|
Find the information you need for your favorite open source distribution
 To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
Updated libtiff packages that fix a security issue are now available for
Red Hat Enterprise Linux 2.1 and 3.Multiple uses of uninitialized values were discovered in libtiff's
Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could
create a carefully crafted LZW-encoded TIFF file that would cause an
application linked with libtiff to crash or, possibly, execute arbitrary
code. This update has been rated as having important security impact by the Red
Hat Security Response Team. |
|
|
Updated openoffice.org packages that fix a security issue are now available
for Red Hat Enterprise Linux 5. A numeric truncation error was found in the OpenOffice.org memory
allocator. If a carefully crafted file was opened by a victim, an attacker
could use this flaw to crash OpenOffice.org or, possibly, execute arbitrary
code. This update has been rated as having important security impact by the Red
Hat Security Response Team. |
|
|
Updated tomcat packages that fix several security issues are now available
for Red Hat Enterprise Linux 5. A cross-site scripting vulnerability was discovered in the
HttpServletResponse.sendError() method. A remote attacker could inject
arbitrary web script or HTML via forged HTTP headers.
This update has been rated as having important security impact by the Red
Hat Security Response Team. |
|
|
An updated ipsec-tools package that fixes two security issues is now
available for Red Hat Enterprise Linux 3, 4, and 5. Two denial of service flaws were found in the ipsec-tools racoon daemon. It was possible for a remote attacker to cause the racoon daemon to consume
all available memory.
This update has been rated as having important security impact by the Red
Hat Security Response Team. |
|
|
Updated kernel packages that fix several security issues and several bugs
are now available for Red Hat Enterprise MRG 1.0.
The possibility of a timeout value overflow was found in the Linux kernel
high-resolution timers functionality, hrtimer. This could allow a local
unprivileged user to execute arbitrary code, or cause a denial of service
(kernel panic).
This update has been rated as having important security impact by the Red
Hat Security Response Team. |
|
|
These packages also fix a low severity flaw in the way ssh handles X11
cookies when creating X11 forwarding connections. When ssh was unable to
create untrusted cookie, ssh used a trusted cookie instead, possibly
allowing the administrative user of a untrusted remote server, or untrusted
application run on the remote server, to gain unintended access to a users
local X server |
|
|
Updated libxml2 packages that fix a security issue are now available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team. |
|
|
<< Start < Prev 4 5 6 Next > End >>
|
| Results 22 - 28 of 1512 |
