- Update to version 1.2.3. * Update configure.ac to avoid autoconf 2.68 warnings, by quoting the first AC_RUN_IFELSE argument, an AC_LANG_PROGRAM, with [ ], and providing an explicit "true" assumption for Berkeley DB capabilities to avoid cross-compilation warnings. * Security bugfix; , Fix a heap corruption in base64 decoder on invalid input. * Mark "Berkeley DB 5.1.19: " su ...
This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird.
This update fixes a bug which allows an unauthenticated remote attacker to cause a stack overflow in server code, resulting in either server crash or even code execution as the user running firebird.
The Simple Protocol for Independent Computing Environments is a remote display protocol used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor, or on Red Hat Enterprise Virtualization Hypervisor. The spice-xpi package provides a plug-in that allows the SPICE client to run from within Mozilla Firefox. An uninitialized pointer use fla ...
FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws w ...
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user. Red Hat would like to thank Greg Banks for repor ...
The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. While these have been replaced by tools such as OpenSSH in most environments, they remain in use in others. It was found that gssftp, a Kerberos-aware FTP server, did not properly drop privileges. A remote FTP user could use this flaw to gain unauthorized read or write access to files that are owne ...
The Simple Protocol for Independent Computing Environments is a remote display protocol used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor, or on Red Hat Enterprise Virtualization Hypervisor. The spice-xpi package provides a plug-in that allows the SPICE client to run from within Mozilla Firefox. An uninitialized pointer use fla ...