Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
|
(Mar 5) |
|
Security Report Summary
|
|
(Mar 3) |
|
Security Report Summary
|
|
(Mar 2) |
|
Security Report Summary
|
|
(Feb 26) |
|
Security Report Summary
|
|
|
|
Mandriva: 2015:055: freetype2 (Mar 4) |
|
Updated freetype2 packages fix security vulnerabilities: The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds [More...]
|
|
Mandriva: 2015:054: bind (Mar 4) |
|
Updated bind packages fix security vulnerability: Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network [More...]
|
|
Mandriva: 2015:053: tomcat6 (Mar 3) |
|
Updated tomcat6 packages fix security vulnerabilities: Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote [More...]
|
|
Mandriva: 2015:052: tomcat (Mar 3) |
|
Updated tomcat packages fix security vulnerabilities: Apache Tomcat 7.x before 7.0.47, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect [More...]
|
|
Mandriva: 2015:051: sympa (Mar 3) |
|
Updated sympa packages fix security vulnerability: A vulnerability have been discovered in Sympa web interface that allows access to files on the server filesystem. This breach allows to send to a list or a user any file readable by the Sympa user, [More...]
|
|
Mandriva: 2015:050: patch (Mar 2) |
|
Updated patch package fixes security vulnerabilities: It was reported that a crafted diff file can make patch eat memory and later segfault (CVE-2014-9637). [More...]
|
|
Mandriva: 2015:049: cups (Mar 2) |
|
Updated cups packages fix security vulnerability: A malformed file with an invalid page header and compressed raster data can trigger a buffer overflow in cupsRasterReadPixels (CVE-2014-9679). [More...] _______________________________________________________________________
|
|
|
|
Red Hat: 2015:0643-01: qemu-kvm-rhev: Important Advisory (Mar 5) |
|
Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 for Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0644-01: openstack-glance: Low Advisory (Mar 5) |
|
Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Low security [More...]
|
|
Red Hat: 2015:0642-01: thunderbird: Important Advisory (Mar 5) |
|
An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0629-01: firefox: Critical Advisory (Mar 5) |
|
Updated firefox packages that fix multiple security issues are now available for the little-endian 64-bit PowerPC platform architecture (ppc64le) on Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0301-02: hivex: Moderate Advisory (Mar 5) |
|
Updated hivex packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0430-01: virt-who: Moderate Advisory (Mar 5) |
|
An updated virt-who package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0327-02: glibc: Moderate Advisory (Mar 5) |
|
Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0377-01: libreoffice: Moderate Advisory (Mar 5) |
|
Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0325-02: httpd: Low Advisory (Mar 5) |
|
Updated httpd packages that fix two security issues, several bugs, and add various enhancements are for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
|
|
Red Hat: 2015:0349-01: qemu-kvm: Important Advisory (Mar 5) |
|
Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0384-01: powerpc-utils: Low Advisory (Mar 5) |
|
Updated powerpc-utils packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0330-02: pcre: Low Advisory (Mar 5) |
|
Updated pcre packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
|
|
Red Hat: 2015:0439-01: krb5: Moderate Advisory (Mar 5) |
|
Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0323-02: libvirt: Low Advisory (Mar 5) |
|
Updated libvirt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
|
|
Red Hat: 2015:0535-01: GNOME Shell: Low Advisory (Mar 5) |
|
Updated gnome-shell, mutter, clutter, and cogl packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. [More...]
|
|
Red Hat: 2015:0425-02: openssh: Moderate Advisory (Mar 5) |
|
Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0383-01: ppc64-diag: Moderate Advisory (Mar 5) |
|
Updated ppc64-diag packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
|
|
Red Hat: 2015:0627-01: chromium-browser: Important Advisory (Mar 5) |
|
Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0288-01: foreman-proxy: Important Advisory (Mar 3) |
|
Updated foreman-proxy packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0287-01: foreman-proxy: Important Advisory (Mar 3) |
|
Updated foreman-proxy packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform Foreman. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0285-01: kernel: Important Advisory (Mar 3) |
|
Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security [More...]
|
|
Red Hat: 2015:0284-03: kernel: Important Advisory (Mar 3) |
|
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security [More...]
|
|
|
|
(Mar 5) |
|
New samba packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
|
|
(Feb 26) |
|
New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
|
|
(Feb 26) |
|
New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
|
|
|
|
Ubuntu: 2522-1: ICU vulnerabilities (Mar 5) |
|
ICU could be made to crash or run programs as your login if it processedspecially crafted data.
|
|
Ubuntu: 2516-3: Linux kernel vulnerabilities regression (Mar 4) |
|
USN-2516-1 introduced a regression in the Linux kernel.
|
|
Ubuntu: 2515-2: Linux kernel (Trusty HWE) vulnerabilities regression (Mar 4) |
|
USN-2515-1 introduced a regression in the Linux kernel.
|
|
Ubuntu: 2506-1: Thunderbird vulnerabilities (Mar 3) |
|
Several security issues were fixed in Thunderbird.
|
|
Ubuntu: 2516-2: Linux kernel vulnerability regression (Feb 28) |
|
USN-2516-1 introduced a regression in the Linux kernel.
|
|
Ubuntu: 2519-1: GNU C Library vulnerabilities (Feb 26) |
|
Several security issues were fixed in the GNU C Library.
|
|
Ubuntu: 2520-1: CUPS vulnerability (Feb 26) |
|
CUPS could be made to crash or run programs if it processed a speciallycrafted file.
|
|
Ubuntu: 2518-1: Linux kernel vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2512-1: Linux kernel (EC2) vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2513-1: Linux kernel vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2511-1: Linux kernel vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2514-1: Linux kernel (OMAP4) vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2515-1: Linux kernel (Trusty HWE) vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2516-1: Linux kernel vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2517-1: Linux kernel (Utopic HWE) vulnerabilities (Feb 26) |
|
Several security issues were fixed in the kernel.
|