected system. These
vulnerabilities affect versions prior to 40.0.2214.111 of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:googlechromereleases.blogspot.hk/2015/02/stable-channel-update.html
URL:www.us-cert.gov/ncas/current-activity/2015/02/05/Google-Releases-Security-Updates-Chrome
4. Vulnerability in Topline Systems Opportunity Form
(VU#669156)
[06/02/2015] Vulnerability was identified in the Topline Systems
Opportunity Form. An attacker could obtain sensitive information, execute
arbitrary code and compromise the system. This vulnerability affects multiple
versions of the mentioned products. Security patches are available to resolve
this
vulnerability.
URL:www.kb.cert.org/vuls/id/669156
5. Vulnerabilities in Ektron Content Management System
(VU#377644)
[06/02/2015] Vulnerabilities were identified in the Ektron Content
Management System (CMS). An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code and
perform code injection attacks. These vulnerabilities affect multiple versions
of the mentioned
product.
URL:www.kb.cert.org/vuls/id/377644
6. Vulnerability in Fork CMS (100668)
[06/02/2015] Vulnerability was identified in the Fork CMS. An attacker
could perform code injection attacks. This vulnerability affects versions prior
to 3.8.6 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/100668
7. Vulnerabilities in Multiple modules for Drupal
(DRUPAL-SA-CONTRIB-2015-034, DRUPAL-SA-CONTRIB-2015-035,
DRUPAL-SA-CONTRIB-2015-036, DRUPAL-SA-CONTRIB-2015-037,
DRUPAL-SA-CONTRIB-2015-038)
[06/02/2015] Vulnerabilities were identified in the Commerce WeDeal, Ajax
Timeline, Public Download Count, Path Breadcrumbs and Facebook Album Fetcher
modules for Drupal. An attacker could bypass security restrictions, gain
elevated privileges, execute arbitrary code and compromise an affected system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these vulnerabilities except those in
Facebook Album
Fetcher.
URL:www.drupal.org/security/contrib
URL:xforce.iss.net/xforce/xfdb/100653
URL:xforce.iss.net/xforce/xfdb/100654
URL:xforce.iss.net/xforce/xfdb/100655
URL:xforce.iss.net/xforce/xfdb/100656
8. Security Updates in Debian
(DSA-3154-1)
[06/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the ntp package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, cause a denial of
service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3154
9. Security Updates in Mandriva (MDVSA-2015:028,
MDVSA-2015:029, MDVSA-2015:030, MDVSA-2015:031,
MDVSA-2015:032)
[06/02/2015] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the aircrack-ng, binutils, bugzilla, busybox and php packages for version
MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
application.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A028/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A029/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A030/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A031/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A032/
10.
Security Updates in Mageia
(MGASA-2015-0049, MGASA-2015-0050, MGASA-2015-0051, MGASA-2015-0052,
MGASA-2015-0053)
[06/02/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the zarafa, hexchat, vorbis-tools, cabextract and vlc packages for multiple
versions of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, perform
spoofing attacks, cause a denial of service condition and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0049.html
URL:advisories.mageia.org/MGASA-2015-0050.html
URL:advisories.mageia.org/MGASA-2015-0051.html
URL:advisories.mageia.org/MGASA-2015-0052.html
URL:advisories.mageia.org/MGASA-2015-0053.html
11.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0126-1, RHSA-2015:0133-1, RHSA-2015:0134-1, RHSA-2015:0135-1,
RHSA-2015:0136-1)
[06/02/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the rhev-hypervisor6 package for Red Hat Enterprise Virtualization 3,
java-1.7.1-ibm, java-1.7.0-ibm, java-1.6.0-ibm and java-1.5.0-ibm packages for
Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0126.html
URL:rhn.redhat.com/errata/RHSA-2015-0133.html
URL:rhn.redhat.com/errata/RHSA-2015-0134.html
URL:rhn.redhat.com/errata/RHSA-2015-0135.html
URL:rhn.redhat.com/errata/RHSA-2015-0136.html
12.
Information Updates on Security Bulletin
for Adobe Flash Player (APSA15-02)
[05/02/2015] Adobe has
updated information on the Security Bulletin for the Adobe Flash Player.
APSA15-02 was updated to include the security patches delivered via
auto-update.
URL:helpx.adobe.com/security/products/flash-player/apsa15-02.html
13.
Vulnerability in Cisco WebEx Meetings
Server (cisco-sa-20150204-wbx)
[05/02/2015] Vulnerability was identified in the Cisco WebEx Meetings
Server. An attacker could bypass security restrictions, execute arbitrary code
and perform code injection attacks. This vulnerability affects versions 1.0, 1.1
and 1.5 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150204-wbx
14.
Vulnerability in HP SiteScope
(c04539443)
[05/02/2015] Vulnerability was identified in the HP SiteScope. An attacker
could gain elevated privileges. This vulnerability affects multiple versions of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04539443
URL:xforce.iss.net/xforce/xfdb/100642
15.
Vulnerability in Huawei products
(HW_413100)
[05/02/2015] Vulnerability was identified in multiple Huawei products. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
multiple firmware versions of the mentioned
products.
URL:www.huawei.com/ilink/en/security/psirt/security-bulletins/security-notices/HW_413100
16.
Vulnerabilities in Network Time Protocol
daemon (VU#852879)
[05/02/2015] Vulnerabilities were identified in the Network Time Protocol
daemon (ntpd). An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges and execute arbitrary code. These
vulnerabilities affect versions prior to 4.2.8p1 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.kb.cert.org/vuls/id/852879
17.
Vulnerability in Pragyan CMS
(100634)
[05/02/2015]
Vulnerability was identified in the Pragyan CMS.
An attacker could perform code injection attacks. This vulnerability affects
version 3 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/100634
18.
Vulnerability in My Little Forum
(100616)
[05/02/2015]
Vulnerability was identified in the My Little
Forum. An attacker could perform cross-site scripting attacks and obtain
sensitive information. This vulnerability affects multiple versions of the
mentioned
product.
URL:xforce.iss.net/xforce/xfdb/100616
19.
Security Updates in Debian
(DSA-3153-1)
[05/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the krb5 package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3153
20.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0115-1, RHSA-2015:0116-1, RHSA-2015:0117-1,
RHSA-2015:0118-1)
[05/02/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel, mysql55-mysql, mariadb55-mariadb and mariadb packages for Red Hat
Software Collections 1, and Red Hat Enterprise Linux 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0115.html
URL:rhn.redhat.com/errata/RHSA-2015-0116.html
URL:rhn.redhat.com/errata/RHSA-2015-0117.html
URL:rhn.redhat.com/errata/RHSA-2015-0118.html
21.
Security Updates in Ubuntu GNU/Linux
(USN-2469-2, USN-2494-1)
[05/02/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the python-django and file packages for versions 10.04 LTS, 12.04 LTS, 14.04 LTS
and 14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, execute arbitrary code, perform cross-site scripting and
spoofing attacks, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2469-2/
URL:www.ubuntu.com/usn/usn-2494-1/
22.
Vulnerabilities in Cisco Unified IP Phone
9900 Series
[04/02/2015] Vulnerabilities were identified in the Cisco Unified IP Phone
9900 Series. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
firmware versions of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0600
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0601
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0602
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0603
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0604
23.
Vulnerability in BELLBRIDGE SIPhone
Enterprise PBX (100582)
[04/02/2015] Vulnerability was identified in the BELLBRIDGE SIPhone
Enterprise PBX. An attacker could perform code injection attacks. The affected
version was not
specified.
URL:xforce.iss.net/xforce/xfdb/100582
24.
Vulnerabilities in VLC multimedia player
and streamer
[04/02/2015] Vulnerabilities were identified in the VLC multimedia player
and streamer. An attacker could bypass security restrictions, execute arbitrary
code, cause a denial of service condition and crash the system. These
vulnerabilities affect versions prior to 2.0.3-5+deb7u2 of the mentioned
product. Security patches are available to resolve these
vulnerabilities.
URL:www.hkcert.org/my_url/en/alert/15020401
25.
Vulnerability in UniPDF
(100577)
[04/02/2015]
Vulnerability was identified in the UniPDF. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
version 1.1 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/100577
26.
Vulnerability in NPDS Revolution
(100584)
[04/02/2015]
Vulnerability was identified in the NPDS
Revolution. An attacker could perform code injection attacks. This vulnerability
affects version 13 of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/100584
27.
Vulnerability in SnipSnap
(100585)
[04/02/2015]
Vulnerability was identified in the SnipSnap. An
attacker could perform cross-site scripting attacks and obtain sensitive
information. This vulnerability affects multiple versions of the mentioned
product.
URL:xforce.iss.net/xforce/xfdb/100585
28.
Vulnerability in Sefrengo CMS
(100586)
[04/02/2015]
Vulnerability was identified in the Sefrengo
CMS. An attacker could perform code injection attacks. This vulnerability
affects versions prior to 1.6.2 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/100586
29.
Vulnerabilities in multiple plugins for
WordPress (100583, 100587)
[04/02/2015] Vulnerabilities were identified in the Banner Effect Header
plugin and Quasar Theme plugin for WordPress. An attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code and perform
cross-site scripting attacks. These vulnerabilities affect multiple versions of
the mentioned products. Security patches are available to resolve the
vulnerability identified in Banner Effect Header
plugin.
URL:xforce.iss.net/xforce/xfdb/100583
URL:xforce.iss.net/xforce/xfdb/100587
30.
Security Updates in Oracle Linux
(ELSA-2015-0118)
[04/02/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the mariadb package for Oracle Linux 7. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-0118.html
31.
Security Updates in Debian (DSA-3151-1,
DSA-3152-1)
[04/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the python-django and unzip packages for multiple versions of Debian GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, perform cross-site scripting
attacks, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3151
URL:www.debian.org/security/2015/dsa-3152
32.
Security Updates in Ubuntu GNU/Linux
(USN-2489-1, USN-2490-1, USN-2491-1, USN-2492-1,
USN-2493-1)
[04/02/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the unzip, linux, linux-ec2 and linux-ti-omap4 packages for versions 10.04 LTS,
12.04 LTS, 14.04 LTS and 14.10 of Ubuntu GNU/Linux. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2489-1/
URL:www.ubuntu.com/usn/usn-2490-1/
URL:www.ubuntu.com/usn/usn-2491-1/
URL:www.ubuntu.com/usn/usn-2492-1/
URL:www.ubuntu.com/usn/usn-2493-1/
33.
Vulnerability in Adobe Flash Player
(APSA15-02)
[03/02/2015] Vulnerability was identified in the Adobe Flash Player. An
attacker could bypass security restrictions, execute arbitrary code and
compromise the system. This vulnerability affects multiple firmware versions of
the mentioned product. Security patches will be released during the week of
February 2 to resolve this
vulnerability.
URL:helpx.adobe.com/security/products/flash-player/apsa15-02.html
URL:www.hkcert.org/my_url/en/alert/15020301
34.
Vulnerability in Microsoft Internet
Explorer
[03/02/2015]
Vulnerability was identified in the Microsoft
Internet Explorer. An attacker could bypass security restrictions, execute
arbitrary code and perform cross-site scripting attacks. This vulnerability
affects versions 11 of the mentioned
product.
URL:www.hkcert.org/my_url/en/alert/15020302
35.
Vulnerabilities in Cisco
Products
[03/02/2015]
Vulnerabilities were identified in the Cisco
AnyConnect Secure Mobility Client, Cisco HostScan Engine and Cisco Unified
Computing System (Standalone). An attacker could bypass security restrictions,
execute arbitrary code, perform cross-site scripting and cross-frame scripting
attacks. These vulnerabilities affect multiple firmware versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8021
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0599
36.
Vulnerabilities in SerVision HVG Video
Gateway (VU#522460)
[03/02/2015] Vulnerabilities were identified in the SerVision HVG Video
Gateway. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code and compromise the
system. These vulnerabilities affect firmware versions prior to 2.2.26a100 of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www.kb.cert.org/vuls/id/522460
37.
Vulnerabilities in ManageEngine Products
(100550, 100551, 100554, 100555)
[03/02/2015] Vulnerabilities were identified in the ManageEngine Firewall
Analyzer, ManageEngine OpManager, ManageEngine Applications Manager and
ManageEngine IT360. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, perform cross-site scripting and
code injection attacks. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities except those in ManageEngine Firewall
Analyzer.
URL:xforce.iss.net/xforce/xfdb/100550
URL:xforce.iss.net/xforce/xfdb/100551
URL:xforce.iss.net/xforce/xfdb/100554
URL:xforce.iss.net/xforce/xfdb/100555
38.
Vulnerabilities in
ClamAV
[03/02/2015]
Vulnerabilities were identified in the ClamAV.
An attacker could bypass security restrictions and execute arbitrary code. These
vulnerabilities affect versions prior to 0.98.6 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.clamav.net/download.html
URL:www.hkcert.org/my_url/en/alert/15020201
39.
Security Updates in Debian (DSA-3149-1,
DSA-3150-1)
[03/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the condor and vlc packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2015/dsa-3149
URL:www.debian.org/security/2015/dsa-3150
40.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0112-1, RHSA-2015:0113-1)
[03/02/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the libyaml package in Red Hat Software Collections 1 for Red Hat Enterprise
Linux 6, libvncserver package for Red Hat Enterprise Linux 6.5 Extended Update
Support. Due to multiple errors, an attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0112.html
URL:rhn.redhat.com/errata/RHSA-2015-0113.html
41.
Security Updates in SUSE
(openSUSE-SU-2015:0184-1, openSUSE-SU-2015:0190-1,
openSUSE-SU-2015:0192-1)
[03/02/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the glibc, java-1_7_0-openjdk and seamonkey packages of openSUSE 12.3, 13.1 and
13.2. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00000.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00002.html
42.
Security Updates in Ubuntu GNU/Linux
(USN-2488-1)
[03/02/2015] Ubuntu has
released security update packages for fixing the vulnerability identified in the
clamav package for versions 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu GNU/Linux.
An attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2488-1/
43. Vulnerability in Cisco NX-OS
Software
[02/02/2015]
Vulnerability was identified in the Cisco NX-OS
Software. An attacker could bypass security restrictions, execute arbitrary
code, cause a denial of service condition and crash the system. This
vulnerability affects multiple firmware versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8013
44.
Vulnerability in Novell Products
(5200119, 5200161, 5200201, 5200203)
[02/02/2015] Vulnerability was identified in the Novell iPrint Appliance
and Novell Filr. An attacker could bypass security restrictions, obtain
sensitive information and execute arbitrary code. This vulnerability affects
multiple versions of the mentioned products. Security patches are available to
resolve this
vulnerability.
URL:download.novell.com/Download?buildid=8H9GyBHH1xY~
URL:download.novell.com/Download?buildid=DLee7umfbL4~
URL:download.novell.com/Download?buildid=G84Y8dbzWwU~
URL:download.novell.com/Download?buildid=RyrISxl25cI~
45.
Security Updates in Debian (DSA-3144-1,
DSA-3145-1, DSA-3146-1, DSA-3147-1)
[02/02/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7, privoxy, requests and openjdk-6 packages for multiple versions of
Debian GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3144
URL:www.debian.org/security/2015/dsa-3145
URL:www.debian.org/security/2015/dsa-3146
URL:www.debian.org/security/2015/dsa-3147
46.
Security Updates in FreeBSD
(FreeBSD-SA-15:02.kmem, FreeBSD-SA-15:03.sctp)
[02/02/2015] FreeBSD
has released security update packages for fixing the vulnerabilities identified
in the sctp package for multiple versions of FreeBSD. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:02.kmem.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:03.sctp.asc
47.
Security Updates in Mageia
(MGASA-2015-0044, MGASA-2015-0046, MGASA-2015-0047,
MGASA-2015-0048)
[02/02/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the kdebase4-runtime, libvirt, icu and bugzilla packages for multiple versions
of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0044.html
URL:advisories.mageia.org/MGASA-2015-0046.html
URL:advisories.mageia.org/MGASA-2015-0047.html
URL:advisories.mageia.org/MGASA-2015-0048.html
48.
Security Updates in SUSE
(SUSE-SU-2015:0178-1, SUSE-SU-2015:0180-1)
[02/02/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the kernel and Mozilla Firefox packages of SUSE Linux Enterprise 11 and 12. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html
URL:lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html
No comments:
Post a Comment