Download
| Alert*
oval:org.secpod.oval:def:23613
nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:22312 linux: Linux kernel Details: USN-2448-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2448-1 introduced a regression ... oval:org.secpod.oval:def:21537 Ubuntu 14.10 is installed oval:org.secpod.oval:def:21538 systemd-shim: shim for systemd A denial of service issue was fixed in systemd-shim. oval:org.secpod.oval:def:23948 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:24344 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:24345 libxml-libxml-perl: Perl interface to the libxml2 library XML::LibXML could be made to expose sensitive information. oval:org.secpod.oval:def:702586 t1utils: Collection of simple Type 1 font manipulation programs t1utils could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702584 openssl: Secure Socket Layer cryptographic library and tools The export cipher suites have been disabled in OpenSSL. oval:org.secpod.oval:def:702507 dpkg: Debian package management system dpkg could be tricked into bypassing source package signature checks. oval:org.secpod.oval:def:702623 unattended-upgrades: automatic installation of security upgrades An attacker could trick unattended-upgrades into installing altered packages. oval:org.secpod.oval:def:702468 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted bdf font file. oval:org.secpod.oval:def:702346 strongswan: IPsec VPN solution strongSwan could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702345 cgmanager: Central cgroup manager daemon cgmanager could be made to expose sensitive information or devices to containers running on the system. oval:org.secpod.oval:def:702587 qt4-x11: Qt 4 libraries - qtbase-opensource-src: Qt 5 libraries Qt could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702620 linux: Linux kernel Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory The system could be made to cr ... oval:org.secpod.oval:def:702625 tomcat7: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:702349 exiv2: EXIF/IPTC metadata manipulation tool Exiv2 could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:702295 mountall: filesystem mounting tool mountall could mount certain filesystems with the wrong permissions. oval:org.secpod.oval:def:702570 python-dbusmock: mock D-Bus objects for tests python-dbusmock could be tricked into running arbitrary programs. oval:org.secpod.oval:def:702575 apport: automatically generate crash reports for debugging Apport could be tricked into creating arbitrary files as an administrator, resulting in privilege escalation. oval:org.secpod.oval:def:702453 firefox: Mozilla Open Source web browser Details: USN-2505-1 fixed vulnerabilities in Firefox. This update removed the deprecated quot;-remotequot; command-line switch that some older software still depends on. This update fixes the problem. We apologize for the inconvenience. Original advisory USN- ... oval:org.secpod.oval:def:702452 requests: elegant and simple HTTP library for Python Requests could be made to expose cookies over the network. oval:org.secpod.oval:def:702330 mutt: text-based mailreader supporting MIME, GPG, PGP and threading The mutt mail client could be made to crash if it opened a specially crafted email. oval:org.secpod.oval:def:702572 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:702458 ecryptfs-utils: eCryptfs cryptographic filesystem utilities Sensitive information in encrypted home and Private directories could be exposed if an attacker gained access to your files. oval:org.secpod.oval:def:702612 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:702611 aptdaemon: transaction based package management service Aptdaemon could be made to expose sensitive information, or allow file access as the administrator. oval:org.secpod.oval:def:702455 sudo: Provide limited super user privileges to specific users Sudo would allow unintended access to files. oval:org.secpod.oval:def:702339 xorg-server: X.Org X11 server - xorg-server-lts-trusty: Xorg X server - source files Details: USN-2436-1 fixed vulnerabilities in the X.Org X server. Since publication, additional fixes have been made available for these issues. This update adds the additional fixes. Original advisory USN-2436-1 con ... oval:org.secpod.oval:def:702614 patch: Apply a diff file to an original Several security issues were fixed in GNU patch. oval:org.secpod.oval:def:702613 devscripts: scripts to make the life of a Debian Package maintainer easier devscripts could be made to overwrite files. oval:org.secpod.oval:def:702321 tcpdump: command-line network traffic analyzer Several security issues were fixed in tcpdump. oval:org.secpod.oval:def:702287 gnutls28: GNU TLS library - commandline utilities GnuTLS could be made to crash or run programs if it processed a specially crafted certificate. oval:org.secpod.oval:def:702320 maas: Ubuntu MAAS Server Details: USN-2431-1 fixed vulnerabilities in mod_wsgi. The security update exposed an issue in the MAAS package, causing a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2431-1 caused a regression in the MAAS package. oval:org.secpod.oval:def:702280 curl: HTTP, HTTPS, and FTP client and client libraries curl could expose sensitive information over the network. oval:org.secpod.oval:def:702326 graphviz: rich set of graph drawing tools graphviz could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702568 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702604 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702569 fuse: Filesystem in Userspace FUSE could be made to overwrite files as the administrator. oval:org.secpod.oval:def:702394 firefox: Mozilla Open Source web browser Details: USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a regression which could make websites that use CSP fail to load under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-24 ... oval:org.secpod.oval:def:702310 flac: Free Lossless Audio Codec FLAC could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702398 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702552 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Several security issues were fixed in Module::Signature. oval:org.secpod.oval:def:702430 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702315 mod-wsgi: Python WSGI adapter module for Apache mod_wsgi could be made to run programs with incorrect privileges. oval:org.secpod.oval:def:702556 linux: Linux kernel Details: USN-2600-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenien ... oval:org.secpod.oval:def:702555 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702319 ppp: Point-to-Point Protocol ppp could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:702318 openvpn: virtual private network software OpenVPN could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702439 cups: Common UNIX Printing System CUPS could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702388 elfutils: collection of utilities to handle ELF objects elfutils could be made to overwrite files in the root directory if it received a specially crafted file. oval:org.secpod.oval:def:702421 xorg-server: X.Org X11 server - xorg-server-lts-utopic: X.Org X11 server - xorg-server-lts-trusty: X.Org X11 server Several security issues were fixed in the X.Org X server. oval:org.secpod.oval:def:702387 unbound: validating, recursive, caching DNS resolver Unbound could be made to consume resources if it received specially crafted network traffic. oval:org.secpod.oval:def:702386 samba: SMB/CIFS file, print, and login server for Unix A security issue was fixed in Samba. oval:org.secpod.oval:def:702540 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Dnsmasq could be made to crash or expose sensitive information if it received specially crafted network traffic. oval:org.secpod.oval:def:702309 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702422 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702428 e2fsprogs: ext2/ext3/ext4 file system utilities e2fsprogs could be made to crash or run programs as an administrator if it processed a specially crafted filesystem image. oval:org.secpod.oval:def:702306 squid3: Web proxy cache server Squid could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702427 ca-certificates: Common CA certificates ca-certificates was updated to the 20141019 package. oval:org.secpod.oval:def:702548 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702370 pyyaml: YAML parser and emitter for Python Applications using PyYAML could be made to crash if they received specially crafted input. oval:org.secpod.oval:def:702377 curl: HTTP, HTTPS, and FTP client and client libraries curl could be tricked into adding arbitrary requests when following certain URLs. oval:org.secpod.oval:def:702410 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:702498 firefox: Mozilla Open Source web browser Firefox could be made to bypass SSL certificate verification. oval:org.secpod.oval:def:702652 nbd: Network Block Device protocol Several security issues were fixed in NBD. oval:org.secpod.oval:def:702376 libyaml: Fast YAML 1.1 parser and emitter library Applications using LibYAML could be made to crash if they received specially crafted input. oval:org.secpod.oval:def:702497 mailman: Powerful, web-based mailing list manager Mailman could be made to run programs if it processed a specially crafted list name. oval:org.secpod.oval:def:702650 lxc: Linux Containers userspace tools Several security issues were fixed in LXC. oval:org.secpod.oval:def:702419 unzip: De-archiver for .zip files unzip could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702379 libevent: Asynchronous event notification library libevent could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702499 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702532 network-manager: Network connection manager NetworkManager would allow unintended access to files and modem device configuration. oval:org.secpod.oval:def:702483 jakarta-taglibs-standard: Implementation of JSP Standard Tag Library Apache Standard Taglibs loaded external XML entities. oval:org.secpod.oval:def:702361 libyaml-libyaml-perl: Perl interface to libyaml, a YAML implementation Applications using libyaml-libyaml-perl could be made to crash if they received specially crafted input. oval:org.secpod.oval:def:702487 libgcrypt11: LGPL Crypto library - libgcrypt20: LGPL Crypto library Several security issues were fixed in Libgcrypt. oval:org.secpod.oval:def:702520 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702640 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702408 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:702369 git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it received specially crafted changes from a remote repository. oval:org.secpod.oval:def:702523 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702368 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702489 tiff: Tag Image File Format library Details: USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for ... oval:org.secpod.oval:def:702488 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:702407 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:702528 ppp: Point-to-Point Protocol ppp could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702406 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:702646 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702350 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702471 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702592 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:702591 strongswan: IPsec VPN solution strongSwan could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702630 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702353 cpio: a program to manage archives of files The GNU cpio program could be made to crash or run programs if it opened a specially crafted file or received specially crafted input. oval:org.secpod.oval:def:702352 mime-support: MIME support programs run-mailcap could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702519 tcpdump: command-line network traffic analyzer tcpdump could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702518 usb-creator: create a startup disk using a CD or disc image usb-creator could be tricked into running programs as an administrator. oval:org.secpod.oval:def:702639 libwmf: Windows metafile conversion tools libwmf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702512 apport: automatically generate crash reports for debugging Details: USN-2569-1 fixed a vulnerability in Apport. Tavis Ormandy discovered that the fixed packages were still vulnerable to a privilege escalation attack. This update completely disables crash report handling for containers until a more c ... oval:org.secpod.oval:def:702511 apport: automatically generate crash reports for debugging Apport could be tricked into running programs as an administrator. oval:org.secpod.oval:def:702356 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702510 libxrender: X11 Rendering Extension client library - libx11: X11 client-side library libx11 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702517 wpa: client support for WPA and WPA2 wpa_supplicant could be made to crash, expose memory, or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702351 bsd-mailx: simple mail user agent bsd-mailx could be made to run programs if it parsed a specially crafted email address. oval:org.secpod.oval:def:702470 gnutls28: GNU TLS library - gnutls26: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:702629 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to crash or run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:702635 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702522 autofs: kernel-based automounter for Linux autofs could be made to run programs as an administrator if program maps were configured. oval:org.secpod.oval:def:702437 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702464 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:702333 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702288 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702281 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702283 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:702311 libksba: X.509 and CMS support library Libksba could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702296 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702389 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702411 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702459 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702340 nvidia-graphics-drivers-304: NVIDIA binary Xorg driver - nvidia-graphics-drivers-304-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-331: NVIDIA binary Xorg driver - nvidia-graphics-drivers-331-updates: NVIDIA binary Xorg driver Several security issues were fixed in the NVIDIA graphics ... oval:org.secpod.oval:def:702467 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702573 openldap: OpenLDAP utilities OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702337 xorg-server: X.Org X11 server - xorg-server-lts-trusty: X.Org X11 server Several security issues were fixed in the X.Org X server. oval:org.secpod.oval:def:702441 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702447 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:702446 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702395 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:702275 openjdk-7: Open Source Java implementation Details: USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. Original advisory Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:702314 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702316 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702429 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:702373 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox. Original advisory This update provides compatible packages for Firefox 35. oval:org.secpod.oval:def:702491 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702490 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702365 rpm: package manager for RPM Several security issues were fixed in RPM. oval:org.secpod.oval:def:702364 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:22313 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:702363 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702402 file: Tool to determine file types file could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:702338 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702560 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702600 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702566 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702392 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702557 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702549 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702372 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702651 mysql-5.6: MySQL database development files - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702596 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702634 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:702516 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702515 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:702324 jasper: Library for manipulating JPEG-2000 files JasPer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702390 jasper: Library for manipulating JPEG-2000 files JasPer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702312 dbus: simple interprocess messaging system DBus could be made to stop responding under certain conditions. oval:org.secpod.oval:def:702521 oxide-qt: Web browser engine library for Qt Several security issues were fixed in Oxide. oval:org.secpod.oval:def:702642 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702649 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702679 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702641 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702509 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:702469 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702466 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702293 ruby2.0: Object-oriented scripting language - ruby2.1: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby1.8: Object-oriented scripting language Ruby could be made to consume resources. oval:org.secpod.oval:def:702276 ruby2.0: Object-oriented scripting language - ruby2.1: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby1.8: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:702554 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:702317 glibc: GNU C Library - eglibc: GNU C Library The GNU C Library could be made to crash or run programs. oval:org.secpod.oval:def:702542 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702420 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702359 unzip: De-archiver for .zip files unzip could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702513 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702631 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702461 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702537 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702595 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:24343 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702508 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702486 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702431 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702624 python2.7: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:702332 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702274 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702302 linux: Linux kernel Several security issues were fixed in the kernel. |