Download
| Alert*
|
oval:org.secpod.oval:def:24306
Ubuntu 15.04 is installed oval:org.secpod.oval:def:24344 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:24345 libxml-libxml-perl: Perl interface to the libxml2 library XML::LibXML could be made to expose sensitive information. oval:org.secpod.oval:def:702582 ntfs-3g: read/write NTFS driver for FUSE Details: USN-2617-1 fixed a vulnerability in NTFS-3G. The original patch did not completely address the issue. This update fixes the problem. Original advisory NTFS-3G could be made to overwrite files as the administrator. oval:org.secpod.oval:def:702740 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702584 openssl: Secure Socket Layer cryptographic library and tools The export cipher suites have been disabled in OpenSSL. oval:org.secpod.oval:def:702905 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:31642 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:702909 ldb: LDAP-like embedded database Several security issues were fixed in ldb. oval:org.secpod.oval:def:702623 unattended-upgrades: automatic installation of security upgrades An attacker could trick unattended-upgrades into installing altered packages. oval:org.secpod.oval:def:702742 freetype: FreeType 2 is a font engine library Several security issues were fixed in FreeType. oval:org.secpod.oval:def:702587 qt4-x11: Qt 4 libraries - qtbase-opensource-src: Qt 5 libraries Qt could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702747 unity-settings-daemon: daemon handling the Unity session settings Unity Settings Daemon would allow mounting removable media while the screen is locked. oval:org.secpod.oval:def:702625 tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:702570 python-dbusmock: mock D-Bus objects for tests python-dbusmock could be tricked into running arbitrary programs. oval:org.secpod.oval:def:702575 apport: automatically generate crash reports for debugging Apport could be tricked into creating arbitrary files as an administrator, resulting in privilege escalation. oval:org.secpod.oval:def:702572 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:702859 icedtea-web: A web browser plugin to execute Java applets Several security issues were fixed in IcedTea Web. oval:org.secpod.oval:def:702612 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:702611 aptdaemon: transaction based package management service Aptdaemon could be made to expose sensitive information, or allow file access as the administrator. oval:org.secpod.oval:def:702731 gnutls28: GNU TLS library GnuTLS could be made to crash or run programs if it processed a specially crafted certificate. oval:org.secpod.oval:def:702857 dpkg: Debian package management system dpkg-deb could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702856 python-django: High-level Python web development framework Django could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702734 libvdpau: Video Decode and Presentation API for Unix libvdpau could be made to run programs as an administrator. oval:org.secpod.oval:def:702849 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-304-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-352: NVIDIA binary X.Org dri ... oval:org.secpod.oval:def:702727 cups-filters: OpenPrinting CUPS Filters cups-filters would allow unintended access to printers over the network. oval:org.secpod.oval:def:702848 lxcfs: FUSE based filesystem for LXC Several security issues were fixed in LXCFS. oval:org.secpod.oval:def:702568 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702722 firefox: Mozilla Open Source web browser Details: USN-2702-1 fixed vulnerabilities in Firefox. After upgrading, some users in the US reported that their default search engine switched to Yahoo. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2702-1 introduced ... oval:org.secpod.oval:def:702567 ntfs-3g: read/write NTFS driver for FUSE Details: USN-2617-1 fixed a vulnerability in FUSE. This update provides the corresponding fix for the embedded FUSE copy in NTFS-3G. Original advisory NTFS-3G could be made to overwrite files as the administrator. oval:org.secpod.oval:def:702687 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702720 python-django: High-level Python web development framework Django could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702605 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702846 strongswan: IPsec VPN solution strongSwan could be made to bypass authentication. oval:org.secpod.oval:def:702569 fuse: Filesystem in Userspace FUSE could be made to overwrite files as the administrator. oval:org.secpod.oval:def:702790 pollinate: seed the pseudo random number generator in virtual machines Details: USN-2709-1 updated pollinate"s certificate for entropy.ubuntu.com but did not include a new certificate authority certificate. This update fixes the problem. We apologize for the inconvenience. Original advisory The syst ... oval:org.secpod.oval:def:702552 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Several security issues were fixed in Module::Signature. oval:org.secpod.oval:def:702794 click: Click package manager Click could be made to allow malicious apps unintended access to the system. oval:org.secpod.oval:def:702793 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information across origins oval:org.secpod.oval:def:702710 openssh: secure shell for secure access to remote machines Details: USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem. Original advisory USN-271 ... oval:org.secpod.oval:def:702555 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702796 miniupnpc: UPnP IGD client lightweight library An application using the MiniUPnP library could be made to crash or run programs as your login if it received specially crafted network traffic. oval:org.secpod.oval:def:702836 wpa: client support for WPA and WPA2 Several security issues were fixed in wpa_supplicant and hostapd. oval:org.secpod.oval:def:702713 pollinate: seed the pseudo random number generator in virtual machines The certificate bundled with pollinate has been refreshed. oval:org.secpod.oval:def:702833 unzip: De-archiver for .zip files Details: USN-2788-1 fixed vulnerabilities in unzip. One of the security patches caused a regression when extracting 0-byte files. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2788-1 introduced a regression in unzip. oval:org.secpod.oval:def:702540 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Dnsmasq could be made to crash or expose sensitive information if it received specially crafted network traffic. oval:org.secpod.oval:def:702700 cinder: OpenStack storage service Cinder could be made to access unintended files over the network by an authenticated user. oval:org.secpod.oval:def:702942 perl: Practical Extraction and Report Language Perl incorrectly handled the taint attribute. oval:org.secpod.oval:def:702941 rsync: fast, versatile, remote file-copying tool rsync could be made to write files outside of the expected directory. oval:org.secpod.oval:def:702940 ecryptfs-utils: eCryptfs cryptographic filesystem utilities mount.ecryptfs_private could be used to run programs as an administrator. oval:org.secpod.oval:def:702946 curl: HTTP, HTTPS, and FTP client and client libraries curl would incorrectly re-use credentials. oval:org.secpod.oval:def:702945 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702548 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702702 swift: OpenStack distributed virtual object store Several security issues were fixed in Swift. oval:org.secpod.oval:def:702823 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:702789 gdk-pixbuf: GDK Pixbuf library GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702652 nbd: Network Block Device protocol Several security issues were fixed in NBD. oval:org.secpod.oval:def:702773 cyrus-sasl2: Cyrus Simple Authentication and Security Layer Cyrus SASL could be made to crash if it processed specially crafted input. oval:org.secpod.oval:def:702894 git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it processed an untrusted repository. oval:org.secpod.oval:def:702650 lxc: Linux Containers userspace tools Several security issues were fixed in LXC. oval:org.secpod.oval:def:702770 rpcbind: converts RPC program numbers into universal addresses rpcbind could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702816 unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702810 apport: automatically generate crash reports for debugging Apport could be made to run programs as an administrator. oval:org.secpod.oval:def:702776 firefox: Mozilla Open Source web browser Details: USN-2743-1 fixed vulnerabilities in Firefox. After upgrading, some users reported problems with bookmark creation and crashes in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2743-1 intro ... oval:org.secpod.oval:def:702532 network-manager: Network connection manager NetworkManager would allow unintended access to files and modem device configuration. oval:org.secpod.oval:def:702779 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702812 audiofile: Open-source version of the SGI audiofile library audiofile could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702640 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702761 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-304-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-346: NVIDIA binary X.Org dri ... oval:org.secpod.oval:def:702763 lxc: Linux Containers userspace tools LXC could be made to start containers without AppArmor confinement or access the host filesystem. oval:org.secpod.oval:def:702884 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:702802 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702922 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702646 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702592 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:702591 strongswan: IPsec VPN solution strongSwan could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702630 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702872 libsndfile: Library for reading/writing audio files libsndfile could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702750 simplestreams: Library and tools for using Simple Streams data Applications using Simple Streams could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702870 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:26232 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:702639 libwmf: Windows metafile conversion tools libwmf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702914 pygments: syntax highlighting package written in Python Pygments could be made to crash or run programs if it processed a specially crafted font request. oval:org.secpod.oval:def:702918 isc-dhcp: DHCP server and client DHCP server, client, or relay could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:702754 simplestreams: Library and tools for using Simple Streams data Details: USN-2746-1 fixed a vulnerability in Simple Streams. The update caused a regression preventing MAAS from downloading PXE images. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2746-1 intr ... oval:org.secpod.oval:def:702752 apport: automatically generate crash reports for debugging Apport could be made to crash or overwrite files as an administrator. oval:org.secpod.oval:def:702873 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:26471 openslp-dfsg: OpenSLP development files OpenSLP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702901 sosreport: Set of tools to gather troubleshooting data from a system sosreport could be made to expose sensitive information or overwrite files as the administrator. oval:org.secpod.oval:def:702784 spice: SPICE protocol client and server library Spice could be made to crash or run programs. oval:org.secpod.oval:def:32656 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:702861 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:26406 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702743 spice: SPICE protocol client and server library Spice could be made to crash or run programs. oval:org.secpod.oval:def:702706 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702629 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to crash or run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:702680 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702703 python-keystoneclient: Client library for OpenStack Identity API - python-keystonemiddleware: Client library for OpenStack Identity API Keystone could be made to expose sensitive information over the network. oval:org.secpod.oval:def:30208 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database PostgreSQL could be made to crash or expose private information if it handled specially crafted data. oval:org.secpod.oval:def:702910 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:30044 commons-httpclient: A Java library for creating HTTP clients Several security issues were fixed in commons-httpclient. oval:org.secpod.oval:def:702573 openldap: OpenLDAP utilities OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702746 openldap: OpenLDAP utilities Several security issues were fixed in OpenLDAP. oval:org.secpod.oval:def:702900 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702745 icu: International Components for Unicode library Several security issues were fixed in ICU. oval:org.secpod.oval:def:702733 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702560 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702681 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702600 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702726 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702557 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702708 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information from local files. oval:org.secpod.oval:def:702829 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702709 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:702549 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702651 mysql-5.6: MySQL database development files - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702937 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702777 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:26888 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702766 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702596 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702634 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:702636 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702675 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:702944 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702809 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702877 grub2: GRand Unified Bootloader GRUB password protection can be bypassed. oval:org.secpod.oval:def:702749 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702907 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702866 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702850 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702858 openjdk-7: Open Source Java implementation A security issue was fixed in OpenJDK 7. oval:org.secpod.oval:def:702847 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:702724 gdk-pixbuf: GDK Pixbuf library GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702723 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702711 ubufox: Ubuntu modifications for Firefox Details: USN-2702-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox. Original advisory This update provides compatible packages for Firefox 40. oval:org.secpod.oval:def:702830 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702714 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702956 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:702780 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702825 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702824 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702943 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702930 libxml2: GNOME XML library libxml2 could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:702814 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:702811 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:702881 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702920 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702921 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702751 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory This update provides compatible packages for Firefox 41 oval:org.secpod.oval:def:702916 openssh: secure shell for secure access to remote machines OpenSSH could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702915 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702919 gnutls28: GNU TLS library - gnutls26: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702755 unity-firefox-extension: Unity Integration for Firefox - webaccounts-browser-extension: Ubuntu Online Accounts extension for chromium - webapps-greasemonkey: Firefox extension: Website Integration Details: USN-2743-1 fixed vulnerabilities in Firefox. Future Firefox updates will require all addons be ... oval:org.secpod.oval:def:702663 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:702642 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702649 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702874 libxml2: GNOME XML library libxml2 could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:702868 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702693 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702797 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702835 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702876 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702716 net-snmp: SNMP server and applications Net-SNMP could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702678 tidy: HTML syntax checker and reformatter HTML Tidy could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702554 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:702542 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702772 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702631 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702601 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702533 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:25771 sqlite3: C library that implements an SQL database engine SQLite could be made to crash or run programs if it processed specially crafted queries. oval:org.secpod.oval:def:702729 expat: XML parsing C library Expat could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702701 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702667 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702871 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:25769 pcre3: Perl 5 Compatible Regular Expression Library PCRE could be made to crash or run programs if it processed a specially-crafted regular expression. oval:org.secpod.oval:def:702813 php5: HTML-embedded scripting language interpreter PHP could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:702741 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702948 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702895 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702932 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702659 hplip: HP Linux Printing and Imaging System HPLIP could be tricked into downloading a different GPG key when performing printer plugin installations. oval:org.secpod.oval:def:702635 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. |
