Red Hat: 2012:0478-01: samba: Critical Advisory

 ( 403 days 12 hours ago)

LinuxSecurity.com: Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having critical [More...]

Mandriva: 2012:058: curl

 ( 403 days 12 hours ago)

LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in curl: curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem (CVE-2011-3389). [More...]

Debian: 2451-1: puppet: Multiple vulnerabilities

 ( 403 days 12 hours ago)

LinuxSecurity.com: Several vulnerabilities have been discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]

Ubuntu: 1423-1: Samba vulnerability

 ( 403 days 12 hours ago)

LinuxSecurity.com: Samba could be made to run programs as the administrator if it receivedspecially crafted network traffic.

Debian: 2450-1: samba: privilege escalation

 ( 403 days 12 hours ago)

LinuxSecurity.com: It was discovered that Samba, the SMB/CIFS file, print, and login server, contained a flaw in the remote procedure call (RPC) code which allowed remote code execution as the super user from an unauthenticated connection. [More...]

Ubuntu: 1422-1: Linux kernel vulnerabilities

 ( 403 days 12 hours ago)

LinuxSecurity.com: Several security issues were fixed in the kernel.

Ubuntu: 1421-1: Linux kernel (Maverick backport) vulnerabilities

 ( 403 days 12 hours ago)

LinuxSecurity.com: Several security issues were fixed in the kernel.

Mandriva: 2012:057: freetype2

 ( 403 days 12 hours ago)

LinuxSecurity.com: Multiple flaws were found in FreeType. Specially crafted files could cause application crashes or potentially execute arbitrary code (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, [More...]

Mandriva: 2012:056: rpm

 ( 403 days 12 hours ago)

LinuxSecurity.com: Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code (CVE-2012-0060, [More...]

Debian: 2449-1: sqlalchemy: missing input sanitization

 ( 403 days 12 hours ago)

LinuxSecurity.com: It was discovered that sqlalchemy, an SQL toolkit and object relational mapper for python, is not sanitizing input passed to the limit/offset keywords to select() as well as the value passed to select.limit()/offset(). This allows an attacker to perform SQL injection attacks against [More...]