Download
| Alert*
oval:org.secpod.oval:def:700828
aptdaemon: transaction based package management service An attacker could trick Aptdaemon into installing altered packages. oval:org.secpod.oval:def:700677 t1lib: Type 1 font rasterizer library - runtime t1lib could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:701069 libproxy: automatic proxy configuration management library libproxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701057 exim4: Exim is a mail transport agent Exim could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:700874 nut: Network UPS tools Nut could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700859 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700731 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700732 t1lib: Type 1 font rasterizer library - runtime t1lib could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700951 icedtea-web: A web browser plugin to execute Java applets The IcedTea-Web Java web browser plugin could be made to crash or possibly run programs as your login if it opened a specially crafted applet. oval:org.secpod.oval:def:701004 isc-dhcp: DHCP server and client - dhcp3: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700948 isc-dhcp: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700904 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701095 firefox: Mozilla Open Source web browser Details: USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Original advisory Regressions were introduced in the last Firefox update. oval:org.secpod.oval:def:700790 lightdm: Display Manager Light Display Manager would allow unintended access to file descriptors. oval:org.secpod.oval:def:701073 python-django: High-level Python web development framework Details: USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. Original advisory ... oval:org.secpod.oval:def:700784 python-httplib2: comprehensive HTTP client library written for Python httplib2 could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700789 ubuntuone-couch: Ubuntu One CouchDB Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:700771 update-manager: GNOME application that manages apt updates Details: USN-1284-1 fixed vulnerabilities in Update Manager. One of the fixes introduced a regression for Kubuntu users attempting to upgrade to a newer Ubuntu release. This update fixes the problem. We apologize for the inconvenience. Origi ... oval:org.secpod.oval:def:700893 apparmor: Linux security system This update provides updates for the AppArmor profile abstractions. oval:org.secpod.oval:def:700898 apt: Advanced front-end for dpkg APT now more thoroughly verifies imported keyrings. oval:org.secpod.oval:def:700767 php5: HTML-embedded scripting language interpreter Details: USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get function. We apologize for the inconven ... oval:org.secpod.oval:def:700889 nova: OpenStack Compute cloud infrastructure Details: USN 1466-1 fixed a vulnerability in Nova. The upstream patch introduced a regression when a security group granted full access and therefore the network protocol was left unset, causing an error in processing. This update fixes the issue. We apol ... oval:org.secpod.oval:def:700996 firefox: Mozilla Open Source web browser Details: USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Original advisory USN-1548-1 introduced a regression in Firefox. oval:org.secpod.oval:def:700981 icedtea-web: A web browser plugin to execute Java applets Details: USN-1505-1 fixed vulnerabilities in OpenJDK 6. As part of the update, IcedTea-Web packages were upgraded to a new version. That upgrade introduced a regression which prevented the IcedTea-Web plugin from working with the Chromium web ... oval:org.secpod.oval:def:700745 openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Details: USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm introduced a regression that caused TLS/SSL connections to ... oval:org.secpod.oval:def:700737 Ubuntu 11.10 is installed oval:org.secpod.oval:def:701026 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1551-1 fixed vulnerabilities in Thunderbird. The new package caused a regression in the message editor and certain performance regressions as well. This update fixes the problems. Original advisory USN-1551-1 introduced regressi ... oval:org.secpod.oval:def:700840 mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700602 Ubuntu 11.10 is installed oval:org.secpod.oval:def:700953 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver NVIDIA graphics drivers could be made to run programs as an admini ... oval:org.secpod.oval:def:700826 ca-certificates-java: Common CA certificates Details: USN-1197-7 fixed a vulnerability in ca-certificates-java. The new package broke upgrades from Ubuntu 11.04 to Ubuntu 11.10. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1197-7 introduced a regression i ... oval:org.secpod.oval:def:700829 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1400-3 fixed vulnerabilities in Thunderbird. The new Thunderbird version caused a regression in IMAP connections and mail filtering. This update fixes the problem. Original advisory USN-1400-3 introduced regressions in Thunderbi ... oval:org.secpod.oval:def:700823 ca-certificates-java: Common CA certificates Details: USN-1197-5 addressed an issue in ca-certificates pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for ca-certificates-java. Original advisory A certificate ... oval:org.secpod.oval:def:700908 firefox: Mozilla Open Source web browser Details: USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Original advisory USN-1463-1 introduced regressions i ... oval:org.secpod.oval:def:700900 unity-2d: Unity interface for non-accelerated graphics cards Popup menus were not working in Firefox under Unity 2D. oval:org.secpod.oval:def:701023 software-properties: manage the repositories that you install software from Software Properties could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:700864 backuppc: high-performance, enterprise-grade system for backing up PCs BackupPC could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700947 mono: Mono is a platform for running and developing applications Mono could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700933 rhythmbox: music player and organizer for GNOME Rhythmbox could be made to run programs as your login when using the Context plugin. oval:org.secpod.oval:def:700971 clamav: Anti-virus utility for Unix Details: USN-1482-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan files in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1482-1 introduced a regression in ClamAV that co ... oval:org.secpod.oval:def:700907 clamav: Anti-virus utility for Unix Details: USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem. We apologize for the inconvenience. Original advisory ClamAV could improperly detect malware if it opened a specia ... oval:org.secpod.oval:def:700686 lightdm: Display Manager Several security issues were fixed in Light Display Manager. oval:org.secpod.oval:def:700664 update-manager: GNOME application that manages apt updates - update-notifier: Daemon which notifies about package updates Update Manager could be made to overwrite files as the administrator. oval:org.secpod.oval:def:701072 python-django: High-level Python web development framework Django could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700877 update-manager: GNOME application that manages apt updates Details: USN-1443-1 fixed vulnerabilities in Update Manager. The fix for CVE-2012-0949 was discovered to be incomplete. This update fixes the problem. Original advisory Update Manager could expose sensitive information in certain circumstanc ... oval:org.secpod.oval:def:700989 python-django: High-level Python web development framework Applications using Django could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700861 update-manager: GNOME application that manages apt updates Update Manager could expose sensitive information in certain circumstances. oval:org.secpod.oval:def:700714 colord: Service to manage device colour profiles colord could be made to modify databases. oval:org.secpod.oval:def:701081 libssh: A tiny C SSH library linssh could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701064 icedtea-web: A web browser plugin to execute Java applets The Icedtea-Web plugin could be made to crash or run programs as your login if it opened a specially crafted web page. oval:org.secpod.oval:def:700979 libgc: Boehm-Demers-Weiser garbage collecting storage allocator library Applications using libgc could be made to crash or run arbitrary programs as your login. oval:org.secpod.oval:def:700803 python-pam: A Python interface to the PAM library PyPAM could be made to crash or possibly run programs if it processed a specially crafted password. oval:org.secpod.oval:def:700807 ldm: LTSP display manager LTSP Display Manager could be made to run programs as an administrator. oval:org.secpod.oval:def:700671 kdeutils: KDE general-purpose utilities Ark could be made to remove files. oval:org.secpod.oval:def:700659 nova: OpenStack Compute cloud infrastructure Nova could be made to overwrite files. oval:org.secpod.oval:def:700927 nova: OpenStack Compute cloud infrastructure Nova could be made to overwrite or corrupt arbitrary files in the compute host file system. oval:org.secpod.oval:def:701044 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700973 libconfig-inifiles-perl: Perl module for working with INI configuration files Config-IniFiles could be made to overwrite arbitrary files. oval:org.secpod.oval:def:701027 emacs23: The GNU Emacs editor Emacs could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700884 ubuntu-sso-client: Ubuntu Single Sign-On client Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:700980 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700982 firefox: Mozilla Open Source web browser Multiple security issues were fixed in Firefox. oval:org.secpod.oval:def:700779 puppet: Centralized configuration management Puppet could be made to overwrite files and run programs with administrator privileges. oval:org.secpod.oval:def:700769 devscripts: scripts to make the life of a Debian Package maintainer easier debdiff, a part of devscripts, could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700885 ubuntuone-client: Ubuntu One client Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:700883 ubuntuone-storage-protocol: Python library for Ubuntu One file storage and sharing service Details: USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. Original advisory Fraudulent security certificates could allow se ... oval:org.secpod.oval:def:700887 nova: OpenStack Compute cloud infrastructure Nova could be prevented from applying security group policy. oval:org.secpod.oval:def:700751 software-properties: manage the repositories that you install software from Software Properties could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:700978 libgdata: Library to access GData services - evolution-data-server: Evolution suite data server Applications using GData services could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700950 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:700706 system-config-printer: Python modules for printer configuration with CUPS An attacker could trick system-config-printer into installing altered packages and repositories. oval:org.secpod.oval:def:700701 software-center: Utility for browsing, installing, and removing software An attacker could trick Software Center into installing altered packages and repositories or exposing sensitive information over the network. oval:org.secpod.oval:def:700694 isc-dhcp: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700697 krb5: MIT Kerberos Network Authentication Protocol The Kerberos Key Distribution Center could be made to crash. oval:org.secpod.oval:def:700676 python-django: High-level Python web development framework Applications using Django could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700795 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:701061 munin: Network-wide graphing framework Several security issues were fixed in Munin. oval:org.secpod.oval:def:700766 puppet: Centralized configuration management Puppet would allow unintended access to resources over the network. oval:org.secpod.oval:def:700750 accountsservice: query and manipulate user account information AccountsService could be made to overwrite files as the administrator. oval:org.secpod.oval:def:701047 libgssglue: header files and docs for libgssglue Privilege escalation via the GSSAPI_MECH_CONF environment variable with setuid programs. oval:org.secpod.oval:def:701038 moin: Collaborative hypertext environment Several security issues were fixed in MoinMoin. oval:org.secpod.oval:def:700740 xorg: X.Org X Window System X could be made to start by a user who lacked appropriate permissions. oval:org.secpod.oval:def:700977 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700853 nova: OpenStack Compute cloud infrastructure Nova could be made to crash the system under certain conditions. oval:org.secpod.oval:def:700723 nova: OpenStack Compute cloud infrastructure Nova would allow unintended access to resources over the network. oval:org.secpod.oval:def:700833 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver NVIDIA graphics drivers could be made to run programs as an admini ... oval:org.secpod.oval:def:700824 nova: OpenStack Compute cloud infrastructure Nova log files could be made to exhaust storage resources. oval:org.secpod.oval:def:700806 lightdm: Display Manager Light Display Manager could be made to delete files as the administrator. oval:org.secpod.oval:def:700912 network-manager: Network connection manager NetworkManager could create insecure AdHoc wireless networks. oval:org.secpod.oval:def:700913 network-manager-applet: GNOME frontend for NetworkManager Details: USN-1483-1 fixed a vulnerability in NetworkManager by disabling the creation of WPA-secured AdHoc wireless connections. This update provides the corresponding change for network-manager-applet. Original advisory network-manager-apple ... oval:org.secpod.oval:def:700905 clamav: Anti-virus utility for Unix ClamAV could improperly detect malware if it opened a specially crafted file. oval:org.secpod.oval:def:700693 acpid: Advanced Configuration and Power Interface daemon Several security issues were fixed in acpid. oval:org.secpod.oval:def:700945 libexif: library to parse EXIF files libexif could be made to crash, run programs as your login, or expose sensitive information if it opened a specially crafted file. oval:org.secpod.oval:def:700896 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:700768 firefox: Mozilla Open Source web browser A security vulnerability has been fixed in Firefox. oval:org.secpod.oval:def:700775 libvorbis: The Vorbis General Audio Compression Codec libvorbis could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701040 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701045 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700754 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700755 mozvoikko: Finnish spell-checker extension for Firefox Details: USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. Original advisory This update provides compatible Mozvoikko packages for the latest Firefox. oval:org.secpod.oval:def:701036 firefox: Mozilla Open Source web browser Multiple security issues were fixed in Firefox. oval:org.secpod.oval:def:700654 dovecot: IMAP and POP3 email server Dovecot could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700942 kdepim: Personal Information Management apps KDE PIM could be made to execute JavaScript if it opened a specially crafted email. oval:org.secpod.oval:def:700680 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700831 gnutls26: the GNU TLS library - commandline utilities - gnutls13: the GNU TLS library - commandline utilities The GnuTLS library could be made to crash under certain conditions. oval:org.secpod.oval:def:700919 python-crypto: cryptographic algorithms and protocols for Python PyCrypto improperly created ElGamal encryption keys. oval:org.secpod.oval:def:700921 accountsservice: query and manipulate user account information AccountsService could be made to read arbitrary files as the administrator. oval:org.secpod.oval:def:700860 sudo: Provide limited super user privileges to specific users Sudo could allow users to run arbitrary programs as the administrator. oval:org.secpod.oval:def:700930 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:700742 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700729 mozvoikko: Finnish spell-checker extension for Firefox oval:org.secpod.oval:def:700724 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701056 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701059 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web cont ... oval:org.secpod.oval:def:700814 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1400-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700808 ubufox: Finnish spell-checker extension for Firefox Details: USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700809 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700972 nss: Network Security Service library NSS could be made to crash if it opened a specially crafted certificate. oval:org.secpod.oval:def:701075 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701078 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:701076 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700940 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700941 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the lastest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700939 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700764 tomcat6: Servlet and JSP engine Tomcat could be made to crash or expose sensitive information if it received specially crafted network traffic. oval:org.secpod.oval:def:700886 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700909 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701024 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:700936 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:700705 bzip2: high-quality block-sorting file compressor - utilities Executables compressed by bzexe could be made to run programs as your login. oval:org.secpod.oval:def:700983 openjdk-6: Open Source Java implementation Two security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:700855 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700844 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700845 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700866 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701031 libxslt: XSLT processing library Applications using libxslt could be made to crash or run programs as your login if they processed a specially crafted file. oval:org.secpod.oval:def:700848 libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:701074 python-keyring: store and access your passwords safely Several security issues were fixed in Python Keyring. oval:org.secpod.oval:def:701195 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701196 transmission: lightweight BitTorrent client Transmission could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701188 nova: OpenStack Compute cloud infrastructure Nova could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701170 jquery: JavaScript library for dynamic web applications jQuery could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701164 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a ... oval:org.secpod.oval:def:701151 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701273 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701150 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701154 nova: OpenStack Compute cloud infrastructure Nova volume could be made to expose volumes from other users. oval:org.secpod.oval:def:701261 icedtea-web: A web browser plugin to execute Java applets Details: USN-1804-1 fixed vulnerabilities in IcedTea-Web. This update introduced a regression with the Java Network Launching Protocol when fetching content over SSL under certain configurations, such as when using the community-supported Ic ... oval:org.secpod.oval:def:701262 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701144 vino: VNC server for GNOME Vino could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701147 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, some translations became unusable after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a regression in ... oval:org.secpod.oval:def:701133 nspr: NetScape Portable Runtime Library Details: USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:701254 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701132 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701258 icedtea-web: A web browser plugin to execute Java applets Two security issues were fixed in IcedTea-Web. oval:org.secpod.oval:def:701257 xorg-server: X.Org X server - xorg-server-lts-quantal: X.Org X server The X server could be made to reveal keystrokes of other users. oval:org.secpod.oval:def:701123 moin: Collaborative hypertext environment MoinMoin could be made to run programs and overwrite files. oval:org.secpod.oval:def:701112 apport: automatically generate crash reports for debugging A hardening measure was added to apport. oval:org.secpod.oval:def:701110 aptdaemon: transaction based package management service Aptdaemon could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:701115 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701236 poppler: PDF rendering library Applications using poppler could be made to crash or possibly run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701117 apparmor: Linux security system A weakness was discovered in the example AppArmor profile for chromium-browser. oval:org.secpod.oval:def:701238 libxslt: XSLT processing library Applications using libxslt could be made to crash if they processed a specially crafted file. oval:org.secpod.oval:def:701100 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701225 nova: OpenStack Compute cloud infrastructure Two security issues were fixed in Nova. oval:org.secpod.oval:def:701224 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:701107 apt: Advanced front-end for dpkg APT could expose sensitive information. oval:org.secpod.oval:def:701210 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:701213 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:701217 nspr: NetScape Portable Runtime Library Details: USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:701204 firefox: Mozilla Open Source web browser Details: USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in freezes and crashes when using multiple tabs with images displayed. This update fixes the problem. We apologize for the inconvenience. Origin ... oval:org.secpod.oval:def:701207 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:700852 samba: SMB/CIFS file, print, and login server for Unix Samba could allow a user to gain administrative privileges to the Samba server. oval:org.secpod.oval:def:700674 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700774 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700651 php5: HTML-embedded scripting language interpreter PHP could be made to crash or disclose sensitive information if it processed a specially crafted image file. oval:org.secpod.oval:def:700772 firefox: Mozilla Open Source web browser Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Firefox. Original advisory Firefox could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700739 curl: HTTP, HTTPS, and FTP client and client libraries curl could be tricked into injecting arbitrary data if it handled a malicious URL. oval:org.secpod.oval:def:700836 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as the administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:700711 libarchive: Library to read/write archive files libarchive could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700832 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701011 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be tricked into downloading a different key when downloading from a key server. oval:org.secpod.oval:def:700935 openjdk-6: Open Source Java implementation - icedtea-web: A web browser plugin to execute Java applets Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701060 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700825 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701230 gnome-online-accounts: GNOME Online Accounts GNOME Online Accounts could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701153 glance: OpenStack Image Registry and Delivery Service Glance could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701175 qt4-x11: Qt 4 libraries Several security issues were fixed in Qt. oval:org.secpod.oval:def:701163 xserver-xorg-video-qxl: X.Org X server -- QXL display driver Guests using the QXL graphics driver could be caused to hang or crash. oval:org.secpod.oval:def:701156 squid3: Full featured Web Proxy cache - squid: Internet object cache squid-cgi could consume excessive system resources, leading to a denial of service attack on it and other hosted services. oval:org.secpod.oval:def:701099 tiff: Tag Image File Format library Programs that use LibTIFF could be made to crash or run programs if they opened a specially crafted file. oval:org.secpod.oval:def:700782 libxml2: GNOME XML library libxml2 could be made to cause a denial of service by consuming excessive CPU resources. oval:org.secpod.oval:def:701021 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs. oval:org.secpod.oval:def:701071 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701020 devscripts: scripts to make the life of a Debian Package maintainer easier Several security issues were fixed in devscripts. oval:org.secpod.oval:def:701029 dbus: simple interprocess messaging system Details: USN-1576-1 fixed vulnerabilities in DBus. The update caused a regression for certain services launched from the activation helper, and caused an unclean shutdown on upgrade. This update fixes the problem. We apologize for the inconvenience. Origina ... oval:org.secpod.oval:def:701007 dbus: simple interprocess messaging system DBus could be made to run programs as an administrator. oval:org.secpod.oval:def:700992 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701022 eglibc: GNU C Library - glibc: GNU C Library Multiple security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:700970 libotr: Off-the-Record Messaging library Applications using Off-the-Record messaging plugins could be made to crash or run programs if it received specially crafted network messages. oval:org.secpod.oval:def:700976 nova: OpenStack Compute cloud infrastructure Nova could be made to overwrite or corrupt arbitrary files in the compute host file system. oval:org.secpod.oval:def:700965 koffice: KDE Office Suite KOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700943 tiff: Tag Image File Format library tiff2pdf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700966 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700952 qemu-kvm: Machine emulator and virtualizer QEMU could be made to overwrite files as the administrator, or expose sensitive information. oval:org.secpod.oval:def:700815 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700819 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to deny services if it received specially crafted local area network traffic. oval:org.secpod.oval:def:700747 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it opened specially crafted data. oval:org.secpod.oval:def:700926 libreoffice: Office productivity suite - libreoffice-l10n: Office productivity suite help LibreOffice could be made to crash or potentially run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700928 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700916 linux: Linux kernel The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700662 libmodplug: Library for mod music based on ModPlug libmodplug could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700851 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700670 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700778 cvs: Concurrent Versions System cvs could be made to crash or run programs as your login if it connected to a malicious proxy server. oval:org.secpod.oval:def:700726 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700830 tiff: Tag Image File Format library The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700710 linux: Linux kernel The system could be made to expose sensitive information locally. oval:org.secpod.oval:def:700692 linux-ti-omap4: Linux kernel for OMAP4 A security issue was fixed in the kernel. oval:org.secpod.oval:def:700854 php5: HTML-embedded scripting language interpreter Standalone PHP CGI scripts could be made to execute arbitrary code with the privilege of the web server. oval:org.secpod.oval:def:700811 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700738 qemu-kvm: Machine emulator and virtualizer A remote attacker could cause QEMU to crash. oval:org.secpod.oval:def:700763 openssl: Secure Socket Layer binary and related cryptographic tools Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. oval:org.secpod.oval:def:701142 rpm: package manager for RPM RPM could be made to crash or run programs if it opened a specially crafted package file. oval:org.secpod.oval:def:700699 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700650 openldap: OpenLDAP utilities An OpenLDAP server could potentially be made to crash if it received specially crafted network traffic from an authenticated user. oval:org.secpod.oval:def:700661 vsftpd: FTP server written for security Vsftpd or other applications could be made to crash if vsftpd received specially crafted network traffic. oval:org.secpod.oval:def:700688 commons-daemon: wrapper to launch Java applications as daemons Apache Commons Daemon would allow unintended access to files over the network. oval:org.secpod.oval:def:700761 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700736 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:700730 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700663 radvd: Router Advertisement Daemon radvd could be made to crash or overwrite certain files if it received specially crafted network traffic. oval:org.secpod.oval:def:700813 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700709 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:700672 apache2: Apache HTTP server - apache2-mpm-itk: multiuser MPM for Apache 2.2 Details: It was discovered that the mod_proxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to c ... oval:org.secpod.oval:def:700683 tomcat6: Servlet and JSP engine Tomcat could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:700770 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700783 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Several security issues were fixed in ruby1.8. oval:org.secpod.oval:def:700733 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701098 cups: Common UNIX Printing System - cupsys: Common UNIX Printing System CUPS could be made to read files or run programs as an administrator. oval:org.secpod.oval:def:701086 perl: Larry Wall"s Practical Extraction and Report Language Perl programs could be made to crash or run programs if they receive specially crafted network traffic or other input. oval:org.secpod.oval:def:701194 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701199 dbus-glib: simple interprocess messaging system An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges. oval:org.secpod.oval:def:701077 tomcat6: Servlet and JSP engine Several security issues were fixed in Apache Tomcat. oval:org.secpod.oval:def:701191 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701067 qt4-x11: Qt 4 libraries Qt applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701066 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:701181 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701171 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701172 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701177 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:700888 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700765 php5: HTML-embedded scripting language interpreter Multiple vulnerabilities in PHP. oval:org.secpod.oval:def:700990 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701167 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700872 openssl: Secure Socket Layer cryptographic library and tools Applications using OpenSSL in certain situations could be made to crash or expose sensitive information. oval:org.secpod.oval:def:701275 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:700868 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701039 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:700985 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701146 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700850 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701134 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to leak data on the kernel stack. oval:org.secpod.oval:def:701255 curl: HTTP, HTTPS, and FTP client and client libraries Applications using libcurl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701135 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:700963 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701018 freeradius: a high-performance and highly configurable RADIUS server FreeRADIUS could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:700843 openssl: Secure Socket Layer cryptographic library and tools An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701243 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:700838 openssl: Secure Socket Layer cryptographic library and tools An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701126 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701245 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701125 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701129 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701233 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Ruby could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701231 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701235 libxml2: GNOME XML library libxml2 could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701223 perl: Practical Extraction and Report Language Perl could be made to stop responding if it received specially crafted input. oval:org.secpod.oval:def:701103 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database MySQL could be made to run programs if it received specially crafted network traffic from an authenticated user. oval:org.secpod.oval:def:701211 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory Thunderbird could be made to crash or run programs as your login. oval:org.secpod.oval:def:701215 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701219 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701200 sudo: Provide limited super user privileges to specific users Sudo could be made to run programs as the administrator without a password prompt. oval:org.secpod.oval:def:701209 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701206 openjdk-6: Open Source Java implementation OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700880 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700999 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701035 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701137 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701000 bind9: Internet Domain Name Server Bind could be made to crash or if it received specially crafted network traffic. oval:org.secpod.oval:def:701128 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to corrupt the keyring if it imported a specially crafted key. oval:org.secpod.oval:def:700949 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701237 bind9: Internet Domain Name Server Bind could be made to consume memory or crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701104 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701214 php5: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701202 gnutls26: GNU TLS library - gnutls13: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701001 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700958 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701003 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700665 jasper: Library for manipulating JPEG-2000 files JasPer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700834 puppet: Centralized configuration management Several security issues were fixed in puppet. oval:org.secpod.oval:def:701083 lynx-cur: Text-mode WWW Browser with NLS support Two security issues were fixed in Lynx. oval:org.secpod.oval:def:701094 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701087 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701184 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701183 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:700891 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700899 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700762 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701041 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700870 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701046 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700879 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701155 inkscape: vector-based drawing program Several security issues were fixed in Inkscape. oval:org.secpod.oval:def:701130 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701120 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701121 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701239 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701205 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700787 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701168 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:700975 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could allow unintended access to files over the network when using the XML2 extension. oval:org.secpod.oval:def:701240 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:700929 tiff: Tag Image File Format library The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700903 raptor: Raptor RDF parser and serializer library Applications using Raptor could be made to expose sensitive information or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:700805 mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700773 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:700993 xmlrpc-c: Lightweight RPC library based on XML and HTTP Details: USN-1527-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Both issues described in the original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04, 11.10 and 12 ... oval:org.secpod.oval:def:700959 expat: XML parsing C library - example application Expat could be made to cause a denial of service by consuming excessive CPU and memory resources. oval:org.secpod.oval:def:700881 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash or incorrectly handle authentication. oval:org.secpod.oval:def:700906 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701053 python3.2: Interactive high-level object-oriented language Several security issues were fixed in Python 3.2. oval:org.secpod.oval:def:701030 python2.6: An interactive high-level object-oriented language Several security issues were fixed in Python 2.6. oval:org.secpod.oval:def:701019 python2.7: An interactive high-level object-oriented language Several security issues were fixed in Python 2.7. oval:org.secpod.oval:def:700713 icedtea-web: A web browser plugin to execute Java applets - openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed. oval:org.secpod.oval:def:700673 firefox: Mozilla Open Source web browser Multiple vulnerabilities have been fixed in Firefox. oval:org.secpod.oval:def:700700 thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities have been fixed in Thunderbird. oval:org.secpod.oval:def:700802 eglibc: Embedded GNU C Library: sources - glibc: GNU C Library: Documentation Multiple vulnerabilities were discovered and fixed in the GNU C Library. oval:org.secpod.oval:def:700695 mozvoikko: Finnish spell-checker extension for Firefox - ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Original advisory This update provi ... oval:org.secpod.oval:def:700781 openjdk-6: Open Source Java implementation Multiple OpenJDK 6 vulnerabilities have been fixed. oval:org.secpod.oval:def:701058 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. |