Advisory: SuSE Essential and Critical Security Patch Updates

Find the information you need for your favorite open source distribution .

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-065: ethereal Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various problems have been fixed in the network analyzer Ethereal (now called Various problems have been fixed in the network analyzer Ethereal (now called Wireshark), most of them leading to crashes of the ethereal program. Wireshark), most of them leading to crashes of the ethereal program. CVE-2006-5740: An unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2 [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-064: kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux kernel in our old Linux 2.4 kernel based distributions have The Linux kernel in our old Linux 2.4 kernel based distributions have been updated to fix various security issues and bugs. been updated to fix various security issues and bugs. The bugs tracked by CVE-2006-3468, CVE-2006-2935, and CVE-2006-2444 were already fixed for all other products and announced in SUSE-SA:2006:057 and SUS [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-063: Qt image handling problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Multiple integer overflows have been found in image processing Multiple integer overflows have been found in image processing functions within the Qt class library, used for instance by the web functions within the Qt class library, used for instance by the web browser "konqueror" and its rendering engine "khtml". These problems could potentially lead to heap overflows and code execution or just [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-062: openssh Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Several security problems were fixed in OpenSSH 4.4 and the bug fixes were Several security problems were fixed in OpenSSH 4.4 and the bug fixes were back ported to the openssh versions in our products. back ported to the openssh versions in our products. - CVE-2006-4924: A denial of service problem has been fixed in OpenSSH which couldbe used to cause lots of CPU consumption on a remote openssh [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-061: opera Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The web browser Opera has been updated to fix 2 security problems. The web browser Opera has been updated to fix 2 security problems. CVE-2006-4339: Opera was affected by the RSA signature checking problem found in openssl, since it is statically linked against openssl. CVE-2006-4819: A URL tag parsing heap overflow in Opera could be used to potentially execute code. 2) Solution or Work-Around

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-060: clamav security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two security problems have been found and fixed in the anti virus Two security problems have been found and fixed in the anti virus scan engine "clamav", which could be used by remote attackers scan engine "clamav", which could be used by remote attackers sending prepared E-Mails containing special crafted infected files to potentially execute code. CVE-2006-4182: A problem in dealing with PE (Po [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-059: php4,php5 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The ini_restore() method could be exploited to reset options such as The ini_restore() method could be exploited to reset options such as open_basedir when set via the web server config file to their default open_basedir when set via the web server config file to their default value set in php.ini (CVE-2006-4625). Additionally php5 on all products as well as php4 on SLES8 were vulnerable to an in [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-058: openssl security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Several security problems were found and fixed in the OpenSSL Several security problems were found and fixed in the OpenSSL cryptographic library. cryptographic library. CVE-2006-3738/VU#547300: A Google security audit found a buffer overflow condition within the SSL_get_shared_ciphers() function which has been fixed.

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-057: kernel security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various security problems were found and fixed in the Linux kernel. Various security problems were found and fixed in the Linux kernel. We have released updates for following distributions: - SUSE Linux Enterprise Server 9 (on September 21st) - SUSE Linux Enterprise 10 (on September 26th) - SUSE Linux 9.2 up to 10.1 (on September 14th) The SUSE Linux Enterprise Server 10 kernel for the S/390 pla [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-056: gzip Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The gzip tool does not handle some specific values correctly when unpacking The gzip tool does not handle some specific values correctly when unpacking archives. This leads to vulnerabilities like buffer overflows or infinite archives. This leads to vulnerabilities like buffer overflows or infinite loops. Various different programs like mail clients, file explorer, etc. use gzip and if a user can [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-055: openssl,mozilla-nss RSA signature evasion Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If an RSA key with exponent 3 is used it may be possible to forge a If an RSA key with exponent 3 is used it may be possible to forge a PKCS verify the certificate if they are not checking for excess data PKCS verify the certificate if they are not checking for excess data in the RSA exponentiation result of the signature. This problems affects various SSL implementations. This advisory covers th [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-054: Mozilla Firefox,Thunderbird, Seamonkey Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security updates have been released that bring Mozilla Firefox to Security updates have been released that bring Mozilla Firefox to version 1.5.0.7, Mozilla Thunderbird to version 1.5.0.7 and Mozilla version 1.5.0.7, Mozilla Thunderbird to version 1.5.0.7 and Mozilla Seamonkey to 1.0.5. Seamonkey and Thunderbird were released early this week, Firefox was released today.

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-053: flash-player Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Multiple input validation errors have been identified in the Macromedia Multiple input validation errors have been identified in the Macromedia Flash Player that could lead to the potential execution of arbitrary Flash Player that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered from a remote location via the user's web bro [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-052: php4,php5 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various security problems have been fixed in the PHP script Various security problems have been fixed in the PHP script language engine and its modules, versions 4 and 5. language engine and its modules, versions 4 and 5. The PHP4 updated packages were released on September 12, the PHP5 update packages were released on September 20. The following security problems were fixed, with respective Mit [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-051: Apache2 security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The web server Apache2 has been updated to fix several security issues: The web server Apache2 has been updated to fix several security issues: The security fix for CVE-2005-3357 (denial of service) broke the earlier security fix for SSL verification (CVE-2005-2700). This problem has been corrected. Additionally a cross site scripting bug with the "Expect" header error reporting was fixed (CVE-2 [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-050: ImageMagick Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Several security problems have been fixed in ImageMagick: Several security problems have been fixed in ImageMagick: - CVE-2006-3744: Several heap buffer overflows were found in the SunBitmap decoder of ImageMagick during an audit by the Google SecurityTeam. This problem could be exploited by an attacker to execute code. - CVE-2006-3743: Multiple buffer overflows were found by the GoogleSecurity [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-049: kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The SUSE Linux Enterprise 10 kernel was updated to fix the following The SUSE Linux Enterprise 10 kernel was updated to fix the following security problems: security problems: - CVE-2006-3626: A race condition allows local users to gain root privilegesby changing the file mode of /proc/self/ filesin a way that causes those files (for instance/proc/self/environ) to become setuid root.

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-048: MozillaFirefox, MozillaThunderbird, Seamonkey Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To fix various security problems we released update packages that To fix various security problems we released update packages that bring Mozilla Firefox to version 1.5.0.6, MozillaThunderdbird to bring Mozilla Firefox to version 1.5.0.6, MozillaThunderdbird to version 1.5.0.5 and the Seamonkey Suite to version 1.0.3. Note that on Novell Linux Desktop 9 and SUSE Linux 9.2 up to 10.0 this is a maj [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-047: kernel security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux kernel of the SUSE Linux Enterprise 9 products has been The Linux kernel of the SUSE Linux Enterprise 9 products has been updated to fix the security problems list below. updated to fix the security problems list below. This update has already been released for the SUSE Linux Retail products, the Enterprise kernels got delayed due to QA problems. Since SUSE Linux Enterprise Server 8 is [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-046: clamav Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Damian Put discovered a bug in the UPX decoder used for scanning UPX Damian Put discovered a bug in the UPX decoder used for scanning UPX compressed Windows executables. The bug allows for a heap buffer compressed Windows executables. The bug allows for a heap buffer overflow and may potentially be exploitable to execute arbitrary code. ClamAV has been version updated to version 0.88.4 in order to [More...]

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved