|
Find the information you need for your favorite open source distribution
 To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
A vulnerability was found in gnome-screensaver 2.20.0 that could
possibly allow a local user to read the clipboard contents and X
selection data for a locked session by using CTRL-V (CVE-2007-6389).
The updated packages have been patched to correct this issue. |
|
|
An incorrect fix for CVE-2007-6239 resulted in Squid not performing
proper bounds checking when processing cache update replies. Because
of this, a remote authenticated user might have been able to trigger
an assertion error and cause a denial of service (CVE-2008-1612).
The updated packages have been patched to correct this issue. |
|
|
A denial of service condition was discovered in Sympa versions prior
to 5.4 that allowed remote attackers to crash the Sympa daemon via
a malformed email message (CVE-2008-1648).
The updated packages have been patched to correct this issue. |
|
|
A vulnerability was found in gnome-screensaver prior to 2.22.1
when a remote authentication server was enabled. During a network
outage, gnome-screensaver would crash upon an unlock attempt,
allowing physically local users to gain access to locked sessions
(CVE-2008-0887).
The updated packages have been patched to correct this issue. |
|
|
A few vulnerabilities and security-related issues have been fixed in
phpMyAdmin since the 2.11.2.2 release. This update provides version
2.11.7 which is the latest stable release of phpMyAdmin and fixes
CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, and CVE-2008-2960.
No configuration changes should be required since the previous update
(version 2.11.2.2). If upgrading from older versions, it may be
necessary to reconfigure phpMyAdmin. The configuration file is
located in /etc/phpMyAdmin/. In most cases, it should be sufficient
so simply replace config.default.php with config.default.php.rpmnew
and make whatever modifications are necessary. |
|
|
Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5
were discovered that could produce a zero seed in rare circumstances on
32bit systems and generations a portion of zero bits during conversion
due to insufficient precision on 64bit systems (CVE-2008-2107,
|
|
|
An integer overflow in the zip_read_entry() function in PHP prior
to 4.4.5 allowed remote attackers to execute arbitrary code via a
ZIP archive containing a certain type of entry that triggered a heap
overflow (CVE-2007-1777).
|
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 7 of 1491 |
