Download
| Alert*
oval:org.secpod.oval:def:600676
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform. This combines the two previous openjdk-6 advisories, DSA-2311-1 and DSA-2356-1. CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code to elevate its privileges. CVE-2011 ... oval:org.secpod.oval:def:103350 The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. oval:org.secpod.oval:def:302916 Multiple vulnerabilities has been discovered and corrected in python: The _ssl module would always disable the CBC IV attack countermeasure . A race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to ... oval:org.secpod.oval:def:600717 Several vulnerabilities have been discovered in Curl, an URL transfer library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2011-3389 This update enables OpenSSL workarounds against the "BEAST" attack oval:org.secpod.oval:def:107915 The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no ... oval:org.secpod.oval:def:302914 Multiple vulnerabilities has been discovered and corrected in python: The _ssl module would always disable the CBC IV attack countermeasure . A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name t ... oval:org.secpod.oval:def:500196 These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. A flaw was found in the Java ... oval:org.secpod.oval:def:103907 The OpenJDK runtime environment. oval:org.secpod.oval:def:103718 The python-docs package contains documentation on the Python programming language and interpreter. Install the python-docs package if you"d like to use the documentation for the Python language. oval:org.secpod.oval:def:505404 The IBM Java SE version 6 release includes the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 6 Runtime Environment and the IBM Java 6 Software Development Kit. Detailed vulnerability descriptions are linked from ... oval:org.secpod.oval:def:103759 The python-docs package contains documentation on the Python programming language and interpreter. Install the python-docs package if you"d like to use the documentation for the Python language. oval:org.secpod.oval:def:102985 The OpenJDK runtime environment. oval:org.secpod.oval:def:104129 The OpenJDK runtime environment. oval:org.secpod.oval:def:103115 The OpenJDK runtime environment. oval:org.secpod.oval:def:103710 Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to v ... oval:org.secpod.oval:def:103754 Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to v ... oval:org.secpod.oval:def:103395 Lightning brings the Sunbird calendar to the popular email client, Mozilla Thunderbird. Since it"s an extension, Lightning is tightly integrated with Thunderbird, allowing it to easily perform email-related calendaring tasks. oval:org.secpod.oval:def:302886 Multiple vulnerabilities has been found and corrected in curl: curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem . curl is vulnerable to a data injection attack for certain protocols through control ... oval:org.secpod.oval:def:17037 The host is missing a security update according to Apple advisory, APPLE-SA-2014-02-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle certain vectors related to memory and crafted data. Successful exploitation allows attacke ... oval:org.secpod.oval:def:2351 The host is installed with Opera before 11.51, Windows operating system with SSL 3.0 or TLS 1.0 and is prone to an information disclosure vulnerability. A flaw is present in the application which is caused due to some unspecified error. Successful exploitation allows attackers to cause unknown impac ... oval:org.secpod.oval:def:302960 Multiple vulnerabilities has been found and corrected in fetchmail: Fetchmail version 6.3.9 enabled all SSL workarounds which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can m ... oval:org.secpod.oval:def:89050320 This update for python fixes the following issues: Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions . oval:org.secpod.oval:def:5820 The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:3964 The host is missing an important security update according to Apple advisory, APPLE-SA-2011-11-08-1. The update is required to fix an unspecified vulnerability. A flaw is present in the application, which fails to handle via unknown vectors related to deployment. Successful exploitation could allow ... oval:org.secpod.oval:def:201650 These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. A flaw was found in the Java ... oval:org.secpod.oval:def:3718 The host is installed with Microsoft Windows and is prone to information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of operation is used. Successful exploitation allows attackers ... oval:org.secpod.oval:def:103902 The OpenJDK runtime environment. oval:org.secpod.oval:def:3719 The host is missing an important security update according to Microsoft bulletin MS12-006. The update is required to fix information disclosure vulnerability. A flaw is present in the application, which is caused by a design flaw in the SSL and TLS protocols when Cipher-block chaining (CBC) mode of ... oval:org.secpod.oval:def:103426 This module allows you to use the Mozilla embedding widget from Perl. oval:org.secpod.oval:def:103743 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:103468 XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird. It provides mechanisms for installing, upgrading, and uninstalling these applications. XULRunner also provides libxul, a solution which allows the embedding of Moz ... oval:org.secpod.oval:def:301074 Security issues were identified and fixed in openjdk and icedtea-web: IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking . IcedTea6 prior to 1.10.4 allows remote untrusted Java W ... oval:org.secpod.oval:def:104599 The OpenJDK runtime environment. oval:org.secpod.oval:def:104236 The OpenJDK runtime environment. oval:org.secpod.oval:def:104478 The OpenJDK runtime environment. oval:org.secpod.oval:def:103741 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:104235 The OpenJDK runtime environment. oval:org.secpod.oval:def:103389 The OpenJDK runtime environment. oval:org.secpod.oval:def:104157 The OpenJDK runtime environment. oval:org.secpod.oval:def:700713 icedtea-web: A web browser plugin to execute Java applets - openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed. oval:org.secpod.oval:def:103461 Utilities for Network Security Services and the Softoken module oval:org.secpod.oval:def:103384 The OpenJDK runtime environment. oval:org.secpod.oval:def:1503526 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity rat ... oval:org.secpod.oval:def:107894 The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server. Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no ... oval:org.secpod.oval:def:5795 The host is installed with Apple Mac OS X 10.6.8 or 10.7.x before 10.7.4 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to properly handle confidentiality of SSL encrypted data. Successful exploitation could allow attackers to decrypt data ... oval:org.secpod.oval:def:1300085 Multiple vulnerabilities has been discovered and corrected in python: The _ssl module would always disable the CBC IV attack countermeasure . A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name t ... oval:org.secpod.oval:def:2363 The host is installed with Opera before 11.51 and is prone to unspecified vulnerability. A flaw is present in the application which is caused due to some unspecified error. Successful exploitation allows attackers to cause unknown impacts. oval:org.secpod.oval:def:103370 The OpenJDK runtime environment. oval:org.secpod.oval:def:600772 cURL is a command-line tool and library for transferring data with URL syntax. It was discovered that the countermeasures against the Dai/Rogaway chosen-plaintext attack on SSL/TLS cause interoperability issues with some server implementations. This update ads the the CURLOPT_SSL_OPTIONS and CURLSS ... oval:org.secpod.oval:def:2365 The host is installed with Opera before 11.51 and is prone to unspecified vulnerability. A flaw is present in the application which is caused due to some unspecified error. Successful exploitation allows attackers to cause unknown impacts. oval:org.secpod.oval:def:600694 Several vulnerabilities have been discovered in lighttpd, a small and fast webserver with minimal memory footprint. CVE-2011-4362 Xi Wang discovered that the base64 decoding routine which is used to decode user input during an HTTP authentication, suffers of a signedness issue when processing user i ... oval:org.secpod.oval:def:2367 The host is installed with Opera before 11.51 or Apple Mac OS X 10.6.8 or 10.7x before 10.7.3 and is prone to unspecified vulnerability. A flaw is present in the application which is caused due to some unspecified error. Successful exploitation allows attackers to cause unknown impacts. oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:1601239 A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute code on the RMI server wit ... oval:org.secpod.oval:def:1300122 Multiple vulnerabilities has been found and corrected in fetchmail: Fetchmail version 6.3.9 enabled all SSL workarounds which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can m ... oval:org.secpod.oval:def:505584 The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM ... oval:org.secpod.oval:def:103896 The OpenJDK runtime environment. oval:org.secpod.oval:def:103457 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. oval:org.secpod.oval:def:103410 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stan ... oval:org.secpod.oval:def:103452 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:10725 The host is installed with Apple Mac OS X 10.6.8, 10.7 before 10.7.5 or 10.8 before 10.8.2 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:89050429 This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk . - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ . - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat . oval:org.secpod.oval:def:600688 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform: CVE-2011-3389 The TLS implementation does not guard properly against certain chosen-plaintext attacks when block ciphers are used in CBC mode. CVE-2011-3521 The CORBA implementation contains a deserializ ... oval:org.secpod.oval:def:505793 The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the O ... oval:org.secpod.oval:def:103926 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:104613 The OpenJDK runtime environment. oval:org.secpod.oval:def:103489 Network Security Services Softoken Cryptographic Module oval:org.secpod.oval:def:103522 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:104611 The OpenJDK runtime environment. oval:org.secpod.oval:def:201518 These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. A flaw was found in the Java ... |