Download
| Alert*
oval:org.secpod.oval:def:700232
Neil Wilson discovered that if VNC passwords were blank in QEMU configurations, access to VNC sessions was allowed without a password instead of being disabled. A remote attacker could connect to running VNC sessions of QEMU and directly control the system. By default, QEMU does not start VNC sessio ... oval:org.secpod.oval:def:700202 Matt Weatherford discovered that Likewise Open did not correctly check password expiration for the local-provider account. A local attacker could exploit this to log into a system they would otherwise not have access to. oval:org.secpod.oval:def:700169 The cluster logical volume manager daemon in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster. oval:org.secpod.oval:def:700136 It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into installi ... oval:org.secpod.oval:def:700534 nbd: Network Block Device protocol An attacker could send crafted input to NBD and cause it to crash or to run arbitrary programs. oval:org.secpod.oval:def:700506 postfix: High-performance mail transport agent An attacker could send crafted input to Postfix and cause it to reveal confidential information. oval:org.secpod.oval:def:700741 evince: Document viewer Evince could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700732 t1lib: Type 1 font rasterizer library - runtime t1lib could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700718 ffmpeg: multimedia player, server and encoder FFmpeg could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700951 icedtea-web: A web browser plugin to execute Java applets The IcedTea-Web Java web browser plugin could be made to crash or possibly run programs as your login if it opened a specially crafted applet. oval:org.secpod.oval:def:700902 ffmpeg: multimedia player, server and encoder FFmpeg could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700275 It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga resets BGP sessions when encountering malformed AS_PATHLIMIT attributes. A remote ... oval:org.secpod.oval:def:700029 Dan Rosenberg discovered that dvipng incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of ... oval:org.secpod.oval:def:700011 Julius Plenz discovered that bogofilter incorrectly handled certain malformed encodings. By sending a specially crafted email, a remote attacker could exploit this and cause bogofilter to crash, resulting in a denial of service. oval:org.secpod.oval:def:700677 t1lib: Type 1 font rasterizer library - runtime t1lib could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700874 nut: Network UPS tools Nut could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700859 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701069 libproxy: automatic proxy configuration management library libproxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701057 exim4: Exim is a mail transport agent Exim could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:700166 Stefan Cornelius of Secunia Research discovered a boundary error during RLE decompression in the "TranscribePalmImageToJPEG" function in generators/plucker/inplug/image.cpp of okular when processing images embedded in PDB files, which can be exploited to cause a heap-based buffer overflow oval:org.secpod.oval:def:701004 isc-dhcp: DHCP server and client - dhcp3: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700135 It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute arbitrary code with root privileges. oval:org.secpod.oval:def:700138 David Srbecky discovered that Ghostscript incorrectly handled debug logging. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ub ... oval:org.secpod.oval:def:23613 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:700073 A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service atta ... oval:org.secpod.oval:def:700282 It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a man in the middle attack to view sensitive information or alter encrypted communications. These were placed on the certificate blacklist to prevent their misuse. oval:org.secpod.oval:def:700283 It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a man in the middle attack to view sensitive information or alter encrypted communications. These certificates were marked as explicitly not trusted to prevent their misuse. oval:org.secpod.oval:def:700258 USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, ... oval:org.secpod.oval:def:700235 It was discovered that Gabble did not verify the from field of google jingleinfo updates. This could allow a remote attacker to perform man in the middle attacks on streamed media. oval:org.secpod.oval:def:700208 It was discovered that if AppArmor was misconfigured, under certain circumstances the parser could generate policy using an unconfined fallback execute transition when one was not specified. oval:org.secpod.oval:def:700784 python-httplib2: comprehensive HTTP client library written for Python httplib2 could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700771 update-manager: GNOME application that manages apt updates Details: USN-1284-1 fixed vulnerabilities in Update Manager. One of the fixes introduced a regression for Kubuntu users attempting to upgrade to a newer Ubuntu release. This update fixes the problem. We apologize for the inconvenience. Origi ... oval:org.secpod.oval:def:700767 php5: HTML-embedded scripting language interpreter Details: USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get function. We apologize for the inconven ... oval:org.secpod.oval:def:700996 firefox: Mozilla Open Source web browser Details: USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Original advisory USN-1548-1 introduced a regression in Firefox. oval:org.secpod.oval:def:700745 openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Details: USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm introduced a regression that caused TLS/SSL connections to ... oval:org.secpod.oval:def:700953 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver NVIDIA graphics drivers could be made to run programs as an admini ... oval:org.secpod.oval:def:700908 firefox: Mozilla Open Source web browser Details: USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Original advisory USN-1463-1 introduced regressions i ... oval:org.secpod.oval:def:700893 apparmor: Linux security system This update provides updates for the AppArmor profile abstractions. oval:org.secpod.oval:def:700898 apt: Advanced front-end for dpkg APT now more thoroughly verifies imported keyrings. oval:org.secpod.oval:def:700840 mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700823 ca-certificates-java: Common CA certificates Details: USN-1197-5 addressed an issue in ca-certificates pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for ca-certificates-java. Original advisory A certificate ... oval:org.secpod.oval:def:701095 firefox: Mozilla Open Source web browser Details: USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Original advisory Regressions were introduced in the last Firefox update. oval:org.secpod.oval:def:701073 python-django: High-level Python web development framework Details: USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. Original advisory ... oval:org.secpod.oval:def:701026 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1551-1 fixed vulnerabilities in Thunderbird. The new package caused a regression in the message editor and certain performance regressions as well. This update fixes the problems. Original advisory USN-1551-1 introduced regressi ... oval:org.secpod.oval:def:700590 firefox: Mozilla Open Source web browser - xulrunner-1.9.2: Mozilla Gecko runtime environment Details: USN-1197-1 partially addressed an issue with Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update actively distrusts the DigiNotar root certificate as well as seve ... oval:org.secpod.oval:def:700595 ca-certificates: Common CA certificates Details: USN-1197-1 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for ca-certificates. Original advisory A certificate auth ... oval:org.secpod.oval:def:700596 nss: Network Security Service libraries Details: USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for the Network Security Service libraries ... oval:org.secpod.oval:def:700597 quassel: KDE/Qt-based IRC client A remote attacker could send crafted input to Quassel and cause it to crash. oval:org.secpod.oval:def:700583 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1197-1 fixed a vulnerability in Firefox with regard to the DigiNotar certificate authority. This update provides the corresponding updates for Thunderbird. We are aware that the DigiNotar Root CA Certificate is still shown as tr ... oval:org.secpod.oval:def:700582 firefox: Mozilla Open Source web browser - xulrunner-1.9.2: Mozilla Gecko runtime environment A certificate authority issued fraudulent certificates. oval:org.secpod.oval:def:700543 firefox: safe and easy web browser from Mozilla Details: USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenien ... oval:org.secpod.oval:def:700508 apturl: installs packages using the apt protocol apturl could be made to cause your desktop to crash if it opened a very long URL. oval:org.secpod.oval:def:700089 USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could ... oval:org.secpod.oval:def:700006 USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify "host_device" as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old be ... oval:org.secpod.oval:def:700007 Ubuntu 10.04 is installed oval:org.secpod.oval:def:700211 Under certain circumstances, the DHCP client could start before its AppArmor profile was loaded and therefore run unconfined. This update ensures the AppArmor profile is loaded before DHCP client starts. oval:org.secpod.oval:def:701091 mozilla-devscripts: Collection of dev scripts used by Ubuntu Mozilla packages Update to packaging tool for Thunderbird addons. oval:org.secpod.oval:def:700185 USN-964-1 fixed vulnerabilities in Likewise Open. The upstream fixes were incomplete, which caused problems running certain services. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Matt Weatherford discovered that Likewise Open did not correctly check p ... oval:org.secpod.oval:def:700160 USN-947-1 fixed vulnerabilities in the Linux kernel. Fixes for CVE-2010-0419 caused failures when using KVM in certain situations. This update reverts that fix until a better solution can be found. We apologize for the inconvenience. Original advisory details: It was discovered that the Linux kernel ... oval:org.secpod.oval:def:700518 pam: Pluggable Authentication Modules Details: USN-1140-1 fixed vulnerabilities in PAM. A regression was found that caused cron to stop working with a quot;Module is unknownquot; error. As a result, systems configured with automatic updates will not receive updates until cron is restarted, these upd ... oval:org.secpod.oval:def:701023 software-properties: manage the repositories that you install software from Software Properties could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:700947 mono: Mono is a platform for running and developing applications Mono could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700053 It was discovered that Python Paste did not properly sanitize certain strings, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to mod ... oval:org.secpod.oval:def:700016 It was discovered that MoinMoin did not properly sanitize its input, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the co ... oval:org.secpod.oval:def:700864 backuppc: high-performance, enterprise-grade system for backing up PCs BackupPC could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700263 USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sauli Pahlman discovered that the TIFF library incorrectly h ... oval:org.secpod.oval:def:700205 USN-1042-1 fixed vulnerabilities in PHP5. The fix for CVE-2010-3436 introduced a regression in the open_basedir restriction handling code. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that attackers might be able to bypass open_based ... oval:org.secpod.oval:def:700276 Sebastian Krahmer discovered that GDM did not properly drop privileges when handling the cache directories used to store users" dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges. oval:org.secpod.oval:def:700024 Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploit this to gain root privilieges. oval:org.secpod.oval:def:700495 exim4: Exim mail transfer agent Exim could be made to run arbitrary code under some conditions. oval:org.secpod.oval:def:700220 USN-1045-1 fixed vulnerabilities in FUSE. This update to util-linux adds support for new options required by the FUSE update. Original advisory details: It was discovered that FUSE could be tricked into incorrectly updating the mtab file when mounting filesystems. A local attacker, with access to us ... oval:org.secpod.oval:def:700206 It was discovered that FUSE could be tricked into incorrectly updating the mtab file when mounting filesystems. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service. oval:org.secpod.oval:def:700664 update-manager: GNOME application that manages apt updates - update-notifier: Daemon which notifies about package updates Update Manager could be made to overwrite files as the administrator. oval:org.secpod.oval:def:700579 foomatic-filters: OpenPrinting printer support - filters An attacker could send crafted input to Foomatic and cause it to run programs as the "lp" user. oval:org.secpod.oval:def:700139 USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several dangling pointer vulnerabilities were discovered in Firefox. An attacker ... oval:org.secpod.oval:def:700111 Jima discovered that quassel would respond to a single privmsg containing multiple CTCP requests with multiple NOTICEs, possibly resulting in a denial of service against the IRC connection. oval:org.secpod.oval:def:700554 likewise-open: Authentication services for Active Directory domains Local SQL injection vulnerability oval:org.secpod.oval:def:700989 python-django: High-level Python web development framework Applications using Django could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700081 It was discovered that certain system property information was being leaked, which could allow an attacker to obtain sensitive information. oval:org.secpod.oval:def:701072 python-django: High-level Python web development framework Django could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700979 libgc: Boehm-Demers-Weiser garbage collecting storage allocator library Applications using libgc could be made to crash or run arbitrary programs as your login. oval:org.secpod.oval:def:700070 Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. oval:org.secpod.oval:def:700048 Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a crafted username and make applications linked against libopie crash, leading to a denial of service. oval:org.secpod.oval:def:700277 It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. It was discovered that O ... oval:org.secpod.oval:def:700012 It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution. oval:org.secpod.oval:def:700803 python-pam: A Python interface to the PAM library PyPAM could be made to crash or possibly run programs if it processed a specially crafted password. oval:org.secpod.oval:def:701081 libssh: A tiny C SSH library linssh could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701064 icedtea-web: A web browser plugin to execute Java applets The Icedtea-Web plugin could be made to crash or run programs as your login if it opened a specially crafted web page. oval:org.secpod.oval:def:700134 USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt libpam-opie packages against the updated libopie library. Original advisory details: Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE incorrectly handled long usernames. A remote attacker could exploit this with a cr ... oval:org.secpod.oval:def:700587 cups: Common UNIX Printing System - server - cupsys: Common UNIX Printing System - server An attacker could send crafted print jobs to CUPS and cause it to crash or run programs. oval:org.secpod.oval:def:700548 oprofile: System-wide profiler for Linux systems OProfile could be made to run programs as an administrator. oval:org.secpod.oval:def:700512 rdesktop: RDP client for Windows NT/2000 Terminal Server An attacker could access your files if rdesktop connected to a malicious server. oval:org.secpod.oval:def:700221 Jakub Wilk and Raphaël Hertzog discovered that dpkg-source did not correctly handle certain paths and symlinks when unpacking source-format version 3.0 packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files ... oval:org.secpod.oval:def:700212 It was discovered that AWStats did not correctly filter the LoadPlugin configuration option. A local attacker on a shared system could use this to inject arbitrary code into AWStats. oval:org.secpod.oval:def:700671 kdeutils: KDE general-purpose utilities Ark could be made to remove files. oval:org.secpod.oval:def:700051 Markus Wuethrich discovered that sudo did not always verify the user when a group was specified in the Runas_Spec. A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program as a group when the attacker was not a part of that g ... oval:org.secpod.oval:def:701044 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700973 libconfig-inifiles-perl: Perl module for working with INI configuration files Config-IniFiles could be made to overwrite arbitrary files. oval:org.secpod.oval:def:700588 librsvg: Rendering library for SVG files SVG image rendering library has had flaws fixed. oval:org.secpod.oval:def:700025 Janne Snabb discovered that applications using VTE, such as gnome-terminal, did not correctly filter window and icon title request escape codes. If a user were tricked into viewing specially crafted output in their terminal, a remote attacker could execute arbitrary commands with user privileges. oval:org.secpod.oval:def:700980 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700982 firefox: Mozilla Open Source web browser Multiple security issues were fixed in Firefox. oval:org.secpod.oval:def:700779 puppet: Centralized configuration management Puppet could be made to overwrite files and run programs with administrator privileges. oval:org.secpod.oval:def:700769 devscripts: scripts to make the life of a Debian Package maintainer easier debdiff, a part of devscripts, could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700520 dovecot: IMAP and POP3 email server An attacker could send a crafted email message that could disrupt email service. oval:org.secpod.oval:def:700511 exim4: metapackage to ease Exim MTA installation An attacker could send crafted input to Exim and cause it to run programs as the Exim user. oval:org.secpod.oval:def:700751 software-properties: manage the repositories that you install software from Software Properties could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:700978 libgdata: Library to access GData services - evolution-data-server: Evolution suite data server Applications using GData services could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700950 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:700264 Cameron Meadors discovered that the MIT Kerberos 5 Key Distribution Center daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication capability is enabled. This could allow a remote attacker to cause a denial of service. oval:org.secpod.oval:def:700494 krb5: MIT Kerberos services An unauthenticated remote user could crash the Kerberos service. oval:org.secpod.oval:def:700230 Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the syste ... oval:org.secpod.oval:def:700228 Keiichi Mori discovered that the MIT krb5 KDC database propagation daemon is vulnerable to a denial of service attack due to improper logic when a worker child process exited because of invalid network input. This could only occur when kpropd is running in standalone mode; kpropd was not affected w ... oval:org.secpod.oval:def:700209 Jon Larimer discovered that Evince"s font parsers incorrectly handled certain buffer lengths when rendering a DVI file. By tricking a user into opening or previewing a DVI file that uses a specially crafted font file, an attacker could crash evince or execute arbitrary code with the user"s privilege ... oval:org.secpod.oval:def:700885 ubuntuone-client: Ubuntu One client Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:700882 ubuntuone-client: Ubuntu One client Details: USN-1465-1 fixed vulnerabilities in Ubuntu One Client. The update failed to install on certain Ubuntu 10.04 LTS systems that had a legacy Python 2.5 package installed. This update fixes the problem. We apologize for the inconvenience. Original advisory Fr ... oval:org.secpod.oval:def:700883 ubuntuone-storage-protocol: Python library for Ubuntu One file storage and sharing service Details: USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. Original advisory Fraudulent security certificates could allow se ... oval:org.secpod.oval:def:700199 It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. oval:org.secpod.oval:def:700182 It was discovered that libwww-perl incorrectly filtered filenames suggested by Content-Disposition headers. If a user were tricked into downloading a file from a malicious site, a remote attacker could overwrite hidden files in the user"s directory. oval:org.secpod.oval:def:700152 Mike Roszkowski discovered that the Kerberos KDC did not correctly validate the contents of certain messages. If an authenticated remote attacker sent specially crafted TGS requests, the KDC service would crash, leading to a denial of service. oval:org.secpod.oval:def:700581 ecryptfs-utils: ecryptfs cryptographic filesystem An attacker could use eCryptfs to unmount arbitrary locations and cause a denial of service. oval:org.secpod.oval:def:700109 It was discovered that LFTP incorrectly filtered filenames suggested by Content-Disposition headers. If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name, such as a dotfile, and possibly run arbitrary ... oval:org.secpod.oval:def:700034 It was discovered that the IcedTea plugin did not correctly check certain accesses. If a user or automated system were tricked into running a specially crafted Java applet, a remote attacker could read arbitrary files with user privileges, leading to a loss of privacy oval:org.secpod.oval:def:700559 qemu-kvm: Machine emulator and virtualizer QEMU could be made to run with adminstrator group privileges under certain circumstances. oval:org.secpod.oval:def:700740 xorg: X.Org X Window System X could be made to start by a user who lacked appropriate permissions. oval:org.secpod.oval:def:700977 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700912 network-manager: Network connection manager NetworkManager could create insecure AdHoc wireless networks. oval:org.secpod.oval:def:700913 network-manager-applet: GNOME frontend for NetworkManager Details: USN-1483-1 fixed a vulnerability in NetworkManager by disabling the creation of WPA-secured AdHoc wireless connections. This update provides the corresponding change for network-manager-applet. Original advisory network-manager-apple ... oval:org.secpod.oval:def:700905 clamav: Anti-virus utility for Unix ClamAV could improperly detect malware if it opened a specially crafted file. oval:org.secpod.oval:def:700090 USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04 LTS reverted a recent bug fix update. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that libvirt would probe disk backing stores without consulting the defined f ... oval:org.secpod.oval:def:700050 It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor prof ... oval:org.secpod.oval:def:700035 Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to "raw" when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not specif ... oval:org.secpod.oval:def:700489 usb-creator: create a startup disk using a CD or disc image An attacker could use usb-creator to unmount arbitrary disks or perform other unauthorized disk operations. oval:org.secpod.oval:def:700486 perl: Larry Wall"s Practical Extraction and Report Language An attacker could send crafted input to Perl and bypass intended restrictions. oval:org.secpod.oval:def:700227 It was discovered that the ACL plugin in Dovecot would incorrectly propagate ACLs to new mailboxes. A remote authenticated user could possibly read new mailboxes that were created with the wrong ACL. It was discovered that the ACL plugin in Dovecot would incorrectly merge ACLs in certain circumstan ... oval:org.secpod.oval:def:700693 acpid: Advanced Configuration and Power Interface daemon Several security issues were fixed in acpid. oval:org.secpod.oval:def:700219 Adam Baldwin discovered that Django did not properly validate query string lookups. This could be exploited to provide an information leak to an attacker with admin privilieges. Paul McMillan discovered that Django did not validate the length of the token used when generating a password reset. An a ... oval:org.secpod.oval:def:700218 Alexander Kurtz discovered that sudo would not prompt for a password when a group was specified in the Runas_Spec. A local attacker could exploit this to execute arbitrary code as the specified group if sudo was configured to allow the attacker to use a program as this group. The group Runas_Spec is ... oval:org.secpod.oval:def:700676 python-django: High-level Python web development framework Applications using Django could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700833 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver NVIDIA graphics drivers could be made to run programs as an admini ... oval:org.secpod.oval:def:700804 gdm-guest-session: gdm extension for guest session gdm-guest-session could be made to delete files as the administrator. oval:org.secpod.oval:def:701061 munin: Network-wide graphing framework Several security issues were fixed in Munin. oval:org.secpod.oval:def:701047 libgssglue: header files and docs for libgssglue Privilege escalation via the GSSAPI_MECH_CONF environment variable with setuid programs. oval:org.secpod.oval:def:701038 moin: Collaborative hypertext environment Several security issues were fixed in MoinMoin. oval:org.secpod.oval:def:700151 Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use secure_path . A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpreted the PATH environment ... oval:org.secpod.oval:def:700945 libexif: library to parse EXIF files libexif could be made to crash, run programs as your login, or expose sensitive information if it opened a specially crafted file. oval:org.secpod.oval:def:700896 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:700255 Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the progra ... oval:org.secpod.oval:def:700249 Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the progra ... oval:org.secpod.oval:def:700236 It was discovered that Django did not properly validate HTTP requests that contain an X-Requested-With header. An attacker could exploit this vulnerability to perform cross-site request forgery attacks. It was discovered that Django did not properly sanitize its input when performing file uploads, ... oval:org.secpod.oval:def:700558 libsoup2.4: HTTP client/server library for GNOME An attacker could send crafted URLs to a SoupServer application and obtain unintended access to files. oval:org.secpod.oval:def:700132 It was discovered that Wget would use filenames provided by the server when following 3xx redirects. If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name , and possibly run arbitrary code. oval:org.secpod.oval:def:700931 qt4-x11: transitional package for Qt 4 assistant module Qt Applications could be made to crash or run programs as your login if they opened specially crafted files. oval:org.secpod.oval:def:700768 firefox: Mozilla Open Source web browser A security vulnerability has been fixed in Firefox. oval:org.secpod.oval:def:700775 libvorbis: The Vorbis General Audio Compression Codec libvorbis could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700758 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700753 ubufox: Ubuntu Firefox specific configuration defaults and apt support - webfav: Firefox extension for saving web favorites Details: USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. Original advisory This update pr ... oval:org.secpod.oval:def:700757 xulrunner-1.9.2: Mozilla Gecko runtime environment Several security issues were fixed in Xulrunner. oval:org.secpod.oval:def:700754 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700755 mozvoikko: Finnish spell-checker extension for Firefox Details: USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. Original advisory This update provides compatible Mozvoikko packages for the latest Firefox. oval:org.secpod.oval:def:701040 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701045 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701036 firefox: Mozilla Open Source web browser Multiple security issues were fixed in Firefox. oval:org.secpod.oval:def:700108 Marc Schoenefeld discovered that OpenOffice.org would run document macros from the macro browser, even when macros were disabled. If a user were tricked into opening a specially crafted document and examining a macro, a remote attacker could execute arbitrary code with user privileges. oval:org.secpod.oval:def:700531 nagios3: A host/service/network monitoring and management system An attacker could modify or steal data if you were tricked into clicking on a special link to Nagios. oval:org.secpod.oval:def:700504 vino: VNC server for GNOME An attacker could send crafted input to Vino and cause it to crash. oval:org.secpod.oval:def:700517 bind9: Internet Domain Name Server An attacker could send crafted input to Bind and cause it to crash. oval:org.secpod.oval:def:700055 It was discovered that Bind would incorrectly allow a ncache entry and a rrsig for the same type. A remote attacker could exploit this to cause Bind to crash, resulting in a denial of service. It was discovered that Bind would incorrectly mark zone data as insecure when the zone is undergoing a key ... oval:org.secpod.oval:def:700680 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700545 bind9: Internet Domain Name Server An attacker could send crafted input to Bind and cause it to crash. oval:org.secpod.oval:def:700284 Sebastian Krahmer discovered that the xrdb utility incorrectly filtered crafted hostnames. An attacker could use this flaw with a malicious DHCP server or with a remote xdmcp login and execute arbitrary code, resulting in root privilege escalation. oval:org.secpod.oval:def:700285 Sebastian Krahmer discovered that the dhclient utility incorrectly filtered crafted responses. An attacker could use this flaw with a malicious DHCP server to execute arbitrary code, resulting in root privilege escalation. oval:org.secpod.oval:def:700485 dhcp3: DHCP Client Details: USN-1108-1 fixed vulnerabilities in DHCP. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 9.10 and higher. This update fixes the problem. Original advisory An attacker"s DHCP server could send crafted responses to your computer and c ... oval:org.secpod.oval:def:700572 isc-dhcp: DHCP server and client - dhcp3: DHCP server and client An attacker could send crafted input to DHCP and cause it to crash. oval:org.secpod.oval:def:700919 python-crypto: cryptographic algorithms and protocols for Python PyCrypto improperly created ElGamal encryption keys. oval:org.secpod.oval:def:700846 jetty: Java servlet engine and webserver Jetty could be made to hang or crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700831 gnutls26: the GNU TLS library - commandline utilities - gnutls13: the GNU TLS library - commandline utilities The GnuTLS library could be made to crash under certain conditions. oval:org.secpod.oval:def:700505 policykit-1: framework for managing administrative policies and privileges Local users could gain root access by using the pkexec tool in PolicyKit. oval:org.secpod.oval:def:700017 Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user. oval:org.secpod.oval:def:700271 It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service. oval:org.secpod.oval:def:700059 It was discovered that ImageMagick would search for configuration files in the current directory. If a user were tricked into opening or processing an image in an arbitrary directory, a local attacker could execute arbitrary code with the user"s privileges. oval:org.secpod.oval:def:700075 Several dangling pointer vulnerabilities were discovered in Firefox. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper security wrapper. I ... oval:org.secpod.oval:def:700165 Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. It was discovered that the XPCSafeJSObjectWrapper security wrapper did not always honor the same-origin poli ... oval:org.secpod.oval:def:700171 Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. Marc Schoenefeld and Christoph Diehl discovered several pr ... oval:org.secpod.oval:def:700022 Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. It was discovered that Firefox did not properly verify the ... oval:org.secpod.oval:def:700193 Richard Moore discovered that NSS would sometimes incorrectly match an SSL certificate which had a Common Name that used a wildcard followed by a partial IP address. While it is very unlikely that a Certificate Authority would issue such a certificate, if an attacker were able to perform a man-in-th ... oval:org.secpod.oval:def:700860 sudo: Provide limited super user privileges to specific users Sudo could allow users to run arbitrary programs as the administrator. oval:org.secpod.oval:def:700079 Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the progra ... oval:org.secpod.oval:def:700060 Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program. oval:org.secpod.oval:def:700047 USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of se ... oval:org.secpod.oval:def:700129 If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 L ... oval:org.secpod.oval:def:700115 Martin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. An integer overflow was discovered in Thunderbir ... oval:org.secpod.oval:def:700119 USN-1011-1 fixed a vulnerability in Firefox. This update provides the corresponding update for Xulrunner. Original advisory details: Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of serv ... oval:org.secpod.oval:def:700106 Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the progra ... oval:org.secpod.oval:def:700120 It was discovered that the Safe.pm module as used by PostgreSQL did not properly restrict PL/perl procedures. If PostgreSQL was configured to use Perl stored procedures, a remote authenticated attacker could exploit this to execute arbitrary Perl code. It was discovered that PostgreSQL did not prop ... oval:org.secpod.oval:def:700100 It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escal ... oval:org.secpod.oval:def:700107 Dan Rosenberg discovered that fastjar incorrectly handled file paths containing ".." when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted jar file, arbitrary files could be overwritten with user privileges. oval:org.secpod.oval:def:700930 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:700812 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700810 xulrunner-1.9.2: Mozilla Gecko runtime environment Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701056 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701059 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web cont ... oval:org.secpod.oval:def:700808 ubufox: Finnish spell-checker extension for Firefox Details: USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700809 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700972 nss: Network Security Service library NSS could be made to crash if it opened a specially crafted certificate. oval:org.secpod.oval:def:701075 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701078 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:701076 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700940 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700941 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the lastest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700939 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700553 thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities were fixed in Thunderbird. oval:org.secpod.oval:def:700536 firefox: safe and easy web browser from Mozilla - xulrunner-1.9.2: XUL + XPCOM application runner Multiple Vulnerabilities were fixed in Firefox and Xulrunner oval:org.secpod.oval:def:700585 thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities have been fixed in Thunderbird. oval:org.secpod.oval:def:700576 firefox: Mozilla Open Source web browser - xulrunner-1.9.2: Mozilla Gecko runtime environment Multiple vulnerabilities have been fixed in Firefox and Xulrunner. oval:org.secpod.oval:def:700563 icedtea-web: An implementation of the Java Network Launching Protocol - openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation An attacker could discover a user"s name or confuse a user into granting unintended access to files. oval:org.secpod.oval:def:700764 tomcat6: Servlet and JSP engine Tomcat could be made to crash or expose sensitive information if it received specially crafted network traffic. oval:org.secpod.oval:def:700909 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700886 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701024 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:700936 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:700705 bzip2: high-quality block-sorting file compressor - utilities Executables compressed by bzexe could be made to run programs as your login. oval:org.secpod.oval:def:700983 openjdk-6: Open Source Java implementation Two security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:700855 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700844 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700845 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700503 thunderbird: mail/news client with RSS and integrated spam filter support Thunderbird could be made to run programs as your login if it opened specially crafted mail. oval:org.secpod.oval:def:700502 firefox: safe and easy web browser from Mozilla - xulrunner-1.9.2: XUL + XPCOM application runner - firefox-3.5: safe and easy web browser from Mozilla - firefox-3.0: safe and easy web browser from Mozilla Multiple vulnerabilities in Firefox and Xulrunner oval:org.secpod.oval:def:700866 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701031 libxslt: XSLT processing library Applications using libxslt could be made to crash or run programs as your login if they processed a specially crafted file. oval:org.secpod.oval:def:700274 Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service. oval:org.secpod.oval:def:700231 Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses. oval:org.secpod.oval:def:700192 It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. It was discovered that MySQL incorrectly han ... oval:org.secpod.oval:def:700140 It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. It was discovered that an old bug workaround in t ... oval:org.secpod.oval:def:700118 USN-940-1 fixed vulnerabilities in Kerberos. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Joel Johnson, Brian Almeida, and Shawn Emery discovered that Kerberos did not correctly verify certain packet structures. An unauthenticated remote attacker could ... oval:org.secpod.oval:def:700200 It was discovered that Kerberos did not properly determine the acceptability of certain checksums. A remote attacker could use certain checksums to alter the prompt message, modify a response to a Key Distribution Center or forge a KRB-SAFE message. It was discovered that Kerberos did not properly ... oval:org.secpod.oval:def:700080 Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program. oval:org.secpod.oval:def:700848 libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:700540 curl: HTTP, HTTPS, and FTP client and client libraries Details: Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation, handing the server a copy of the client"s security credential. Wesley Miaw discovered that when zlib is enabled ... oval:org.secpod.oval:def:700491 openslp-dfsg: OpenSLP is an implementation of the Service Location Protocol - openslp: OpenSLP is an implementation of the Service Location Protocol An attacker could send crafted input to OpenSLP and cause it to hang. oval:org.secpod.oval:def:702507 dpkg: Debian package management system dpkg could be tricked into bypassing source package signature checks. oval:org.secpod.oval:def:701413 hplip: HP Linux Printing and Imaging System HPLIP could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701640 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701407 python-httplib2: comprehensive HTTP client library written for Python Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701645 cups: Common UNIX Printing System CUPS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701639 python-django: High-level Python web development framework Details: USN-2169-1 fixed vulnerabilities in Django. The upstream security patch for CVE-2014-0472 introduced a regression for certain applications. This update fixes the problem. Original advisory USN-2169-1 introduced a regression in Djang ... oval:org.secpod.oval:def:701632 openjdk-6: Open Source Java implementation Details: USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. We apologize for the inconvenience. Original ad ... oval:org.secpod.oval:def:701633 Ubuntu 10.04 is installed oval:org.secpod.oval:def:701636 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:701637 python-imaging: Python Imaging Library Python Imaging Library could be made to overwrite or expose files. oval:org.secpod.oval:def:701619 ca-certificates: Common CA certificates ca-certificates was updated to the 20130906 package. oval:org.secpod.oval:def:701610 mutt: text-based mailreader supporting MIME, GPG, PGP and threading The mutt mail client could be made to crash or run programs as your login if it opened a specially crafted email. oval:org.secpod.oval:def:701607 cups: Common UNIX Printing System CUPS could be made to run programs as the lp user if it processed a specially crafted file. oval:org.secpod.oval:def:702095 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to hang if it processed a specially crafted message. oval:org.secpod.oval:def:702082 openssl: Secure Socket Layer cryptographic library and tools Details: USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem. Original advisory USN-2232-1 ... oval:org.secpod.oval:def:702081 libxml2: GNOME XML library Details: USN-2214-1 fixed vulnerabilities in libxml2. The upstream fix introduced a number of regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2214-1 introduced a regression in libxml2. oval:org.secpod.oval:def:702078 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered source packages. oval:org.secpod.oval:def:702070 chkrootkit: rootkit detector chkrootkit could be made to run programs as an administrator. oval:org.secpod.oval:def:702066 dpkg: Debian package management system A malicious source package could write files outside the unpack directory. oval:org.secpod.oval:def:702058 libxml2: GNOME XML library Details: USN-2214-1 fixed vulnerabilities in libxml2. The upstream fix introduced a regression when using xmllint with the --postvalid option. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2214-1 introduced a regression in libxml2 ... oval:org.secpod.oval:def:701195 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:702280 curl: HTTP, HTTPS, and FTP client and client libraries curl could expose sensitive information over the network. oval:org.secpod.oval:def:701170 jquery: JavaScript library for dynamic web applications jQuery could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702268 wget: retrieves files from the web Wget could be made to overwrite files. oval:org.secpod.oval:def:701164 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a ... oval:org.secpod.oval:def:702259 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702258 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701151 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702487 libgcrypt11: LGPL Crypto library - libgcrypt20: LGPL Crypto library Several security issues were fixed in Libgcrypt. oval:org.secpod.oval:def:702489 tiff: Tag Image File Format library Details: USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for ... oval:org.secpod.oval:def:702488 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:702471 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701144 vino: VNC server for GNOME Vino could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701149 ffmpeg: multimedia player, server and encoder FFmpeg could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701147 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, some translations became unusable after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a regression in ... oval:org.secpod.oval:def:701371 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702223 apt: Advanced front-end for dpkg APT could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701133 nspr: NetScape Portable Runtime Library Details: USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:701132 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702468 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted bdf font file. oval:org.secpod.oval:def:701123 moin: Collaborative hypertext environment MoinMoin could be made to run programs and overwrite files. oval:org.secpod.oval:def:701365 libxml2: GNOME XML library Details: USN-1904-1 fixed vulnerabilities in libxml2. The update caused a regression for certain users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1904-1 introduced a regression in libxml2. oval:org.secpod.oval:def:702210 apt: Advanced front-end for dpkg Several security issues were fixed in APT. oval:org.secpod.oval:def:702458 ecryptfs-utils: eCryptfs cryptographic filesystem utilities Sensitive information in encrypted home and Private directories could be exposed if an attacker gained access to your files. oval:org.secpod.oval:def:702214 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:702455 sudo: Provide limited super user privileges to specific users Sudo would allow unintended access to files. oval:org.secpod.oval:def:701112 apport: automatically generate crash reports for debugging A hardening measure was added to apport. oval:org.secpod.oval:def:701594 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:702203 cups: Common UNIX Printing System CUPS could be made to expose sensitive information, leading to privilege escalation. oval:org.secpod.oval:def:701113 ffmpeg: multimedia player, server and encoder FFmpeg could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702208 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702207 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:702206 eglibc: GNU C Library Details: USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2306-1 introduced a regression in the ... oval:org.secpod.oval:def:701100 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:702430 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701586 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:701109 bogofilter: a fast Bayesian spam filter bogofilter could be made to crash or run programs if it processed a specially crafted email. oval:org.secpod.oval:def:702439 cups: Common UNIX Printing System CUPS could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702428 e2fsprogs: ext2/ext3/ext4 file system utilities e2fsprogs could be made to crash or run programs as an administrator if it processed a specially crafted filesystem image. oval:org.secpod.oval:def:702427 ca-certificates: Common CA certificates ca-certificates was updated to the 20141019 package. oval:org.secpod.oval:def:702410 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:701324 libxi: X11 Input extension library Several security issues were fixed in libxi. oval:org.secpod.oval:def:701325 libxcb: X C Binding Several security issues were fixed in libxcb. oval:org.secpod.oval:def:701322 libx11: X11 client-side library Several security issues were fixed in libx11. oval:org.secpod.oval:def:701323 libxrender: X Rendering Extension client library Several security issues were fixed in libxrender. oval:org.secpod.oval:def:701551 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received a specially crafted certificate. oval:org.secpod.oval:def:702409 clamav: Anti-virus utility for Unix Details: USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding update for Ubuntu 10.04 LTS. Original advisory ClamAV could be made to crash or run programs if it processed a spec ... oval:org.secpod.oval:def:701319 libxt: X11 toolkit intrinsics library Several security issues were fixed in libxt. oval:org.secpod.oval:def:702408 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:702407 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701317 libxxf86vm: X11 XFree86 video mode extension library Several security issues were fixed in libxxf86vm. oval:org.secpod.oval:def:701559 curl: HTTP, HTTPS, and FTP client and client libraries libcurl could be made to expose sensitive information. oval:org.secpod.oval:def:702406 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:702404 python-django: High-level Python web development framework Details: USN-2469-1 fixed vulnerabilities in Django. The security fix for CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04 LTS when serving static content through GZipMiddleware. This update fixes the problem. We ap ... oval:org.secpod.oval:def:701309 libxext: X11 miscellaneous extensions library Several security issues were fixed in libxext. oval:org.secpod.oval:def:701545 graphviz: rich set of graph drawing tools Graphviz could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701548 devscripts: scripts to make the life of a Debian Package maintainer easier devscripts could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701546 hplip: HP Linux Printing and Imaging System Several security issues were fixed in HPLIP. oval:org.secpod.oval:def:701522 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701511 curl: HTTP, HTTPS, and FTP client and client libraries Details: USN-2048-1 fixed a vulnerability in curl. The security fix uncovered a bug in the curl command line tool which resulted in the --insecure option not working as intended. This update fixes the problem. We apologize for the inconvenience ... oval:org.secpod.oval:def:701508 curl: HTTP, HTTPS, and FTP client and client libraries Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701961 python-django: High-level Python web development framework Django applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701956 dpkg: Debian package management system A malicious source package could write files outside the unpack directory. oval:org.secpod.oval:def:701947 libxml2: GNOME XML library libxml2 could be made to consume resources if it processed a specially crafted file. oval:org.secpod.oval:def:701941 dovecot: IMAP and POP3 email server Dovecot could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:701944 dpkg: Debian package management system Details: USN-2183-1 fixed a vulnerability in dpkg. Javier Serrano Polo discovered that the fix introduced a vulnerability in releases with an older version of the patch utility. This update fixes the problem. Original advisory A malicious source package could w ... oval:org.secpod.oval:def:702188 gnupg: GNU privacy guard - a free PGP replacement GnuPG could expose sensitive information when performing decryption. oval:org.secpod.oval:def:702187 libgcrypt11: LGPL Crypto library Libgcrypt could expose sensitive information when performing decryption. oval:org.secpod.oval:def:702388 elfutils: collection of utilities to handle ELF objects elfutils could be made to overwrite files in the root directory if it received a specially crafted file. oval:org.secpod.oval:def:702144 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:701296 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:702149 openssl: Secure Socket Layer cryptographic library and tools Details: USN-2232-1 fixed vulnerabilities in OpenSSL. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2 ... oval:org.secpod.oval:def:702148 eglibc: GNU C Library Details: USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the security update cause a regression in certain environments that use the Name Service Caching Daemon , such as those configured for LDAP or MySQL authentication. In these environments, the n ... oval:org.secpod.oval:def:702377 curl: HTTP, HTTPS, and FTP client and client libraries curl could be tricked into adding arbitrary requests when following certain URLs. oval:org.secpod.oval:def:702379 libevent: Asynchronous event notification library libevent could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:701273 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702367 coreutils: GNU core utilities date and touch could be made to crash or run programs if they handled specially crafted input. oval:org.secpod.oval:def:702350 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701262 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702353 cpio: a program to manage archives of files The GNU cpio program could be made to crash or run programs if it opened a specially crafted file or received specially crafted input. oval:org.secpod.oval:def:702352 mime-support: MIME support programs run-mailcap could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702356 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701258 icedtea-web: A web browser plugin to execute Java applets Two security issues were fixed in IcedTea-Web. oval:org.secpod.oval:def:701257 xorg-server: X.Org X server - xorg-server-lts-quantal: X.Org X server The X server could be made to reveal keystrokes of other users. oval:org.secpod.oval:def:702330 mutt: text-based mailreader supporting MIME, GPG, PGP and threading The mutt mail client could be made to crash if it opened a specially crafted email. oval:org.secpod.oval:def:701489 libcommons-fileupload-java: File upload capability for servlets and web applications Apache Commons FileUpload could be made to overwrite files. oval:org.secpod.oval:def:702321 tcpdump: command-line network traffic analyzer Several security issues were fixed in tcpdump. oval:org.secpod.oval:def:702326 graphviz: rich set of graph drawing tools graphviz could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701236 poppler: PDF rendering library Applications using poppler could be made to crash or possibly run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701238 libxslt: XSLT processing library Applications using libxslt could be made to crash if they processed a specially crafted file. oval:org.secpod.oval:def:702310 flac: Free Lossless Audio Codec FLAC could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701224 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:702319 ppp: Point-to-Point Protocol ppp could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:701217 nspr: NetScape Portable Runtime Library Details: USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:701207 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701424 pyopenssl: Python wrapper around the OpenSSL library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701425 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:700567 samba: SMB/CIFS file, print, and login server for Unix An attacker could use a malicious URL to reconfigure Samba or steal information. oval:org.secpod.oval:def:700256 Volker Lendecke discovered that Samba incorrectly handled certain file descriptors. A remote attacker could send a specially crafted request to the server and cause Samba to crash or hang, resulting in a denial of service. oval:org.secpod.oval:def:700852 samba: SMB/CIFS file, print, and login server for Unix Samba could allow a user to gain administrative privileges to the Samba server. oval:org.secpod.oval:def:700533 libxml2: GNOME XML library libxml2 could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700772 firefox: Mozilla Open Source web browser Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Firefox. Original advisory Firefox could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700776 xulrunner-1.9.2: Mozilla Gecko runtime environment Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Xulrunner. Original advisory Xulrunner based applications could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:700535 openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Multiple OpenJDK 6 vulnerabilities have been fixed. oval:org.secpod.oval:def:700777 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Thunderbird. Original advisory Thunderbird could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700521 subversion: Advanced version control system An attacker could send crafted input to the Subversion mod_dav_svn module for Apache and cause it to crash or gain access to restricted files. oval:org.secpod.oval:def:700711 libarchive: Library to read/write archive files libarchive could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700674 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700651 php5: HTML-embedded scripting language interpreter PHP could be made to crash or disclose sensitive information if it processed a specially crafted image file. oval:org.secpod.oval:def:700836 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as the administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:700832 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700571 libxfont: X11 font rasterisation library libXfont could be made to run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:701011 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be tricked into downloading a different key when downloading from a key server. oval:org.secpod.oval:def:700935 openjdk-6: Open Source Java implementation - icedtea-web: A web browser plugin to execute Java applets Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701060 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702351 bsd-mailx: simple mail user agent bsd-mailx could be made to run programs if it parsed a specially crafted email address. oval:org.secpod.oval:def:702470 gnutls28: GNU TLS library - gnutls26: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:702437 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702464 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:702333 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702288 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702157 gpgme1.0: GPGME - GnuPG Made Easy GPGME could be made to crash or run programs as your login if it processed a specially crafted certificate. oval:org.secpod.oval:def:702234 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:702119 cups: Common UNIX Printing System CUPS could be made to expose sensitive information, leading to privilege escalation. oval:org.secpod.oval:def:701958 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:700660 apt: Advanced front-end for dpkg Details: It was discovered that APT incorrectly handled the Verify-Host configuration option. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to steal repository credentials. This issue only affected Ubuntu 10 ... oval:org.secpod.oval:def:700653 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701422 policykit-1: framework for managing administrative policies and privileges polkit could be tricked into giving out improper authorization. oval:org.secpod.oval:def:701411 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:701318 libxtst: X11 Record extension library Several security issues were fixed in libxtst. oval:org.secpod.oval:def:700816 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700704 linux-fsl-imx51: Linux kernel for IMX51 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701175 qt4-x11: Qt 4 libraries Several security issues were fixed in Qt. oval:org.secpod.oval:def:701156 squid3: Full featured Web Proxy cache - squid: Internet object cache squid-cgi could consume excessive system resources, leading to a denial of service attack on it and other hosted services. oval:org.secpod.oval:def:701099 tiff: Tag Image File Format library Programs that use LibTIFF could be made to crash or run programs if they opened a specially crafted file. oval:org.secpod.oval:def:700782 libxml2: GNOME XML library libxml2 could be made to cause a denial of service by consuming excessive CPU resources. oval:org.secpod.oval:def:701021 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs. oval:org.secpod.oval:def:701071 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701020 devscripts: scripts to make the life of a Debian Package maintainer easier Several security issues were fixed in devscripts. oval:org.secpod.oval:def:701029 dbus: simple interprocess messaging system Details: USN-1576-1 fixed vulnerabilities in DBus. The update caused a regression for certain services launched from the activation helper, and caused an unclean shutdown on upgrade. This update fixes the problem. We apologize for the inconvenience. Origina ... oval:org.secpod.oval:def:701014 ghostscript: The GPL Ghostscript PostScript/PDF interpreter Ghostscript could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701007 dbus: simple interprocess messaging system DBus could be made to run programs as an administrator. oval:org.secpod.oval:def:700992 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701022 eglibc: GNU C Library - glibc: GNU C Library Multiple security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:700970 libotr: Off-the-Record Messaging library Applications using Off-the-Record messaging plugins could be made to crash or run programs if it received specially crafted network messages. oval:org.secpod.oval:def:700943 tiff: Tag Image File Format library tiff2pdf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701032 linux-ec2: Linux kernel for EC2 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700967 openoffice.org: Office productivity suite OpenOffice.org could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700952 qemu-kvm: Machine emulator and virtualizer QEMU could be made to overwrite files as the administrator, or expose sensitive information. oval:org.secpod.oval:def:700890 linux-ec2: Linux kernel for EC2 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:700894 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:700594 linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700546 qemu-kvm: Machine emulator and virtualizer A privileged attacker within a QEMU guest could cause QEMU to crash. oval:org.secpod.oval:def:700527 qemu-kvm: Machine emulator and virtualizer A privileged attacker within a QEMU guest could cause QEMU to crash. oval:org.secpod.oval:def:700747 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it opened specially crafted data. oval:org.secpod.oval:def:700924 openoffice.org: Office productivity suite OpenOffice.org could be made to crash or potentially run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700915 linux-lts-backport-oneiric: Linux kernel backport from Oneiric The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700662 libmodplug: Library for mod music based on ModPlug libmodplug could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700851 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700778 cvs: Concurrent Versions System cvs could be made to crash or run programs as your login if it connected to a malicious proxy server. oval:org.secpod.oval:def:700708 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700830 tiff: Tag Image File Format library The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700652 linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700835 linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700822 linux-fsl-imx51: Linux kernel for IMX51 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700821 linux-ec2: Linux kernel for EC2 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700818 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700698 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700854 php5: HTML-embedded scripting language interpreter Standalone PHP CGI scripts could be made to execute arbitrary code with the privilege of the web server. oval:org.secpod.oval:def:700811 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted font file. oval:org.secpod.oval:def:700738 qemu-kvm: Machine emulator and virtualizer A remote attacker could cause QEMU to crash. oval:org.secpod.oval:def:700684 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700666 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700763 openssl: Secure Socket Layer binary and related cryptographic tools Multiple vulnerabilities exist in OpenSSL that could expose sensitive information or cause applications to crash. oval:org.secpod.oval:def:700746 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700744 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700728 linux-fsl-imx51: Linux kernel for IMX51 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700721 linux-ec2: Linux kernel for EC2 Two security issues were fixed in the kernel. oval:org.secpod.oval:def:701142 rpm: package manager for RPM RPM could be made to crash or run programs if it opened a specially crafted package file. oval:org.secpod.oval:def:700699 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700650 openldap: OpenLDAP utilities An OpenLDAP server could potentially be made to crash if it received specially crafted network traffic from an authenticated user. oval:org.secpod.oval:def:700661 vsftpd: FTP server written for security Vsftpd or other applications could be made to crash if vsftpd received specially crafted network traffic. oval:org.secpod.oval:def:700247 It was discovered that FUSE would incorrectly follow symlinks when checking mountpoints under certain conditions. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service. oval:org.secpod.oval:def:700566 libvirt: Libvirt virtualization toolkit An authenticated attacker could send crafted input to libvirt and cause it to crash. oval:org.secpod.oval:def:700564 libsndfile: Library for reading/writing audio files An application using libsndfile could be made to crash or possibly run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700497 tiff: TIFF manipulation and conversion tools The TIFF library could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700490 kde4libs: KDE 4 core applications An attacker could send crafted input to Konqueror to view sensitive information. oval:org.secpod.oval:def:700557 logrotate: Log rotation utility An attacker could cause logrotate to run programs, stop working, or read and write arbitrary files. oval:org.secpod.oval:def:700501 rsync: fast remote file copy program rsync could be made to crash or run programs as your login if it connected to a malicious server. oval:org.secpod.oval:def:700273 Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash. oval:org.secpod.oval:def:700278 Martin Barbella discovered that the thunder decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the ap ... oval:org.secpod.oval:def:700707 pidgin: multi-protocol instant messaging client Pidgin could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700244 Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames , they could execute arbitrary code with root privileges. oval:org.secpod.oval:def:700261 USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel architectures. In order to build the armel OpenJDK 6 update for Ubuntu 10.04 LTS, it was necessary to rebuild binutils and gcj-4.4 from Ub ... oval:org.secpod.oval:def:700254 It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. It was discovered that the Java launcher did not did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker coul ... oval:org.secpod.oval:def:700238 It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify th ... oval:org.secpod.oval:def:700223 Charlie Miller discovered several heap overflows in PPT processing. If a user or automated system were tricked into opening a specially crafted PPT document, a remote attacker could execute arbitrary code with user privileges. Ubuntu 10.10 was not affected. Marc Schoenefeld discovered that director ... oval:org.secpod.oval:def:700226 It was discovered that IcedTea for Java did not properly verify signatures when handling multiply signed or partially signed JAR files, allowing an attacker to cause code to execute that appeared to come from a verified source. USN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu ... oval:org.secpod.oval:def:700245 Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10. Dan Ro ... oval:org.secpod.oval:def:700498 pcsc-lite: Middleware to access a smart card using PC/SC PCSC-Lite could be made to crash or run programs if it accessed a special smart card. oval:org.secpod.oval:def:700215 It was discovered that the JNLP SecurityManager in IcedTea for Java OpenJDK in some instances failed to properly apply the intended scurity policy in its checkPermission method. This could allow an attacker execute code with privileges that should have been prevented oval:org.secpod.oval:def:700233 It was discovered that Subversion incorrectly handled certain "partial access" privileges in rare scenarios. Remote authenticated users could use this flaw to obtain sensitive information . This issue only applied to Ubuntu 6.06 LTS. It was discovered that the Subversion mod_dav_svn module for Apac ... oval:org.secpod.oval:def:700224 It was discovered that Exim contained a design flaw in the way it processed alternate configuration files. An attacker that obtained privileges of the "Debian-exim" user could use an alternate configuration file to obtain root privileges. It was discovered that Exim incorrectly handled ce ... oval:org.secpod.oval:def:700222 It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server out ... oval:org.secpod.oval:def:700039 Marc Schoenefeld discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 6 ... oval:org.secpod.oval:def:700144 Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges oval:org.secpod.oval:def:700158 It was discovered that Quagga incorrectly handled certain Outbound Route Filtering records. A remote authenticated attacker could use this flaw to cause a denial of service or potentially execute arbitrary code. The default compiler options for Ubuntu 8.04 LTS and later should reduce the vulnerabil ... oval:org.secpod.oval:def:700156 Andrew Bartlett discovered that Samba did not correctly validate the length when parsing SIDs. A remote attacker could send a specially crafted request to the server and cause a denial of service, or possibly execute arbitrary code with the privileges of the Samba service . The default compiler opti ... oval:org.secpod.oval:def:700087 It was discovered that libHX incorrectly handled certain parameters to the HX_split function. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code with the privileges of the user. The default compiler options for affected releases should reduce the vulnerab ... oval:org.secpod.oval:def:700257 Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu ... oval:org.secpod.oval:def:700194 It was discovered that Mako incorrectly filtered single-quote characters when performing html filtering. An attacker could utilize this to perform cross-site scripting attacks. oval:org.secpod.oval:def:700058 Kevin Finisterre discovered that the TIFF library did not correctly handle certain image structures. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a den ... oval:org.secpod.oval:def:700178 It was discovered that ClamAV did not properly reallocate memory when processing certain PDF files. A remote attacker could send a specially crafted PDF and crash ClamAV. An out of bounds memory access flaw was discovered in ClamAV. A remote attacker could send a specially crafted Portable Executab ... oval:org.secpod.oval:def:700210 It was discovered that a NULL pointer dereference in the code for handling transformations of monochrome profiles could allow an attacker to cause a denial of service through a specially crafted image oval:org.secpod.oval:def:702202 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:701488 libxml-security-java: implementation of security standards for XML Apache XML Security for Java could be tricked into validating spoofed signatures. oval:org.secpod.oval:def:700213 It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. It was discovered that the XML UTF-8 decoding code did not properly handle non-s ... oval:org.secpod.oval:def:700088 Tavis Ormandy discovered multiple flaws in the GNU C Library"s handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges oval:org.secpod.oval:def:700204 USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the "man" program was installed setuid, a local attacker could exploi ... oval:org.secpod.oval:def:700734 linux-lts-backport-oneiric: Linux kernel backport from Oneiric The system could be made to run programs as an administrator. oval:org.secpod.oval:def:700010 It was discovered that APR-util did not properly handle memory when destroying APR buckets. An attacker could exploit this and cause a denial of service via memory exhaustion. oval:org.secpod.oval:def:700735 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700685 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700675 linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700678 linux-fsl-imx51: Linux kernel for IMX51 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700657 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700655 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700663 radvd: Router Advertisement Daemon radvd could be made to crash or overwrite certain files if it received specially crafted network traffic. oval:org.secpod.oval:def:700679 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700570 ecryptfs-utils: ecryptfs cryptographic filesystem eCryptfs could be tricked into mounting and unmounting arbitrary locations, and possibly disclose confidential information. oval:org.secpod.oval:def:700720 linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700715 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700801 linux-fsl-imx51: Linux kernel for IMX51 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:700586 linux-mvl-dove: Linux kernel for DOVE Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700528 libmodplug: Library for mod music based on ModPlug libmodplug could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700813 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700709 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:700672 apache2: Apache HTTP server - apache2-mpm-itk: multiuser MPM for Apache 2.2 Details: It was discovered that the mod_proxy module in Apache did not properly interact with the RewriteRule and ProxyPassMatch pattern matches in the configuration of a reverse proxy. This could allow remote attackers to c ... oval:org.secpod.oval:def:700770 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700683 tomcat6: Servlet and JSP engine Tomcat could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:700584 apache2: Apache HTTP server A remote attacker could send crafted input to Apache and cause it to crash. oval:org.secpod.oval:def:700532 libvirt: Libvirt virtualization toolkit Libvirt could be made to crash or read arbitrary files on the host. oval:org.secpod.oval:def:700783 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Several security issues were fixed in ruby1.8. oval:org.secpod.oval:def:700529 gimp: The GNU Image Manipulation Program GIMP could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700562 libpng: PNG file library Libpng could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700552 linux-ec2: Linux kernel for EC2 Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700556 linux: Linux kernel Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700487 postfix: High-performance mail transport agent An attacker could send crafted input to Postfix and cause it to crash or run programs. oval:org.secpod.oval:def:700488 kdenetwork: networking applications for KDE 4 An attacker could overwrite files owned by the user if KGet opened a crafted metalink file. oval:org.secpod.oval:def:700279 Mathias Svensson discovered that the tex-common package contains an insecure shell_escape_commands configuration item. If a user or automated system were tricked into opening a specially crafted TeX file, a remote attacker could execute arbitrary code with user privileges. oval:org.secpod.oval:def:700248 It was discovered that the Microsoft Office processing code in libclamav improperly handled certain Visual Basic for Applications data. This could allow a remote attacker to craft a document that could crash clamav or possibly execute arbitrary code. In the default installation, attackers would be ... oval:org.secpod.oval:def:700250 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kerne ... oval:org.secpod.oval:def:700251 USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for use with EC2. Original advisory details: Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to cr ... oval:org.secpod.oval:def:700272 It was discovered that the Tomcat SecurityManager did not properly restrict the working directory. An attacker could use this flaw to read or write files outside of the intended working directory. It was discovered that Tomcat did not properly escape certain parameters in the Manager application wh ... oval:org.secpod.oval:def:700225 Geoff Keating reported that a buffer overflow exists in the intarray module"s input function for the query_int type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user. oval:org.secpod.oval:def:700516 pam: Pluggable Authentication Modules An attacker could cause PAM to read or delete arbitrary files or cause it to crash. oval:org.secpod.oval:def:700281 Cesar Bernardini and Felipe Andres Manzano discovered that FFmpeg incorrectly handled certain malformed flic files. If a user were tricked into opening a crafted flic file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of th ... oval:org.secpod.oval:def:700286 It was discovered that GIMP incorrectly handled malformed data in certain plugin configuration files. If a user were tricked into opening a specially crafted plugin configuration file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user"s privileges. The default c ... oval:org.secpod.oval:def:700266 Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure me ... oval:org.secpod.oval:def:700030 Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input. This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code. It was discovered that an off-by-one error in the icon_cb function ... oval:org.secpod.oval:def:700071 An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program. oval:org.secpod.oval:def:700064 USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2. Original advisory details: An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker cou ... oval:org.secpod.oval:def:700179 USN-986-1 fixed a vulnerability in bzip2. This update provides the corresponding update for ClamAV. Original advisory details: An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any applicati ... oval:org.secpod.oval:def:700149 It was discovered that OpenSSL incorrectly handled return codes from the bn_wexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06 LT ... oval:org.secpod.oval:def:700093 It was discovered that Apache"s mod_cache and mod_dav modules incorrectly handled requests that lacked a path. A remote attacker could exploit this with a crafted request and cause a denial of service. This issue affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. It was discovered that Apache ... oval:org.secpod.oval:def:700052 It was discovered that Tomcat incorrectly handled invalid Transfer-Encoding headers. A remote attacker could send specially crafted requests containing invalid headers to the server and cause a denial of service, or possibly obtain sensitive information from other requests. oval:org.secpod.oval:def:700065 It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.1 ... oval:org.secpod.oval:def:701359 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:700733 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:702232 bash: GNU Bourne Again SHell Bash allowed bypassing environment restrictions in certain environments. oval:org.secpod.oval:def:702228 bash: GNU Bourne Again SHell Bash allowed bypassing environment restrictions in certain environments. oval:org.secpod.oval:def:700765 php5: HTML-embedded scripting language interpreter Multiple vulnerabilities in PHP. oval:org.secpod.oval:def:700994 linux-lts-backport-natty: Linux kernel backport from Natty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700995 linux-lts-backport-oneiric: Linux kernel backport from Oneiric The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700988 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700986 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701194 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701199 dbus-glib: simple interprocess messaging system An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges. oval:org.secpod.oval:def:701191 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701181 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701173 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701171 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701177 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701176 linux-ec2: Linux kernel for EC2 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701169 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701146 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701135 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:701360 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701362 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701126 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701127 linux-ec2: Linux kernel for EC2 The system could be made to leak sensitive system information. oval:org.secpod.oval:def:701124 linux: Linux kernel The system could be made to leak sensitive system information. oval:org.secpod.oval:def:701125 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701129 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701356 openssl: Secure Socket Layer cryptographic library and tools Applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701101 linux: Linux kernel The system"s firewall could be bypassed by a remote attacker. oval:org.secpod.oval:def:701103 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database MySQL could be made to run programs if it received specially crafted network traffic from an authenticated user. oval:org.secpod.oval:def:701106 linux-ec2: Linux kernel for EC2 The system"s firewall could be bypassed by a remote attacker. oval:org.secpod.oval:def:701349 curl: HTTP, HTTPS, and FTP client and client libraries libcurl could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:701561 perl: Practical Extraction and Report Language Perl could be made to run programs if it processed a specially crafted Locale::Maketext templates. oval:org.secpod.oval:def:700214 Sebastian Krahmer discovered that HPLIP incorrectly handled certain long SNMP responses. A remote attacker could send malicious SNMP replies to certain HPLIP tools and cause them to crash or possibly execute arbitrary code. oval:org.secpod.oval:def:700888 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700872 openssl: Secure Socket Layer cryptographic library and tools Applications using OpenSSL in certain situations could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700868 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700856 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700847 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700841 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700842 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700843 openssl: Secure Socket Layer cryptographic library and tools An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:700838 openssl: Secure Socket Layer cryptographic library and tools An application using OpenSSL could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701098 cups: Common UNIX Printing System - cupsys: Common UNIX Printing System CUPS could be made to read files or run programs as an administrator. oval:org.secpod.oval:def:701086 perl: Larry Wall"s Practical Extraction and Report Language Perl programs could be made to crash or run programs if they receive specially crafted network traffic or other input. oval:org.secpod.oval:def:701077 tomcat6: Servlet and JSP engine Several security issues were fixed in Apache Tomcat. oval:org.secpod.oval:def:701067 qt4-x11: Qt 4 libraries Qt applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701066 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:701275 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701039 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:701255 curl: HTTP, HTTPS, and FTP client and client libraries Applications using libcurl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701243 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701245 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701232 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701233 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Ruby could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701235 libxml2: GNOME XML library libxml2 could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701223 perl: Practical Extraction and Report Language Perl could be made to stop responding if it received specially crafted input. oval:org.secpod.oval:def:701229 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701211 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory Thunderbird could be made to crash or run programs as your login. oval:org.secpod.oval:def:701215 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701219 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701200 sudo: Provide limited super user privileges to specific users Sudo could be made to run programs as the administrator without a password prompt. oval:org.secpod.oval:def:701209 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701206 openjdk-6: Open Source Java implementation OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701439 hplip: HP Linux Printing and Imaging System HPLIP could be made to overwrite files. oval:org.secpod.oval:def:701403 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701634 php5: HTML-embedded scripting language interpreter PHP could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701635 file: Tool to determine file types File could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701621 samba: SMB/CIFS file, print, and login server for Unix Samba did not properly enforce the password guessing protection mechanism. oval:org.secpod.oval:def:701618 apache2: Apache HTTP server Apache HTTP server could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701611 sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo. oval:org.secpod.oval:def:700999 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:700949 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702089 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:702271 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702264 libxml2: GNOME XML library libxml2 could be made to consume resources if it processed a specially crafted file. oval:org.secpod.oval:def:702256 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702245 file: Tool to determine file types file could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701399 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702236 rsyslog: Enhanced syslogd Rsyslog could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:702222 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701374 gnupg: GNU privacy guard - a free PGP replacement - libgcrypt11: LGPL Crypto library - runtime library GnuPG and Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:701137 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701378 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701128 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to corrupt the keyring if it imported a specially crafted key. oval:org.secpod.oval:def:701590 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702205 php5: HTML-embedded scripting language interpreter php5 could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701584 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701585 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701104 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701588 file: Tool to determine file types File could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:702402 file: Tool to determine file types file could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701543 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701547 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701539 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted font file. oval:org.secpod.oval:def:701520 gnupg: GNU privacy guard - a free PGP replacement GnuPG could expose sensitive information when performing decryption. oval:org.secpod.oval:def:701514 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:700880 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701954 libxfont: X11 font rasterisation library Several security issues were fixed in libXfont. oval:org.secpod.oval:def:701935 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701934 libxalan2-java: XSL Transformations processor in Java Xalan-Java could be made to load arbitrary classes or access external resources. oval:org.secpod.oval:def:701096 linux-ec2: Linux kernel for EC2 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701092 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702171 eglibc: GNU C Library Certain applications could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702162 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:702156 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702397 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702158 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702145 eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:701299 gnutls26: GNU TLS library GnuTLS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701289 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701035 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702113 file: Tool to determine file types File could be made to crash or hang if it processed specially crafted data. oval:org.secpod.oval:def:702112 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701492 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701000 bind9: Internet Domain Name Server Bind could be made to crash or if it received specially crafted network traffic. oval:org.secpod.oval:def:701237 bind9: Internet Domain Name Server Bind could be made to consume memory or crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701468 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701450 eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:701214 php5: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701446 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:701202 gnutls26: GNU TLS library - gnutls13: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:22313 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:701660 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701426 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:700969 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700968 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700964 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700955 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700923 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700920 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700917 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702372 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701012 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701010 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701009 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702338 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701008 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702514 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701507 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701503 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701521 libjpeg-turbo: library for handling JPEG files - libjpeg6b: library for handling JPEG files libjpeg and libjpeg-turbo could be made to expose sensitive information. oval:org.secpod.oval:def:700716 ghostscript: The GPL Ghostscript PostScript/PDF interpreter Ghostscript could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700665 jasper: Library for manipulating JPEG-2000 files JasPer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702391 ghostscript: PostScript and PDF interpreter Details: USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory Ghostscript could be made to crash or run programs as your login if it opened a sp ... oval:org.secpod.oval:def:702325 ghostscript: PostScript and PDF interpreter Details: USN-2434-1 fixed a vulnerability in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory Ghostscript could be made to crash or run programs as your login if it opened a sp ... oval:org.secpod.oval:def:700259 It was discovered that Avahi incorrectly handled empty UDP packets. A remote attacker could send a specially-crafted packet and cause Avahi to hang, resulting in a denial of service. oval:org.secpod.oval:def:700181 It was discovered that Avahi incorrectly handled certain mDNS query packets when the reflector feature is enabled, which is not the default configuration on Ubuntu. A remote attacker could send crafted mDNS queries and perform a denial of service on the server and on the network. This issue only aff ... oval:org.secpod.oval:def:700036 Ludwig Nussel discovered w3m does not properly handle SSL/TLS certificates with NULL characters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications oval:org.secpod.oval:def:702212 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:700561 dbus: simple interprocess messaging system DBus could be made to crash if it processed a specially crafted message. oval:org.secpod.oval:def:700216 Remi Denis-Courmont discovered that D-Bus did not properly validate the number of nested variants when validating D-Bus messages. A local attacker could exploit this to cause a denial of service. oval:org.secpod.oval:def:700569 linux-lts-backport-maverick: Linux kernel backport from Maverick Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700544 linux-mvl-dove: Linux kernel for DOVE Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700519 linux: Linux kernel - linux-ec2: Linux kernel for EC2 Multiple kernel vulnerabilities have been fixed. oval:org.secpod.oval:def:700040 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. oval:org.secpod.oval:def:700260 Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure me ... oval:org.secpod.oval:def:700253 Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this t ... oval:org.secpod.oval:def:700015 Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Al Viro discovered a ... oval:org.secpod.oval:def:700246 USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Original advisory details: Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of servi ... oval:org.secpod.oval:def:700207 Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. Only Ubuntu 9 ... oval:org.secpod.oval:def:700117 Adrian Pastor and Tim Starling discovered that the CUPS web interface incorrectly protected against cross-site request forgery attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly ... oval:org.secpod.oval:def:700104 Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memory manager did not properly handle when applications grow stacks into adjacent memory regions. A local attacker could exploit this to gain control of certain applications, potentially leading to privilege escalation, as demonst ... oval:org.secpod.oval:def:700101 Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that th ... oval:org.secpod.oval:def:700589 linux-fsl-imx51: Linux kernel for IMX51 Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:700085 The SNMP server did not correctly validate certain UDP clients when using TCP wrappers. Under some situations, a remote attacker could bypass access restrictions and communicate with the SNMP server, potentially leading to a loss of privacy or a denial of service. oval:org.secpod.oval:def:700146 Pierre Noguès discovered that Pidgin incorrectly handled malformed SLP messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, 9.10 and 10.04 LTS. Daniel ... oval:org.secpod.oval:def:700834 puppet: Centralized configuration management Several security issues were fixed in puppet. oval:org.secpod.oval:def:700580 webkit: Web content engine library for GTK+ Multiple security vulnerabilities were fixed in WebKit. oval:org.secpod.oval:def:700110 It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileg ... oval:org.secpod.oval:def:700143 Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. A local attacker could exploit this to crash knfsd, leading to a denial of service. Chris Guo, Jukka Taimisto, and Olli Jarva discovered that SCTP did not correctly handle invalid parameters. A remote attacker cou ... oval:org.secpod.oval:def:701083 lynx-cur: Text-mode WWW Browser with NLS support Two security issues were fixed in Lynx. oval:org.secpod.oval:def:701641 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701620 openssh: secure shell for secure access to remote machines OpenSSH incorrectly handled environment restrictions with wildcards. oval:org.secpod.oval:def:702080 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702241 bash: GNU Bourne Again SHell Several security issues were fixed in Bash. oval:org.secpod.oval:def:702239 bash: GNU Bourne Again SHell Several security issues were fixed in Bash. oval:org.secpod.oval:def:702469 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702466 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:700496 php5: HTML-embedded scripting language interpreter Multiple vulnerabilities in PHP. oval:org.secpod.oval:def:700499 php5: HTML-embedded scripting language interpreter Details: USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubu ... oval:org.secpod.oval:def:701516 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702180 procmail: Versatile e-mail processor formail could be made to crash or run programs if it processed specially crafted mail. oval:org.secpod.oval:def:702396 eglibc: GNU C Library The GNU C Library could be made to crash or run programs. oval:org.secpod.oval:def:702359 unzip: De-archiver for .zip files unzip could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701490 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:702317 glibc: GNU C Library - eglibc: GNU C Library The GNU C Library could be made to crash or run programs. oval:org.secpod.oval:def:702513 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702044 gnutls26: GNU TLS library GnuTLS could be made to crash or run programs if it connected to a malicious server. oval:org.secpod.oval:def:702221 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702220 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702454 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701591 gnutls26: GNU TLS library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702400 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702138 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:702544 linux-ec2: Linux kernel for EC2 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702535 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701624 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702092 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702201 nss: Network Security Service library NSS could be made to crash or run programs as your login if it processed a specially crafted certificate. oval:org.secpod.oval:def:701550 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700793 linux-lts-backport-maverick: Linux kernel backport from Maverick Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700791 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700796 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700797 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700798 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700547 linux-fsl-imx51: Linux kernel for IMX51 Multiple kernel flaws have been fixed. oval:org.secpod.oval:def:701193 linux-lts-backport-oneiric: Linux kernel backport from Oneiric The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701190 linux-ec2: Linux kernel for EC2 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701189 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701155 inkscape: vector-based drawing program Several security issues were fixed in Inkscape. oval:org.secpod.oval:def:701131 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700270 Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or exposde kernel memory, leading to a loss of privacy. Ben Hutchings discover ... oval:org.secpod.oval:def:701354 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701355 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701114 linux-lts-backport-oneiric: Linux kernel backport from Oneiric The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701330 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701334 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700229 Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attac ... oval:org.secpod.oval:def:700892 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700895 linux-lts-backport-natty: Linux kernel backport from Natty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700873 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700869 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700863 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701093 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701043 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701285 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701286 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701263 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701028 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701259 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701241 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701248 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701249 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701212 linux-lts-backport-oneiric: Linux kernel backport from Oneiric Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700787 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:700975 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could allow unintended access to files over the network when using the XML2 extension. oval:org.secpod.oval:def:700929 tiff: Tag Image File Format library The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701168 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701240 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:700903 raptor: Raptor RDF parser and serializer library Applications using Raptor could be made to expose sensitive information or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:700099 It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. oval:org.secpod.oval:def:700084 Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomäki discovered that the slap_modrdn2mods function in modrdn.c in OpenLDAP does not check the return value from a call to the smr_normalize function. A remote attacker could use specially crafted modrdn requests to crash the ... oval:org.secpod.oval:def:700044 It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was ... oval:org.secpod.oval:def:700008 Emmanuel Bouillon discovered that CUPS did not properly handle certain Internet Printing Protocol packets. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code. In the default installation in Ubuntu 8.04 LTS and later, attackers would be isolated by ... oval:org.secpod.oval:def:700805 mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700191 Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. An attacker could exploit this issue to cause the PHP server to crash, resulting in a denial of service. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. It was discovered that the pseudorandom numbe ... oval:org.secpod.oval:def:700186 Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Firefox processed pl ... oval:org.secpod.oval:def:700153 Robert Święcki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges. oval:org.secpod.oval:def:700121 USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser o ... oval:org.secpod.oval:def:700122 It was discovered that MySQL did not check privileges before uninstalling plugins. An authenticated user could uninstall arbitrary plugins, bypassing intended restrictions. This issue only affected Ubuntu 9.10 and 10.04 LTS. It was discovered that MySQL could be made to delete another user"s data a ... oval:org.secpod.oval:def:700128 Several flaws were discovered in the browser engine of Thunderbird. If a user were tricked into viewing malicious content, a remote attacker could use this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. An integer overflow was discovered in how Thunderbird pro ... oval:org.secpod.oval:def:700773 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:702136 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:700993 xmlrpc-c: Lightweight RPC library based on XML and HTTP Details: USN-1527-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Both issues described in the original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04, 11.10 and 12 ... oval:org.secpod.oval:def:700959 expat: XML parsing C library - example application Expat could be made to cause a denial of service by consuming excessive CPU and memory resources. oval:org.secpod.oval:def:700028 It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. A local attacker could exploit this to cause a denial of service. It was discovered that the r8169 network driver did n ... oval:org.secpod.oval:def:701396 php5: HTML-embedded scripting language interpreter Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:700042 Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. This update adds backported support for the new ... oval:org.secpod.oval:def:700014 Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user"s session. USN-923-1 disabled SSL/TLS renegotiation by def ... oval:org.secpod.oval:def:700142 USN-860-1 introduced a partial workaround to Apache that disabled client initiated TLS renegotiation in order to mitigate CVE-2009-3555. USN-990-1 introduced the new RFC5746 renegotiation extension in openssl, and completely resolves the issue. After updating openssl, an Apache server will allow bot ... oval:org.secpod.oval:def:702244 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702238 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702440 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702433 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700906 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:700881 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash or incorrectly handle authentication. oval:org.secpod.oval:def:700510 apr: The Apache Portable Runtime Library - apache2: a scalable, extensible web server A denial of service issue exists that affects the Apache web server. oval:org.secpod.oval:def:702196 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702198 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702336 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702328 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702486 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700713 icedtea-web: A web browser plugin to execute Java applets - openjdk-6: Open Source Java implementation - openjdk-6b18: Open Source Java implementation Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed. oval:org.secpod.oval:def:702068 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701589 python2.7: An interactive high-level object-oriented language - python3.3: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language - python2.6: An interactive high-level object-oriented language Python could be made to crash or run programs ... oval:org.secpod.oval:def:700667 python3.1: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language Applications using certain Python 3 modules could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:701055 python3.1: An interactive high-level object-oriented language Several security issues were fixed in Python 3.1. oval:org.secpod.oval:def:701030 python2.6: An interactive high-level object-oriented language Several security issues were fixed in Python 2.6. oval:org.secpod.oval:def:701444 python2.6: An interactive high-level object-oriented language Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701650 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701642 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702083 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702076 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702299 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701375 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701368 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701592 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701593 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701580 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701573 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702403 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701536 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701526 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702114 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702118 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702102 linux-ec2: Linux kernel for EC2 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702104 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701475 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701476 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702303 linux: Linux kernel The system could be made to deny write access to files. oval:org.secpod.oval:def:701435 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701438 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701662 linux-ec2: Linux kernel for EC2 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701663 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:700063 Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. Je ... oval:org.secpod.oval:def:700658 thunderbird: Mozilla Open Source mail and newsgroup client Multiple vulnerabilities have been fixed in Thunderbird. oval:org.secpod.oval:def:700656 firefox: Mozilla Open Source web browser - xulrunner-1.9.2: Mozilla Gecko runtime environment Multiple vulnerabilities have been fixed in Firefox and Xulrunner. oval:org.secpod.oval:def:700802 eglibc: Embedded GNU C Library: sources - glibc: GNU C Library: Documentation Multiple vulnerabilities were discovered and fixed in the GNU C Library. oval:org.secpod.oval:def:702046 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702048 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701366 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:700781 openjdk-6: Open Source Java implementation Multiple OpenJDK 6 vulnerabilities have been fixed. oval:org.secpod.oval:def:700788 openjdk-6b18: Open Source Java implementation Details: USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM . This provides the corresponding OpenJDK 6 update for use with the ARM architecture in Ubuntu 10.04 LTS, Ubun ... oval:org.secpod.oval:def:701058 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:702063 linux-ec2: Linux kernel for EC2 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702057 linux: Linux kernel Several security issues were fixed in the kernel. |