
|
Find the information you need for your favorite open source distribution
To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
This update update upgrades thunderbird packages to upstream version 2.0.0.18,
which fixes multiple security issues detailed in upstream security advisories:
|
|
|
Fixes a couple of security issues when overflowing text data size of buffer
size. |
|
|
Security fixes from upstream 0.94 and 0.94.1: CVE-2008-3912 (#461461):
Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix
memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File
descriptor leak on the error code path CVE-2008-5050 (#470783):
get_unicode_name() off-by-one buffer overflow |
|
|
Security fixes from upstream 0.94 and 0.94.1: CVE-2008-1389 (#461461):
Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple
out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory
leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file
descriptor leaks on the error code path CVE-2008-5050 (#470783):
get_unicode_name() off-by-one buffer overflow |
|
|
The main reason for this update is a buffer overflow that is removed in this
version, that could be triggered by processing specially crafted bitmap images
(*.bmp). |
|
|
This update includes an upstream fix for a memory leak within the
"png_handle_tEXt()" function in pngrutil.c, which can be exploited by malicious
people to cause a DoS (Denial of Service) via a specially crafted PNG image. |
|
|
A major code audit did show several unsecure use of /tmp. This update
addresses those issues across the whole code. |
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 7 of 1635 |