Download
| Alert*
|
oval:org.secpod.oval:def:400576
The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. * distrust: AC DG Tresor SSL * new: CA_Disig_R ... oval:org.secpod.oval:def:400521 openSUSE 12.3 is installed oval:org.secpod.oval:def:400541 flash-player was updated to security update to 11.2.202.285 * APSB13-14, CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335 oval:org.secpod.oval:def:400578 Fixed CVE-2013-3709: make the secret token file readable only for the webyast user to avoid forging the session cookie oval:org.secpod.oval:def:400520 Pidgin was updated to 2.10.7 to fix various security issues and the bug that IRC did not work at all in 12.3. Changes: - Add pidgin-irc-sasl.patch: link irc module to SASL. Allows the IRC module to be loaded . - Update to version 2.10.7 : + Alien hatchery: - No changes + General: - The configure scr ... oval:org.secpod.oval:def:400562 Adobe flash-player has been updated to version 11.2.202.310 which fixes bugs and security issues. These updates resolve memory corruption vulnerabilities that could lead to code execution oval:org.secpod.oval:def:400566 Adobe Flash Player was updated to 11.2.202.327: * APSB13-26, CVE-2013-5329, CVE-2013-5330 oval:org.secpod.oval:def:400610 This openssl update fixes one security issue: - bnc#872299: Fixed missing bounds checks for heartbeat messages . oval:org.secpod.oval:def:400571 Update to Chromium 30.0.1599.66: - Easier searching by image - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance - Security fixes: + CVE-2013-2906: Races in Web Audio + CVE-2013-2907: Out of bounds read in Window.prototype object + CVE-2013-2908: Addr ... oval:org.secpod.oval:def:400540 MozillaThunderbird was updated to security update Thunderbird 17.0.6 : * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 Privileged access for content level constructor * MFSA 2013-46/CVE-2013-1674 Use-after-free with video and onresize eve ... oval:org.secpod.oval:def:400526 The Mozilla suite received security and bugfix updates: Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla Seamonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3. mozilla ... oval:org.secpod.oval:def:400537 MozillaFirefox was updated to Firefox 21.0 * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 Privileged access for content level constructor * MFSA 2013-43/CVE-2013-1671 File input control has access to full path * MFSA 2013-46/CVE-2013-16 ... oval:org.secpod.oval:def:400539 Mozilla xulrunner was updated to 17.0.6esr * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 Privileged access for content level constructor * MFSA 2013-46/CVE-2013-1674 Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013- ... oval:org.secpod.oval:def:400563 MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox: * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscel ... oval:org.secpod.oval:def:400570 Security and bugfix update to Chromium 31.0.1650.57 - Update to Chromium 31.0.1650.57: - Security Fixes: * CVE-2013-6632: Multiple memory corruption issues. - Update to Chromium 31.0.1650.48 Stable Channel update: - Security fixes: * CVE-2013-6621: Use after free related to speech input elements.. * ... oval:org.secpod.oval:def:400544 The openSUSE 12.3 kernel was updated to fix a critical security issue and two reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target ru ... oval:org.secpod.oval:def:400524 postgresql was updated to version 9.2.4 : * CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server"s data directory, even if the request is event ... oval:org.secpod.oval:def:400538 The openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privi ... oval:org.secpod.oval:def:400605 perl-HTTP-Body was updated to 1.19 and also received a security fix for a potential remote code injection when upload files. |
