Download
| Alert*
|
oval:org.secpod.oval:def:37386
gdk-pixbuf: GDK-Pixbuf library GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700951 icedtea-web: A web browser plugin to execute Java applets The IcedTea-Web Java web browser plugin could be made to crash or possibly run programs as your login if it opened a specially crafted applet. oval:org.secpod.oval:def:700948 isc-dhcp: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700904 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700874 nut: Network UPS tools Nut could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700859 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701063 mesa: free implementation of the EGL API Mesa could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:701069 libproxy: automatic proxy configuration management library libproxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701057 exim4: Exim is a mail transport agent Exim could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701004 isc-dhcp: DHCP server and client - dhcp3: DHCP server and client DHCP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700946 openssl: Secure Socket Layer cryptographic library and tools OpenSSL incorrectly disabled TLS 1.1 and TLS 1.2 in certain applications. oval:org.secpod.oval:def:23613 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:701025 - xdiagnose: X.org diagnosis tool 3rd party applications using xdiagnose could potentially be made to overwrite files. oval:org.secpod.oval:def:33564 pam: Pluggable Authentication Modules Details: USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2935-1 introduced a reg ... oval:org.secpod.oval:def:36756 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Details: USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily ... oval:org.secpod.oval:def:700996 firefox: Mozilla Open Source web browser Details: USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Original advisory USN-1548-1 introduced a regression in Firefox. oval:org.secpod.oval:def:700953 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173: NVIDIA binary Xorg driver - nvidia-graphics-drivers-173-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver NVIDIA graphics drivers could be made to run programs as an admini ... oval:org.secpod.oval:def:700908 firefox: Mozilla Open Source web browser Details: USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Original advisory USN-1463-1 introduced regressions i ... oval:org.secpod.oval:def:700900 unity-2d: Unity interface for non-accelerated graphics cards Popup menus were not working in Firefox under Unity 2D. oval:org.secpod.oval:def:700893 apparmor: Linux security system This update provides updates for the AppArmor profile abstractions. oval:org.secpod.oval:def:700898 apt: Advanced front-end for dpkg APT now more thoroughly verifies imported keyrings. oval:org.secpod.oval:def:700889 nova: OpenStack Compute cloud infrastructure Details: USN 1466-1 fixed a vulnerability in Nova. The upstream patch introduced a regression when a security group granted full access and therefore the network protocol was left unset, causing an error in processing. This update fixes the issue. We apol ... oval:org.secpod.oval:def:701095 firefox: Mozilla Open Source web browser Details: USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Original advisory Regressions were introduced in the last Firefox update. oval:org.secpod.oval:def:701073 python-django: High-level Python web development framework Details: USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. Original advisory ... oval:org.secpod.oval:def:701026 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1551-1 fixed vulnerabilities in Thunderbird. The new package caused a regression in the message editor and certain performance regressions as well. This update fixes the problems. Original advisory USN-1551-1 introduced regressi ... oval:org.secpod.oval:def:700849 Ubuntu 12.04 is installed oval:org.secpod.oval:def:34608 libarchive: Library to read/write archive files libarchive could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701023 software-properties: manage the repositories that you install software from Software Properties could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:700947 mono: Mono is a platform for running and developing applications Mono could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700933 rhythmbox: music player and organizer for GNOME Rhythmbox could be made to run programs as your login when using the Context plugin. oval:org.secpod.oval:def:700864 backuppc: high-performance, enterprise-grade system for backing up PCs BackupPC could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700857 horizon: Web interface for OpenStack cloud infrastructure Horizon could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701017 transmission: lightweight BitTorrent client Transmission could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700971 clamav: Anti-virus utility for Unix Details: USN-1482-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan files in some situations. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1482-1 introduced a regression in ClamAV that co ... oval:org.secpod.oval:def:700907 clamav: Anti-virus utility for Unix Details: USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem. We apologize for the inconvenience. Original advisory ClamAV could improperly detect malware if it opened a specia ... oval:org.secpod.oval:def:700989 python-django: High-level Python web development framework Applications using Django could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700877 update-manager: GNOME application that manages apt updates Details: USN-1443-1 fixed vulnerabilities in Update Manager. The fix for CVE-2012-0949 was discovered to be incomplete. This update fixes the problem. Original advisory Update Manager could expose sensitive information in certain circumstanc ... oval:org.secpod.oval:def:700861 update-manager: GNOME application that manages apt updates Update Manager could expose sensitive information in certain circumstances. oval:org.secpod.oval:def:701072 python-django: High-level Python web development framework Django could be made to expose sensitive information over the network. oval:org.secpod.oval:def:700979 libgc: Boehm-Demers-Weiser garbage collecting storage allocator library Applications using libgc could be made to crash or run arbitrary programs as your login. oval:org.secpod.oval:def:700867 feedparser: Universal Feed Parser for Python Applications using feedparser could be made to crash if they fetched a specially crafted feed. oval:org.secpod.oval:def:701081 libssh: A tiny C SSH library linssh could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701064 icedtea-web: A web browser plugin to execute Java applets The Icedtea-Web plugin could be made to crash or run programs as your login if it opened a specially crafted web page. oval:org.secpod.oval:def:700927 nova: OpenStack Compute cloud infrastructure Nova could be made to overwrite or corrupt arbitrary files in the compute host file system. oval:org.secpod.oval:def:701044 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700973 libconfig-inifiles-perl: Perl module for working with INI configuration files Config-IniFiles could be made to overwrite arbitrary files. oval:org.secpod.oval:def:701027 emacs23: The GNU Emacs editor Emacs could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701065 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700980 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700982 firefox: Mozilla Open Source web browser Multiple security issues were fixed in Firefox. oval:org.secpod.oval:def:700950 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:700934 xorg-server: X.Org X server The X.Org X server could be made to crash if a specially crafted input device was added. oval:org.secpod.oval:def:700932 nova: OpenStack Compute cloud infrastructure Nova could be made to not respond if passed specially crafted input. oval:org.secpod.oval:def:700885 ubuntuone-client: Ubuntu One client Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:700883 ubuntuone-storage-protocol: Python library for Ubuntu One file storage and sharing service Details: USN-1465-1 fixed a vulnerability in the Ubuntu One Client. This update adds a required fix to the Ubuntu One storage protocol library. Original advisory Fraudulent security certificates could allow se ... oval:org.secpod.oval:def:700887 nova: OpenStack Compute cloud infrastructure Nova could be prevented from applying security group policy. oval:org.secpod.oval:def:700991 ubiquity-slideshow-ubuntu: Ubiquity slideshow for Ubuntu ubiquity-slideshow-ubuntu would allow unintended access to files over the network during system installation. oval:org.secpod.oval:def:33739 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:700977 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700905 clamav: Anti-virus utility for Unix ClamAV could improperly detect malware if it opened a specially crafted file. oval:org.secpod.oval:def:700853 nova: OpenStack Compute cloud infrastructure Nova could be made to crash the system under certain conditions. oval:org.secpod.oval:def:701070 glance: OpenStack Image Registry and Delivery Service Glance could be made to delete arbitrary images. oval:org.secpod.oval:def:701061 munin: Network-wide graphing framework Several security issues were fixed in Munin. oval:org.secpod.oval:def:701047 libgssglue: header files and docs for libgssglue Privilege escalation via the GSSAPI_MECH_CONF environment variable with setuid programs. oval:org.secpod.oval:def:701038 moin: Collaborative hypertext environment Several security issues were fixed in MoinMoin. oval:org.secpod.oval:def:700945 libexif: library to parse EXIF files libexif could be made to crash, run programs as your login, or expose sensitive information if it opened a specially crafted file. oval:org.secpod.oval:def:700896 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:701040 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701045 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701036 firefox: Mozilla Open Source web browser Multiple security issues were fixed in Firefox. oval:org.secpod.oval:def:700942 kdepim: Personal Information Management apps KDE PIM could be made to execute JavaScript if it opened a specially crafted email. oval:org.secpod.oval:def:700919 python-crypto: cryptographic algorithms and protocols for Python PyCrypto improperly created ElGamal encryption keys. oval:org.secpod.oval:def:700921 accountsservice: query and manipulate user account information AccountsService could be made to read arbitrary files as the administrator. oval:org.secpod.oval:def:700860 sudo: Provide limited super user privileges to specific users Sudo could allow users to run arbitrary programs as the administrator. oval:org.secpod.oval:def:700930 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701056 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701059 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web cont ... oval:org.secpod.oval:def:700974 nss: Network Security Service library Details: USN-1540-1 fixed vulnerabilities in NSS. This update provides the corresponding updates for Ubuntu 12.04 LTS. Original advisory NSS could be made to crash if it opened a specially crafted certificate. oval:org.secpod.oval:def:701075 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701078 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:701076 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700940 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700941 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the lastest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:700939 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701037 ruby1.9.1: Interpreter of object-oriented scripting language Ruby Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:701016 ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in ruby1.9.1 oval:org.secpod.oval:def:701015 rubygems: package management framework for Ruby libraries/applications RubyGems could be made to download and install malicious gem files. oval:org.secpod.oval:def:700909 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700886 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701024 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:700936 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:700954 webkit: Web content engine library for GTK+ Multiple security vulnerabilities were fixed in WebKit. oval:org.secpod.oval:def:701052 webkit: Web content engine library for GTK+ Multiple security vulnerabilities were fixed in WebKit. oval:org.secpod.oval:def:700983 openjdk-6: Open Source Java implementation Two security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:700855 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:700844 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:700866 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701031 libxslt: XSLT processing library Applications using libxslt could be made to crash or run programs as your login if they processed a specially crafted file. oval:org.secpod.oval:def:700848 libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:34244 poppler: PDF rendering library poppler could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701074 python-keyring: store and access your passwords safely Several security issues were fixed in Python Keyring. oval:org.secpod.oval:def:21595 kde-workspace: KDE Plasma Workspace components KDE workspace could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:21594 konversation: Internet Relay Chat client for KDE Konversation could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:33563 pam: Pluggable Authentication Modules Several security issues were fixed in PAM. oval:org.secpod.oval:def:24344 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:24345 libxml-libxml-perl: Perl interface to the libxml2 library XML::LibXML could be made to expose sensitive information. oval:org.secpod.oval:def:701418 ubuntu-system-service: Dbus service to set various system-wide configurations ubuntu-system-service could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701419 software-properties: manage the repositories that you install software from Software Properties could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:702507 dpkg: Debian package management system dpkg could be tricked into bypassing source package signature checks. oval:org.secpod.oval:def:701412 language-selector: Language selector for Ubuntu language-selector could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701413 hplip: HP Linux Printing and Imaging System HPLIP could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:702742 freetype: FreeType 2 is a font engine library Several security issues were fixed in FreeType. oval:org.secpod.oval:def:702983 libssh: A tiny C SSH library Several security issues were fixed in libssh. oval:org.secpod.oval:def:701414 jockey: user interface and desktop integration for driver management Jockey could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:702988 cpio: a tool to manage archives of files Several security issues were fixed in GNU cpio. oval:org.secpod.oval:def:701415 usb-creator: create a startup disk using a CD or disc image usb-creator could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701640 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:39000 irssi: terminal based IRC client Several security issues were fixed in Irssi. oval:org.secpod.oval:def:701407 python-httplib2: comprehensive HTTP client library written for Python Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702736 openslp-dfsg: OpenSLP development files OpenSLP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701645 cups: Common UNIX Printing System CUPS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702734 libvdpau: Video Decode and Presentation API for Unix libvdpau could be made to run programs as an administrator. oval:org.secpod.oval:def:701639 python-django: High-level Python web development framework Details: USN-2169-1 fixed vulnerabilities in Django. The upstream security patch for CVE-2014-0472 introduced a regression for certain applications. This update fixes the problem. Original advisory USN-2169-1 introduced a regression in Djang ... oval:org.secpod.oval:def:702969 gtk+2.0: GTK+ graphical user interface library - gtk+3.0: GTK+ graphical user interface library GTK+ could be made to crash or run programs as your login if it processed a specially crafted image. oval:org.secpod.oval:def:701632 openjdk-6: Open Source Java implementation Details: USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. We apologize for the inconvenience. Original ad ... oval:org.secpod.oval:def:702722 firefox: Mozilla Open Source web browser Details: USN-2702-1 fixed vulnerabilities in Firefox. After upgrading, some users in the US reported that their default search engine switched to Yahoo. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2702-1 introduced ... oval:org.secpod.oval:def:702963 firefox: Mozilla Open Source web browser A same-origin-policy bypass was discovered in Firefox. oval:org.secpod.oval:def:702720 python-django: High-level Python web development framework Django could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701631 openssh: secure shell for secure access to remote machines A malicious server could bypass OpenSSH SSHFP DNS record checking. oval:org.secpod.oval:def:702961 firefox: Mozilla Open Source web browser Details: USN-2880-1 fixed vulnerabilities in Firefox. This update introduced a regression which caused Firefox to crash on startup with some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2880-1 introd ... oval:org.secpod.oval:def:701636 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:702968 eog: Eye of GNOME graphics viewer program Eye of GNOME could be made to crash or run programs as your login if it opened a specially crafted image. oval:org.secpod.oval:def:701637 python-imaging: Python Imaging Library Python Imaging Library could be made to overwrite or expose files. oval:org.secpod.oval:def:702967 libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:702966 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory USN-2855-1 introduced a regression in Samba. oval:org.secpod.oval:def:701622 libyaml: Fast YAML 1.1 parser and emitter library LibYAML could be made to crash or run programs if it opened a specially crafted YAML document. oval:org.secpod.oval:def:702710 openssh: secure shell for secure access to remote machines Details: USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem. Original advisory USN-271 ... oval:org.secpod.oval:def:701626 clamav: Anti-virus utility for Unix ClamAV has been updated to a new version. oval:org.secpod.oval:def:701623 libyaml-libyaml-perl: Perl interface to libyaml, a YAML implementation libyaml-libyaml-perl could be made to crash or run programs if it opened a specially crafted YAML file. oval:org.secpod.oval:def:701619 ca-certificates: Common CA certificates ca-certificates was updated to the 20130906 package. oval:org.secpod.oval:def:701617 initramfs-tools: tools for generating an initramfs initramfs-tools used incorrect mount options. oval:org.secpod.oval:def:701610 mutt: text-based mailreader supporting MIME, GPG, PGP and threading The mutt mail client could be made to crash or run programs as your login if it opened a specially crafted email. oval:org.secpod.oval:def:702941 rsync: fast, versatile, remote file-copying tool rsync could be made to write files outside of the expected directory. oval:org.secpod.oval:def:702940 ecryptfs-utils: eCryptfs cryptographic filesystem utilities mount.ecryptfs_private could be used to run programs as an administrator. oval:org.secpod.oval:def:701614 gtk+3.0: GTK+ graphical user interface library Details: USN-2149-1 fixed a vulnerability in librsvg. This update provides a compatibility fix for GTK+ to work with the librsvg security update. Original advisory This update provides a compatibility fix for GTK+. oval:org.secpod.oval:def:702946 curl: HTTP, HTTPS, and FTP client and client libraries curl would incorrectly re-use credentials. oval:org.secpod.oval:def:702702 swift: OpenStack distributed virtual object store Several security issues were fixed in Swift. oval:org.secpod.oval:def:701613 librsvg: renderer library for SVG files Librsvg could be made to expose sensitive information. oval:org.secpod.oval:def:701608 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to run programs as the lp user if it processed a specially crafted file. oval:org.secpod.oval:def:701609 libssh: A tiny C SSH library A security issue was fixed in libssh. oval:org.secpod.oval:def:702914 pygments: syntax highlighting package written in Python Pygments could be made to crash or run programs if it processed a specially crafted font request. oval:org.secpod.oval:def:702918 isc-dhcp: DHCP server and client DHCP server, client, or relay could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:38562 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:702905 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:702909 ldb: LDAP-like embedded database Several security issues were fixed in ldb. oval:org.secpod.oval:def:702095 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to hang if it processed a specially crafted message. oval:org.secpod.oval:def:702082 openssl: Secure Socket Layer cryptographic library and tools Details: USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem. Original advisory USN-2232-1 ... oval:org.secpod.oval:def:702081 libxml2: GNOME XML library Details: USN-2214-1 fixed vulnerabilities in libxml2. The upstream fix introduced a number of regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2214-1 introduced a regression in libxml2. oval:org.secpod.oval:def:702075 nova: OpenStack Compute cloud infrastructure Several security issues were fixed in OpenStack Nova. oval:org.secpod.oval:def:702078 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered source packages. oval:org.secpod.oval:def:702071 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702070 chkrootkit: rootkit detector chkrootkit could be made to run programs as an administrator. oval:org.secpod.oval:def:702062 openssl: Secure Socket Layer cryptographic library and tools Details: USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use tls_session_secret_cb, such as wpa_supplicant. This update fixes the problem. Original advisory ... oval:org.secpod.oval:def:702066 dpkg: Debian package management system A malicious source package could write files outside the unpack directory. oval:org.secpod.oval:def:702058 libxml2: GNOME XML library Details: USN-2214-1 fixed vulnerabilities in libxml2. The upstream fix introduced a regression when using xmllint with the --postvalid option. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2214-1 introduced a regression in libxml2 ... oval:org.secpod.oval:def:701195 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701196 transmission: lightweight BitTorrent client Transmission could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:703136 glibc: GNU C Library - eglibc: GNU C Library Details: USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-201 ... oval:org.secpod.oval:def:702045 mod-wsgi: Python WSGI adapter module for Apache mod_wsgi could be made to run programs as an administrator if it executes a specially crafted file. mod_wsgi could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702280 curl: HTTP, HTTPS, and FTP client and client libraries curl could expose sensitive information over the network. oval:org.secpod.oval:def:701188 nova: OpenStack Compute cloud infrastructure Nova could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:703110 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relax ... oval:org.secpod.oval:def:701178 keystone: OpenStack identity service Keystone could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:702265 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701179 ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby. oval:org.secpod.oval:def:702268 wget: retrieves files from the web Wget could be made to overwrite files. oval:org.secpod.oval:def:701162 keystone: OpenStack identity service Keystone could be made to fill server disks with error messages. oval:org.secpod.oval:def:703341 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:701160 linux-lts-quantal: Linux hardware enablement kernel from Quantal Details: USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-17 ... oval:org.secpod.oval:def:701161 linux: Linux kernel Details: USN-1696-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1696-1 introduced a regression in the Linux ker ... oval:org.secpod.oval:def:703580 libxslt: XSLT processing library Several security issues were fixed in Libxslt. oval:org.secpod.oval:def:702498 firefox: Mozilla Open Source web browser Firefox could be made to bypass SSL certificate verification. oval:org.secpod.oval:def:702497 mailman: Powerful, web-based mailing list manager Mailman could be made to run programs if it processed a specially crafted list name. oval:org.secpod.oval:def:701164 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a ... oval:org.secpod.oval:def:702259 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702258 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701151 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701150 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702487 libgcrypt11: LGPL Crypto library - libgcrypt20: LGPL Crypto library Several security issues were fixed in Libgcrypt. oval:org.secpod.oval:def:702243 openssl: Secure Socket Layer cryptographic library and tools OpenSSL TLSv1.2 support has been improved. oval:org.secpod.oval:def:701154 nova: OpenStack Compute cloud infrastructure Nova volume could be made to expose volumes from other users. oval:org.secpod.oval:def:702242 exuberant-ctags: build tag file indexes of source code definitions Exuberant Ctags could be made to consume resources. oval:org.secpod.oval:def:702249 openvpn: virtual private network software OpenVPN could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702248 libvncserver: vnc server library Several security issues were fixed in LibVNCServer. oval:org.secpod.oval:def:701157 linux-ti-omap4: Linux kernel for OMAP4 Details: USN-1698-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1698-1 introduced a regressi ... oval:org.secpod.oval:def:702489 tiff: Tag Image File Format library Details: USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for ... oval:org.secpod.oval:def:702246 apt: Advanced front-end for dpkg APT could be made to overwrite files. oval:org.secpod.oval:def:702488 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:702471 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701144 vino: VNC server for GNOME Vino could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701387 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:701147 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, some translations became unusable after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a regression in ... oval:org.secpod.oval:def:701371 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701372 lcms2: Little CMS 2 color management library Little CMS could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701133 nspr: NetScape Portable Runtime Library Details: USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:702223 apt: Advanced front-end for dpkg APT could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702465 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701132 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702468 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted bdf font file. oval:org.secpod.oval:def:703313 libdbd-mysql-perl: Perl5 database interface to the MySQL database DBD::mysql could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:701123 moin: Collaborative hypertext environment MoinMoin could be made to run programs and overwrite files. oval:org.secpod.oval:def:701365 libxml2: GNOME XML library Details: USN-1904-1 fixed vulnerabilities in libxml2. The update caused a regression for certain users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1904-1 introduced a regression in libxml2. oval:org.secpod.oval:def:702211 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702453 firefox: Mozilla Open Source web browser Details: USN-2505-1 fixed vulnerabilities in Firefox. This update removed the deprecated quot;-remotequot; command-line switch that some older software still depends on. This update fixes the problem. We apologize for the inconvenience. Original advisory USN- ... oval:org.secpod.oval:def:702210 apt: Advanced front-end for dpkg Several security issues were fixed in APT. oval:org.secpod.oval:def:702458 ecryptfs-utils: eCryptfs cryptographic filesystem utilities Sensitive information in encrypted home and Private directories could be exposed if an attacker gained access to your files. oval:org.secpod.oval:def:702214 nss: Network Security Service library NSS was updated to refresh the CA certificates bundle. oval:org.secpod.oval:def:702456 icu: International Components for Unicode library Details: USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. We apologize for the inconveni ... oval:org.secpod.oval:def:702455 sudo: Provide limited super user privileges to specific users Sudo would allow unintended access to files. oval:org.secpod.oval:def:703307 kdepimlibs: the KDE PIM libraries KMail could be made to run HTML if it opened a specially crafted email. oval:org.secpod.oval:def:701353 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Module::Signature could be made to run programs if it verified a signature. oval:org.secpod.oval:def:701595 icedtea-web: A web browser plugin to execute Java applets IcedTea Web could be made to expose or alter sensitive information. oval:org.secpod.oval:def:703532 audiofile: Open-source version of the SGI audiofile library audiofile could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701112 apport: automatically generate crash reports for debugging A hardening measure was added to apport. oval:org.secpod.oval:def:701596 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs if it opened a specially crafted image file. oval:org.secpod.oval:def:701110 aptdaemon: transaction based package management service Aptdaemon could be tricked into installing arbitrary PPA GPG keys. oval:org.secpod.oval:def:701352 firefox: Mozilla Open Source web browser Details: USN-1890-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in Firefox using the wrong network proxy settings. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1890 ... oval:org.secpod.oval:def:701594 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:703536 eglibc: GNU C Library Details: USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS. We apologize for the error. O ... oval:org.secpod.oval:def:702203 cups: Common UNIX Printing System CUPS could be made to expose sensitive information, leading to privilege escalation. oval:org.secpod.oval:def:702687 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702208 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701117 apparmor: Linux security system A weakness was discovered in the example AppArmor profile for chromium-browser. oval:org.secpod.oval:def:702207 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:702448 linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advis ... oval:org.secpod.oval:def:701100 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701343 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701340 puppet: Centralized configuration management Puppet could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701582 firefox: Mozilla Open Source web browser Details: USN-2102-1 fixed vulnerabilities in Firefox. The update introduced a regression which could make Firefox crash under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2102-1 introduced a regr ... oval:org.secpod.oval:def:702430 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701341 libraw: raw image decoder library LibRaw could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701586 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:703522 pidgin: graphical multi-protocol instant messaging client for X Pidgin could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702439 cups: Common UNIX Printing System CUPS could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:701107 apt: Advanced front-end for dpkg APT could expose sensitive information. oval:org.secpod.oval:def:702421 xorg-server: X.Org X11 server - xorg-server-lts-utopic: X.Org X11 server - xorg-server-lts-trusty: X.Org X11 server Several security issues were fixed in the X.Org X server. oval:org.secpod.oval:def:703510 kde4libs: KDE 4 core applications and libraries KDE-Libs could be made to expose sensitive information over the network. oval:org.secpod.oval:def:703514 icoutils: Create and extract MS Windows icons and cursors icoutils could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702422 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701339 libkdcraw: RAW picture decoding library libKDcraw could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702428 e2fsprogs: ext2/ext3/ext4 file system utilities e2fsprogs could be made to crash or run programs as an administrator if it processed a specially crafted filesystem image. oval:org.secpod.oval:def:702427 ca-certificates: Common CA certificates ca-certificates was updated to the 20141019 package. oval:org.secpod.oval:def:701320 libxv: X11 Video extension library Several security issues were fixed in libxv. oval:org.secpod.oval:def:701562 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:702410 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:702652 nbd: Network Block Device protocol Several security issues were fixed in NBD. oval:org.secpod.oval:def:702894 git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it processed an untrusted repository. oval:org.secpod.oval:def:701321 libxinerama: X11 Xinerama extension library Several security issues were fixed in libxinerama. oval:org.secpod.oval:def:701563 libgadu: Gadu-Gadu protocol library libgadu could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701560 libyaml: Fast YAML 1.1 parser and emitter library LibYAML could be made to crash or run programs if it opened specially crafted yaml document. oval:org.secpod.oval:def:702419 unzip: De-archiver for .zip files unzip could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701324 libxi: X11 Input extension library Several security issues were fixed in libxi. oval:org.secpod.oval:def:701325 libxcb: X C Binding Several security issues were fixed in libxcb. oval:org.secpod.oval:def:701567 libyaml: Fast YAML 1.1 parser and emitter library Details: USN-2098-1 fixed a vulnerability in LibYAML. The security fix used introduced a regression that caused parsing failures for certain valid YAML files. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-20 ... oval:org.secpod.oval:def:701322 libx11: X11 client-side library Several security issues were fixed in libx11. oval:org.secpod.oval:def:701323 libxrender: X Rendering Extension client library Several security issues were fixed in libxrender. oval:org.secpod.oval:def:701565 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701328 telepathy-gabble: Jabber/XMPP connection manager Several security issues were fixed in telepathy-gabble. oval:org.secpod.oval:def:702659 hplip: HP Linux Printing and Imaging System HPLIP could be tricked into downloading a different GPG key when performing printer plugin installations. oval:org.secpod.oval:def:701568 maas: Ubuntu MAAS Server The cluster could be made to run programs as an administrator. oval:org.secpod.oval:def:701551 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received a specially crafted certificate. oval:org.secpod.oval:def:701310 libxrandr: X11 RandR extension library - libxrandr-lts-quantal: X11 RandR extension library Several security issues were fixed in libxrandr. oval:org.secpod.oval:def:701552 munin: Network-wide graphing framework Several security issues were fixed in Munin. oval:org.secpod.oval:def:702640 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701319 libxt: X11 toolkit intrinsics library Several security issues were fixed in libxt. oval:org.secpod.oval:def:702408 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701313 libxp: X Printing Extension client library Several security issues were fixed in libxp. oval:org.secpod.oval:def:701555 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:701314 libxfixes: X11 miscellaneous fixes extension library Several security issues were fixed in libxfixes. oval:org.secpod.oval:def:701311 libxcursor: X cursor management library Several security issues were fixed in libxcursor. oval:org.secpod.oval:def:701553 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:701312 libdmx: X11 Distributed Multihead extension library Several security issues were fixed in libdmx. oval:org.secpod.oval:def:701554 libotr: Off-the-Record Messaging library Applications using the OTR secure chat protocol could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701317 libxxf86vm: X11 XFree86 video mode extension library Several security issues were fixed in libxxf86vm. oval:org.secpod.oval:def:701559 curl: HTTP, HTTPS, and FTP client and client libraries libcurl could be made to expose sensitive information. oval:org.secpod.oval:def:702407 binutils: GNU assembler, linker and binary utilities Applications from GNU binutils could be made to crash, run programs, or delete arbitrary files as your login if they opened a specially crafted file. oval:org.secpod.oval:def:702406 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:701315 libfs: X11 Font Services library Several security issues were fixed in libfs. oval:org.secpod.oval:def:701316 libxres: X11 Resource extension library Several security issues were fixed in libxres. oval:org.secpod.oval:def:702404 python-django: High-level Python web development framework Details: USN-2469-1 fixed vulnerabilities in Django. The security fix for CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04 LTS when serving static content through GZipMiddleware. This update fixes the problem. We ap ... oval:org.secpod.oval:def:702646 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701540 puppet: Centralized configuration management Details: USN-2077-1 fixed a vulnerability in Puppet. The upstream patch introduced a regression resulting in the default file mode being incorrect. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2077-1 introduced ... oval:org.secpod.oval:def:702872 libsndfile: Library for reading/writing audio files libsndfile could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701541 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701308 libxxf86dga: X11 Direct Graphics Access extension library Several security issues were fixed in libxxf86dga. oval:org.secpod.oval:def:701309 libxext: X11 miscellaneous extensions library Several security issues were fixed in libxext. oval:org.secpod.oval:def:702639 libwmf: Windows metafile conversion tools libwmf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701544 memcached: A high-performance memory object caching system Several security issues were fixed in Memcached. oval:org.secpod.oval:def:701545 graphviz: rich set of graph drawing tools Graphviz could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702875 foomatic-filters: OpenPrinting printer support - filters foomatic-filters could be made to run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:701548 devscripts: scripts to make the life of a Debian Package maintainer easier devscripts could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701307 libxvmc: X11 Video extension library Several security issues were fixed in libxvmc. oval:org.secpod.oval:def:701546 hplip: HP Linux Printing and Imaging System Several security issues were fixed in HPLIP. oval:org.secpod.oval:def:702860 gnutls26: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702623 unattended-upgrades: automatic installation of security upgrades An attacker could trick unattended-upgrades into installing altered packages. oval:org.secpod.oval:def:702622 tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:702869 foomatic-filters: OpenPrinting printer support - filters foomatic-filters could be made to run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:701538 puppet: Centralized configuration management Puppet could be made to overwrite files. oval:org.secpod.oval:def:702618 linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Origi ... oval:org.secpod.oval:def:702617 linux: Linux kernel Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory The system could be made to cr ... oval:org.secpod.oval:def:701522 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702612 wpa: client support for WPA and WPA2 - wpasupplicant: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:701523 curl: HTTP, HTTPS, and FTP client and client libraries Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702611 aptdaemon: transaction based package management service Aptdaemon could be made to expose sensitive information, or allow file access as the administrator. oval:org.secpod.oval:def:702616 linux-ti-omap4: Linux kernel for OMAP4 Details: The Fix for CVE-2015-1328 introduced a regression into the Linux kernel"s overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory The system ... oval:org.secpod.oval:def:702857 dpkg: Debian package management system dpkg-deb could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702614 patch: Apply a diff file to an original Several security issues were fixed in GNU patch. oval:org.secpod.oval:def:702856 python-django: High-level Python web development framework Django could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702613 devscripts: scripts to make the life of a Debian Package maintainer easier devscripts could be made to overwrite files. oval:org.secpod.oval:def:39117 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:702608 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701517 djvulibre: DjVu image format library and tools DjVuLibre could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702607 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702849 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-304-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-352: NVIDIA binary X.Org dri ... oval:org.secpod.oval:def:701511 curl: HTTP, HTTPS, and FTP client and client libraries Details: USN-2048-1 fixed a vulnerability in curl. The security fix uncovered a bug in the curl command line tool which resulted in the --insecure option not working as intended. This update fixes the problem. We apologize for the inconvenience ... oval:org.secpod.oval:def:702603 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701508 curl: HTTP, HTTPS, and FTP client and client libraries Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702833 unzip: De-archiver for .zip files Details: USN-2788-1 fixed vulnerabilities in unzip. One of the security patches caused a regression when extracting 0-byte files. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2788-1 introduced a regression in unzip. oval:org.secpod.oval:def:702823 libreoffice: Office productivity suite Several security issues were fixed in LibreOffice. oval:org.secpod.oval:def:702817 xscreensaver: Automatic screensaver for X The system could be made to expose sensitive information. oval:org.secpod.oval:def:702816 unzip: De-archiver for .zip files unzip could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702810 apport: automatically generate crash reports for debugging Apport could be made to run programs as an administrator. oval:org.secpod.oval:def:701961 python-django: High-level Python web development framework Django applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702812 audiofile: Open-source version of the SGI audiofile library audiofile could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701957 swift: OpenStack distributed virtual object store OpenStack Swift would allow unintended access to files over the network. oval:org.secpod.oval:def:701951 pidgin: graphical multi-protocol instant messaging client for X Pidgin could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701952 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701956 dpkg: Debian package management system A malicious source package could write files outside the unpack directory. oval:org.secpod.oval:def:701947 libxml2: GNOME XML library libxml2 could be made to consume resources if it processed a specially crafted file. oval:org.secpod.oval:def:701940 lxml: pythonic binding for the libxml2 and libxslt libraries lxml could allow cross-site scripting attacks. oval:org.secpod.oval:def:701941 dovecot: IMAP and POP3 email server Dovecot could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:701944 dpkg: Debian package management system Details: USN-2183-1 fixed a vulnerability in dpkg. Javier Serrano Polo discovered that the fix introduced a vulnerability in releases with an older version of the patch utility. This update fixes the problem. Original advisory A malicious source package could w ... oval:org.secpod.oval:def:701932 libgadu: Gadu-Gadu protocol library libgadu could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:703072 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to hang if it processed specially crafted data. oval:org.secpod.oval:def:703055 optipng: advanced PNG optimizer OptiPNG could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703054 firefox: Mozilla Open Source web browser Details: USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2917-1 introduced several regressions in Firefox. oval:org.secpod.oval:def:703042 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703040 xchat-gnome: simple and featureful IRC client for GNOME XChat-GNOME could be made to expose sensitive information over the network. oval:org.secpod.oval:def:703049 firefox: Mozilla Open Source web browser Details: USN-2917-1 fixed vulnerabilities in Firefox. This update caused several regressions that could result in search engine settings being lost, the list of search providers appearing empty or the location bar breaking after typing an invalid URL. This up ... oval:org.secpod.oval:def:26231 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:703032 pam: Pluggable Authentication Modules Details: USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2935-1 introduced a reg ... oval:org.secpod.oval:def:703030 pam: Pluggable Authentication Modules Details: USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. USN-2935-2 intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This update fixes the problem in ... oval:org.secpod.oval:def:702188 gnupg: GNU privacy guard - a free PGP replacement GnuPG could expose sensitive information when performing decryption. oval:org.secpod.oval:def:702187 libgcrypt11: LGPL Crypto library Libgcrypt could expose sensitive information when performing decryption. oval:org.secpod.oval:def:703271 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703262 python-imaging: Python Imaging Library Python Imaging Library could be made to crash if it received specially crafted input or opened a specially crafted file. oval:org.secpod.oval:def:703267 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703029 exim4: Exim is a mail transport agent Several security issues were fixed in Exim. oval:org.secpod.oval:def:703010 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:703015 bsh: Java scripting environment BeanShell could be made to run programs if it processed specially crafted input. oval:org.secpod.oval:def:703014 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:703019 libotr: Off-the-Record Messaging library OTR could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:703258 imlib2: Image manipulation and rendering library Several security issues were fixed in Imlib2. oval:org.secpod.oval:def:702152 serf: high-performance asynchronous HTTP client library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702394 firefox: Mozilla Open Source web browser Details: USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a regression which could make websites that use CSP fail to load under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-24 ... oval:org.secpod.oval:def:702151 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702398 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:703245 libidn: implementation of IETF IDN specifications Several security issues were fixed in Libidn. oval:org.secpod.oval:def:703002 gnutls26: GNU TLS library Details: USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal. Original advisory Updated GnuTLS packages are required for the USN-2913 ... oval:org.secpod.oval:def:703001 glib-networking: network-related giomodules for GLib Details: USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the glib-networking package to properly handle the removal. Original advisory Updated glib-netw ... oval:org.secpod.oval:def:703008 perl: Practical Extraction and Report Language Several security issues were fixed in Perl. oval:org.secpod.oval:def:703007 pixman: pixel-manipulation library for X and cairo pixman could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:703005 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702142 kde4libs: KDE 4 core applications and libraries kauth could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:702141 acpi-support: scripts for handling many ACPI events The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701298 kde4libs: KDE 4 core applications and libraries KDE-Libs could be made to expose web credentials. oval:org.secpod.oval:def:702388 elfutils: collection of utilities to handle ELF objects elfutils could be made to overwrite files in the root directory if it received a specially crafted file. oval:org.secpod.oval:def:701296 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:702144 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:703475 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Tomcat could be made to consume resources if it received specially crafted network traffic. oval:org.secpod.oval:def:702370 pyyaml: YAML parser and emitter for Python Applications using PyYAML could be made to crash if they received specially crafted input. oval:org.secpod.oval:def:701287 nova: OpenStack Compute cloud infrastructure Nova could be made to crash the system if instances used a specially crafted image. oval:org.secpod.oval:def:702377 curl: HTTP, HTTPS, and FTP client and client libraries curl could be tricked into adding arbitrary requests when following certain URLs. oval:org.secpod.oval:def:701288 keystone: OpenStack identity service Keystone would allow unintended access over the network. oval:org.secpod.oval:def:702376 libyaml: Fast YAML 1.1 parser and emitter library Applications using LibYAML could be made to crash if they received specially crafted input. oval:org.secpod.oval:def:702375 gparted: GNOME partition editor GParted could be made to run programs as an administrator. oval:org.secpod.oval:def:702139 lzo2: data compression library LZO could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702379 libevent: Asynchronous event notification library libevent could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702120 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703451 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Details: USN-3177-1 fixed vulnerabilities in Tomcat. The update introduced a regression in environments where Tomcat is started with a security manager. This update fixes the problem. We apologize for the inconvenience. Original advis ... oval:org.secpod.oval:def:701273 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:702361 libyaml-libyaml-perl: Perl interface to libyaml, a YAML implementation Applications using libyaml-libyaml-perl could be made to crash if they received specially crafted input. oval:org.secpod.oval:def:701276 mesa: free implementation of the EGL API Mesa could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:701277 gpsd: Global Positioning System - daemon gpsd could be made to crash or possibly run programs if it received specially crafted input. oval:org.secpod.oval:def:702369 git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it received specially crafted changes from a remote repository. oval:org.secpod.oval:def:701278 telepathy-idle: IRC connection manager for Telepathy telepathy-idle could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702368 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702367 coreutils: GNU core utilities date and touch could be made to crash or run programs if they handled specially crafted input. oval:org.secpod.oval:def:703214 kde4libs: KDE 4 core applications and libraries KDE-Libs could be made to overwrite files. oval:org.secpod.oval:def:703456 squid3: Web proxy cache server Squid could be made to expose sensitive information over the network. oval:org.secpod.oval:def:703218 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701261 icedtea-web: A web browser plugin to execute Java applets Details: USN-1804-1 fixed vulnerabilities in IcedTea-Web. This update introduced a regression with the Java Network Launching Protocol when fetching content over SSL under certain configurations, such as when using the community-supported Ic ... oval:org.secpod.oval:def:701262 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702350 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702592 cups: Common UNIX Printing System Several security issues were fixed in CUPS. oval:org.secpod.oval:def:702353 cpio: a program to manage archives of files The GNU cpio program could be made to crash or run programs if it opened a specially crafted file or received specially crafted input. oval:org.secpod.oval:def:702352 mime-support: MIME support programs run-mailcap could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702116 transmission: lightweight BitTorrent client Transmission could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702115 miniupnpc: UPnP IGD client lightweight library client MiniUPnPc could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703204 pidgin: graphical multi-protocol instant messaging client for X Pidgin could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702356 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702581 apache2: Apache HTTP server Several security improvements have been made to the Apache HTTP Server. oval:org.secpod.oval:def:701254 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702584 openssl: Secure Socket Layer cryptographic library and tools The export cipher suites have been disabled in OpenSSL. oval:org.secpod.oval:def:701253 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver - nvidia-settings: Tool for configuring the NVIDIA graphics driver - nvidia-settings-updates: Tool for configuring the NVIDIA graphics driver NVIDIA graphics drivers could be made to run p ... oval:org.secpod.oval:def:701495 pixman: pixel-manipulation library for X and cairo pixman could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:702583 ipsec-tools: IPsec tools for Linux ipsec-tools could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701258 icedtea-web: A web browser plugin to execute Java applets Two security issues were fixed in IcedTea-Web. oval:org.secpod.oval:def:703437 icoutils: Create and extract MS Windows icons and cursors icoutils could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701256 samba: SMB/CIFS file, print, and login server for Unix Samba would allow unintended write access to files over the network. oval:org.secpod.oval:def:701257 xorg-server: X.Org X server - xorg-server-lts-quantal: X.Org X server The X server could be made to reveal keystrokes of other users. oval:org.secpod.oval:def:701499 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:702587 qt4-x11: Qt 4 libraries - qtbase-opensource-src: Qt 5 libraries Qt could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701485 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702575 apport: automatically generate crash reports for debugging Apport could be tricked into creating arbitrary files as an administrator, resulting in privilege escalation. oval:org.secpod.oval:def:702574 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702330 mutt: text-based mailreader supporting MIME, GPG, PGP and threading The mutt mail client could be made to crash if it opened a specially crafted email. oval:org.secpod.oval:def:702572 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701246 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702339 xorg-server: X.Org X11 server - xorg-server-lts-trusty: Xorg X server - source files Details: USN-2436-1 fixed vulnerabilities in the X.Org X server. Since publication, additional fixes have been made available for these issues. This update adds the additional fixes. Original advisory USN-2436-1 con ... oval:org.secpod.oval:def:701471 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703411 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702321 tcpdump: command-line network traffic analyzer Several security issues were fixed in tcpdump. oval:org.secpod.oval:def:702320 maas: Ubuntu MAAS Server Details: USN-2431-1 fixed vulnerabilities in mod_wsgi. The security update exposed an issue in the MAAS package, causing a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2431-1 caused a regression in the MAAS package. oval:org.secpod.oval:def:701473 maas: Ubuntu MAAS Server MAAS could be made to run programs as an administrator. oval:org.secpod.oval:def:701236 poppler: PDF rendering library Applications using poppler could be made to crash or possibly run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:702326 graphviz: rich set of graph drawing tools graphviz could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:703415 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to expose sensitive information. oval:org.secpod.oval:def:701238 libxslt: XSLT processing library Applications using libxslt could be made to crash if they processed a specially crafted file. oval:org.secpod.oval:def:702569 fuse: Filesystem in Userspace FUSE could be made to overwrite files as the administrator. oval:org.secpod.oval:def:702310 flac: Free Lossless Audio Codec FLAC could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702552 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Several security issues were fixed in Module::Signature. oval:org.secpod.oval:def:702551 openssl: Secure Socket Layer cryptographic library and tools OpenSSL TLSv1.2 client support has been enabled in Ubuntu 12.04 LTS. oval:org.secpod.oval:def:702793 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information across origins oval:org.secpod.oval:def:701462 swift: OpenStack distributed virtual object store Swift could cause the system to crash if it received specially crafted requests over the network. oval:org.secpod.oval:def:702550 linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: USN-2597-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes th ... oval:org.secpod.oval:def:702792 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database PostgreSQL could be made to crash or expose private information if it handled specially crafted data. oval:org.secpod.oval:def:703409 linux: Linux kernel The system could be made to expose sensitive information. oval:org.secpod.oval:def:701225 nova: OpenStack Compute cloud infrastructure Two security issues were fixed in Nova. oval:org.secpod.oval:def:702315 mod-wsgi: Python WSGI adapter module for Apache mod_wsgi could be made to run programs with incorrect privileges. oval:org.secpod.oval:def:701465 suds: Lightweight SOAP client for Python Suds could be made to overwrite files. oval:org.secpod.oval:def:702555 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:701224 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:701466 apport: automatically generate crash reports for debugging Apport could be made to expose privileged information. oval:org.secpod.oval:def:702796 miniupnpc: UPnP IGD client lightweight library An application using the MiniUPnP library could be made to crash or run programs as your login if it received specially crafted network traffic. oval:org.secpod.oval:def:703401 apport: automatically generate crash reports for debugging Apport could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702319 ppp: Point-to-Point Protocol ppp could be made to crash or run programs as an administrator if it opened a specially crafted file. oval:org.secpod.oval:def:702318 openvpn: virtual private network software OpenVPN could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701210 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:702300 kde-runtime: runtime components from the official KDE release KDE-Runtime could be made to run arbitrary javascript. oval:org.secpod.oval:def:702540 dnsmasq: Small caching DNS proxy and DHCP/TFTP server Dnsmasq could be made to crash or expose sensitive information if it received specially crafted network traffic. oval:org.secpod.oval:def:702309 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:701213 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:701216 glance: OpenStack Image Registry and Delivery Service Glance could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701217 nspr: NetScape Portable Runtime Library Details: USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:702789 gdk-pixbuf: GDK Pixbuf library GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701442 nas: Network Audio System Several security issues were fixed in Network Audio System . oval:org.secpod.oval:def:702770 rpcbind: converts RPC program numbers into universal addresses rpcbind could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701203 openssl: Secure Socket Layer cryptographic library and tools Details: USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0166 and CVE-2012-2686 introduced a regression causing decryption failures on hardware supporting AES-NI. This update temporarily reverts the security fix pending ... oval:org.secpod.oval:def:701204 firefox: Mozilla Open Source web browser Details: USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in freezes and crashes when using multiple tabs with images displayed. This update fixes the problem. We apologize for the inconvenience. Origin ... oval:org.secpod.oval:def:702776 firefox: Mozilla Open Source web browser Details: USN-2743-1 fixed vulnerabilities in Firefox. After upgrading, some users reported problems with bookmark creation and crashes in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2743-1 intro ... oval:org.secpod.oval:def:701207 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:702520 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702761 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-304-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340-updates: NVIDIA binary X.Org driver - nvidia-graphics-drivers-346: NVIDIA binary X.Org dri ... oval:org.secpod.oval:def:701670 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702523 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702528 ppp: Point-to-Point Protocol ppp could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701436 txt2man: Converts flat ASCII text to man page format txt2man could be made to overwrite files. oval:org.secpod.oval:def:701437 libkdcraw: RAW picture decoding library libKDcraw could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:703614 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file. oval:org.secpod.oval:def:701420 rtkit: Realtime Policy and Watchdog Daemon RealtimeKit could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:702992 nss: Network Security Service library Details: USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning change in Ubuntu 12.04 LTS caused a regression when building software against NSS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2903-1 i ... oval:org.secpod.oval:def:702519 tcpdump: command-line network traffic analyzer tcpdump could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702518 usb-creator: create a startup disk using a CD or disc image usb-creator could be tricked into running programs as an administrator. oval:org.secpod.oval:def:701423 libraw: raw image decoder library LibRaw could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701424 pyopenssl: Python wrapper around the OpenSSL library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702996 openssl: Secure Socket Layer cryptographic library and tools Details: USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the OpenSSL package to properly handle the removal. Original advisory Updated OpenSSL ... oval:org.secpod.oval:def:701421 apt-xapian-index: maintenance and search tools for a Xapian index of Debian package apt-xapian-index could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:702995 ca-certificates: Common CA certificates ca-certificates was updated to the 20160104 package. oval:org.secpod.oval:def:702510 libxrender: X11 Rendering Extension client library - libx11: X11 client-side library libx11 could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702752 apport: automatically generate crash reports for debugging Apport could be made to crash or overwrite files as an administrator. oval:org.secpod.oval:def:701425 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701097 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700852 samba: SMB/CIFS file, print, and login server for Unix Samba could allow a user to gain administrative privileges to the Samba server. oval:org.secpod.oval:def:701011 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be tricked into downloading a different key when downloading from a key server. oval:org.secpod.oval:def:700935 openjdk-6: Open Source Java implementation - icedtea-web: A web browser plugin to execute Java applets Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702964 postgresql-9.4: Object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database PostgreSQL could be made to crash or run programs if it handled specially crafted data. oval:org.secpod.oval:def:701060 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701380 evolution-data-server: Evolution suite data server Evolution would sometimes encrypt email to the wrong recipient. oval:org.secpod.oval:def:702351 bsd-mailx: simple mail user agent bsd-mailx could be made to run programs if it parsed a specially crafted email address. oval:org.secpod.oval:def:703474 gtk-vnc: VNC viewer widget gtk-vnc could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:703394 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703388 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703387 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703191 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703115 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703528 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702923 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:702971 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702965 glibc: GNU C Library - eglibc: GNU C Library GNU C Library could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702861 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:703131 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702717 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703033 pam: Pluggable Authentication Modules Several security issues were fixed in PAM. oval:org.secpod.oval:def:26405 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702470 gnutls28: GNU TLS library - gnutls26: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:702629 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to crash or run programs as the lp user if it processed a specially crafted print job. oval:org.secpod.oval:def:702437 glibc: GNU C Library - eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702464 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:702333 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702288 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:21593 libreoffice: Office productivity suite LibreOffice could be made to embed sensitive information into documents. oval:org.secpod.oval:def:702157 gpgme1.0: GPGME - GnuPG Made Easy GPGME could be made to crash or run programs as your login if it processed a specially crafted certificate. oval:org.secpod.oval:def:702234 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:702119 cups: Common UNIX Printing System CUPS could be made to expose sensitive information, leading to privilege escalation. oval:org.secpod.oval:def:702140 jinja2: small but fast and easy to use stand-alone template engine A security issue was fixed in Jinja2. oval:org.secpod.oval:def:701958 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:701627 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to expose sensitive information over the network, possibly including private keys. oval:org.secpod.oval:def:701606 udisks: service to access and manipulate storage devices - udisks2: service to access and manipulate storage devices UDisks could be made to manipulate directories as the administrator. oval:org.secpod.oval:def:701518 qt4-x11: Qt 4 libraries - qtbase-opensource-src: Qt 5 libraries Qt could be made to consume resources and hang if it processed XML data. oval:org.secpod.oval:def:701422 policykit-1: framework for managing administrative policies and privileges polkit could be tricked into giving out improper authorization. oval:org.secpod.oval:def:701411 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:701460 nova: OpenStack Compute cloud infrastructure Nova could be made to crash if it received specially crafted network requests. oval:org.secpod.oval:def:701351 pymongo: Python interface to the MongoDB document-oriented database PyMongo could be made to crash under certain conditions. oval:org.secpod.oval:def:701326 xserver-xorg-video-openchrome: X.Org X server -- VIA display driver - xserver-xorg-video-openchrome-lts-quantal: X.Org X server -- VIA display driver Several security issues were fixed in xserver-xorg-video-openchrome. oval:org.secpod.oval:def:701318 libxtst: X11 Record extension library Several security issues were fixed in libxtst. oval:org.secpod.oval:def:701391 linux: Linux kernel The system could be made to expose sensitive information. oval:org.secpod.oval:def:701230 gnome-online-accounts: GNOME Online Accounts GNOME Online Accounts could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701153 glance: OpenStack Image Registry and Delivery Service Glance could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701175 qt4-x11: Qt 4 libraries Several security issues were fixed in Qt. oval:org.secpod.oval:def:701163 xserver-xorg-video-qxl: X.Org X server -- QXL display driver Guests using the QXL graphics driver could be caused to hang or crash. oval:org.secpod.oval:def:701152 libvirt: Libvirt virtualization toolkit libvirt could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701156 squid3: Full featured Web Proxy cache - squid: Internet object cache squid-cgi could consume excessive system resources, leading to a denial of service attack on it and other hosted services. oval:org.secpod.oval:def:701145 php5: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701099 tiff: Tag Image File Format library Programs that use LibTIFF could be made to crash or run programs if they opened a specially crafted file. oval:org.secpod.oval:def:701082 keystone: OpenStack identity service Keystone would allow unintended access to files over the network. oval:org.secpod.oval:def:701021 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs. oval:org.secpod.oval:def:701071 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701020 devscripts: scripts to make the life of a Debian Package maintainer easier Several security issues were fixed in devscripts. oval:org.secpod.oval:def:700997 keystone: OpenStack identity service OpenStack Keystone did not properly handle user role changes oval:org.secpod.oval:def:700998 horizon: Web interface for OpenStack cloud infrastructure OpenStack Horizon could help expose sensitive information. oval:org.secpod.oval:def:700984 keystone: OpenStack identity service Two security issues were fixed in OpenStack Keystone. oval:org.secpod.oval:def:701029 dbus: simple interprocess messaging system Details: USN-1576-1 fixed vulnerabilities in DBus. The update caused a regression for certain services launched from the activation helper, and caused an unclean shutdown on upgrade. This update fixes the problem. We apologize for the inconvenience. Origina ... oval:org.secpod.oval:def:701007 dbus: simple interprocess messaging system DBus could be made to run programs as an administrator. oval:org.secpod.oval:def:700992 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701022 eglibc: GNU C Library - glibc: GNU C Library Multiple security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:700970 libotr: Off-the-Record Messaging library Applications using Off-the-Record messaging plugins could be made to crash or run programs if it received specially crafted network messages. oval:org.secpod.oval:def:700976 nova: OpenStack Compute cloud infrastructure Nova could be made to overwrite or corrupt arbitrary files in the compute host file system. oval:org.secpod.oval:def:700957 calligra: integrated work applications suite Calligra could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700943 tiff: Tag Image File Format library tiff2pdf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700966 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700952 qemu-kvm: Machine emulator and virtualizer QEMU could be made to overwrite files as the administrator, or expose sensitive information. oval:org.secpod.oval:def:700925 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700914 linux: Linux kernel The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700851 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700854 php5: HTML-embedded scripting language interpreter Standalone PHP CGI scripts could be made to execute arbitrary code with the privilege of the web server. oval:org.secpod.oval:def:701142 rpm: package manager for RPM RPM could be made to crash or run programs if it opened a specially crafted package file. oval:org.secpod.oval:def:702202 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702184 lua5.1: Simple, extensible, embeddable programming language Lua could be made to crash or run programs. oval:org.secpod.oval:def:702311 libksba: X.509 and CMS support library Libksba could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:703035 git: fast, scalable, distributed revision control system Git could be made to crash or run programs as your login if it received changes from a specially crafted remote repository. oval:org.secpod.oval:def:702069 json-c: JSON manipulation library json-c could be made to crash or consume CPU if it processed a specially crafted JSON document. oval:org.secpod.oval:def:701197 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:34609 libksba: X.509 and CMS support library Libksba could be made to crash or run programs if it decoded specially crafted data. oval:org.secpod.oval:def:701359 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:701448 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:702232 bash: GNU Bourne Again SHell Bash allowed bypassing environment restrictions in certain environments. oval:org.secpod.oval:def:702228 bash: GNU Bourne Again SHell Bash allowed bypassing environment restrictions in certain environments. oval:org.secpod.oval:def:701410 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701417 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701194 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701199 dbus-glib: simple interprocess messaging system An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges. oval:org.secpod.oval:def:701191 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701181 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701171 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701177 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701392 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701140 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701382 ubufox: Ubuntu Firefox specific configuration defaults and apt support - unity-firefox-extension: Unity Integration for Firefox Details: USN-1924-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox and Unity Firefox Extension. Original advisory This update p ... oval:org.secpod.oval:def:701383 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701381 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701384 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701146 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701370 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701135 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:701360 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701362 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701126 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701125 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701129 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701358 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language An attacker could trick Ruby into trusting a rogue server. oval:org.secpod.oval:def:701356 openssl: Secure Socket Layer cryptographic library and tools Applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701342 mesa: free implementation of the EGL API - mesa-lts-quantal: free implementation of the EGL API Mesa could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:701346 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701103 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database MySQL could be made to run programs if it received specially crafted network traffic from an authenticated user. oval:org.secpod.oval:def:701345 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701349 curl: HTTP, HTTPS, and FTP client and client libraries libcurl could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:701561 perl: Practical Extraction and Report Language Perl could be made to run programs if it processed a specially crafted Locale::Maketext templates. oval:org.secpod.oval:def:702839 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:700888 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database - mysql-dfsg-5.0: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:700872 openssl: Secure Socket Layer cryptographic library and tools Applications using OpenSSL in certain situations could be made to crash or expose sensitive information. oval:org.secpod.oval:def:700868 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701098 cups: Common UNIX Printing System - cupsys: Common UNIX Printing System CUPS could be made to read files or run programs as an administrator. oval:org.secpod.oval:def:701086 perl: Larry Wall"s Practical Extraction and Report Language Perl programs could be made to crash or run programs if they receive specially crafted network traffic or other input. oval:org.secpod.oval:def:701077 tomcat6: Servlet and JSP engine Several security issues were fixed in Apache Tomcat. oval:org.secpod.oval:def:701067 qt4-x11: Qt 4 libraries Qt applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701066 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:701050 ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby. oval:org.secpod.oval:def:701280 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701275 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701039 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:701279 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701255 curl: HTTP, HTTPS, and FTP client and client libraries Applications using libcurl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701018 freeradius: a high-performance and highly configurable RADIUS server FreeRADIUS could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701482 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701480 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701243 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701245 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701233 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Ruby could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701235 libxml2: GNOME XML library libxml2 could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701223 perl: Practical Extraction and Report Language Perl could be made to stop responding if it received specially crafted input. oval:org.secpod.oval:def:701228 openssl: Secure Socket Layer cryptographic library and tools Details: USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 was reverted in USN-1732-2 because of a regression. This update restores the security fix, and includes an extra fix from upstream to addres ... oval:org.secpod.oval:def:701452 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to expose sensitive information to a local user. oval:org.secpod.oval:def:701211 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory Thunderbird could be made to crash or run programs as your login. oval:org.secpod.oval:def:701451 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to expose sensitive information to a local user. oval:org.secpod.oval:def:701215 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701219 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701458 linux: Linux kernel The system could be made to expose sensitive information to a local user. oval:org.secpod.oval:def:701200 sudo: Provide limited super user privileges to specific users Sudo could be made to run programs as the administrator without a password prompt. oval:org.secpod.oval:def:701209 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701206 openjdk-6: Open Source Java implementation OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701439 hplip: HP Linux Printing and Imaging System HPLIP could be made to overwrite files. oval:org.secpod.oval:def:701638 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701634 php5: HTML-embedded scripting language interpreter PHP could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701635 file: Tool to determine file types File could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701621 samba: SMB/CIFS file, print, and login server for Unix Samba did not properly enforce the password guessing protection mechanism. oval:org.secpod.oval:def:701618 apache2: Apache HTTP server Apache HTTP server could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701616 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701611 sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo. oval:org.secpod.oval:def:701615 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:700999 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:700949 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702089 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:702077 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702061 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:33379 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:702271 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702263 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702264 libxml2: GNOME XML library libxml2 could be made to consume resources if it processed a specially crafted file. oval:org.secpod.oval:def:702491 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702256 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702255 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702490 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702257 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702245 file: Tool to determine file types file could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702230 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Fraudulent security certificates could allow sensitive information to be exposed when accessing the Inter ... oval:org.secpod.oval:def:702236 rsyslog: Enhanced syslogd Rsyslog could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:702222 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701374 gnupg: GNU privacy guard - a free PGP replacement - libgcrypt11: LGPL Crypto library - runtime library GnuPG and Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:702462 icu: International Components for Unicode library Details: USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression. We apologize for the inconvenience. Original advisory IC ... oval:org.secpod.oval:def:701137 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702225 firefox: Mozilla Open Source web browser Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:702467 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701378 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701128 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to corrupt the keyring if it imported a specially crafted key. oval:org.secpod.oval:def:701590 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702441 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702205 php5: HTML-embedded scripting language interpreter php5 could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:702447 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:702204 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702446 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701584 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701585 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701104 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701588 file: Tool to determine file types File could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701348 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:702429 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:702402 file: Tool to determine file types file could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701543 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701547 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701539 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted font file. oval:org.secpod.oval:def:701520 gnupg: GNU privacy guard - a free PGP replacement GnuPG could expose sensitive information when performing decryption. oval:org.secpod.oval:def:701512 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701514 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:700880 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701959 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701954 libxfont: X11 font rasterisation library Several security issues were fixed in libXfont. oval:org.secpod.oval:def:701935 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701934 libxalan2-java: XSL Transformations processor in Java Xalan-Java could be made to load arbitrary classes or access external resources. oval:org.secpod.oval:def:702185 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702162 krb5: MIT Kerberos Network Authentication Protocol Several security issues were fixed in Kerberos. oval:org.secpod.oval:def:702156 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702397 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702159 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:702158 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701299 gnutls26: GNU TLS library GnuTLS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702145 eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:702373 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox. Original advisory This update provides compatible packages for Firefox 35. oval:org.secpod.oval:def:701289 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701035 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702365 rpm: package manager for RPM Several security issues were fixed in RPM. oval:org.secpod.oval:def:702364 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702363 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702126 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702113 file: Tool to determine file types File could be made to crash or hang if it processed specially crafted data. oval:org.secpod.oval:def:702112 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701492 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702340 nvidia-graphics-drivers-304: NVIDIA binary Xorg driver - nvidia-graphics-drivers-304-updates: NVIDIA binary Xorg driver - nvidia-graphics-drivers-331: NVIDIA binary Xorg driver - nvidia-graphics-drivers-331-updates: NVIDIA binary Xorg driver Several security issues were fixed in the NVIDIA graphics ... oval:org.secpod.oval:def:702573 openldap: OpenLDAP utilities OpenLDAP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701000 bind9: Internet Domain Name Server Bind could be made to crash or if it received specially crafted network traffic. oval:org.secpod.oval:def:702337 xorg-server: X.Org X11 server - xorg-server-lts-trusty: X.Org X11 server Several security issues were fixed in the X.Org X server. oval:org.secpod.oval:def:701470 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701237 bind9: Internet Domain Name Server Bind could be made to consume memory or crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701468 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702314 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701469 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702316 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701450 eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:701214 php5: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702788 commons-httpclient: A Java library for creating HTTP clients Several security issues were fixed in commons-httpclient. oval:org.secpod.oval:def:701440 vino: VNC server for GNOME Vino could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:701446 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:701202 gnutls26: GNU TLS library - gnutls13: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701449 xorg-server: X.Org X11 server - xorg-server-lts-quantal: X.Org X11 server - xorg-server-lts-raring: X.Org X11 server The X.Org X server could be made to crash or run programs as an administrator if it received specially crafted input. oval:org.secpod.oval:def:22313 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:701660 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701426 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:702746 openldap: OpenLDAP utilities Several security issues were fixed in OpenLDAP. oval:org.secpod.oval:def:702745 icu: International Components for Unicode library Several security issues were fixed in ICU. oval:org.secpod.oval:def:702733 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702732 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to expose sensitive information. oval:org.secpod.oval:def:702737 linux: Linux kernel The system could be made to expose sensitive information. oval:org.secpod.oval:def:702726 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702708 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information from local files. oval:org.secpod.oval:def:702709 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:702937 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702900 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:700944 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:700937 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703180 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703178 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703177 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700901 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:25767 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703380 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703373 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703378 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703349 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703320 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703324 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703311 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703319 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to run programs as an administrator. oval:org.secpod.oval:def:703317 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702692 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702695 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703300 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703540 linux: Linux kernel - linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703303 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703539 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702651 mysql-5.6: MySQL database development files - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703501 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703504 linux: Linux kernel - linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702644 linux: Linux kernel The system could be made to expose sensitive information to local applications. oval:org.secpod.oval:def:702634 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:702637 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to expose sensitive information to local applications. oval:org.secpod.oval:def:702600 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:700897 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702826 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703098 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:703053 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:703260 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:703251 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703256 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703012 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703254 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702392 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703230 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703233 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702372 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:703464 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703229 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703454 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703453 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702596 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:703209 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703432 bind9: Internet Domain Name Server Several security issues were fixed in Bind. oval:org.secpod.oval:def:701005 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701006 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703428 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702338 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703427 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702560 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702564 linux: Linux kernel The system could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702557 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702785 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702549 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702762 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702753 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702516 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702514 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:39292 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39290 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39291 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39289 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39281 The host is installed with icoutils through 0:0.31.0-3 on Ubuntu 16.04, 0:0.31.0-2+deb8u2build0.14.04.1 on Ubuntu 14.04, 0:0.31.0-3build1 on Ubuntu 16.10 or 0:0.29.1-2ubuntu0.1 on Ubuntu 12.04 and is prone to a buffer overflow vulnerability. A flaw is present in scripts, which fails to properly hand ... oval:org.secpod.oval:def:39282 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39286 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39287 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39288 The host is installed with zziplib package on Ubuntu 16.04, Ubuntu 14.04, Ubuntu 16.10 or Ubuntu 12.04 and is prone to a denial of service vulnerability. A flaw is present in application, which fails to properly handle a crafted zip files. Successful exploitation could allow remote attackers to caus ... oval:org.secpod.oval:def:39280 The host is installed with icoutils through 0:0.31.0-3 on Ubuntu 16.04, 0:0.31.0-2+deb8u2build0.14.04.1 on Ubuntu 14.04, 0:0.31.0-3build1 on Ubuntu 16.10 or 0:0.29.1-2ubuntu0.1 on Ubuntu 12.04 and is prone to a buffer overflow vulnerability. A flaw is present in scripts, which fails to properly hand ... oval:org.secpod.oval:def:39279 The host is installed with icoutils through 0:0.31.0-3 on Ubuntu 16.04, 0:0.31.0-2+deb8u2build0.14.04.1 on Ubuntu 14.04, 0:0.31.0-3build1 on Ubuntu 16.10 or 0:0.29.1-2ubuntu0.1 on Ubuntu 12.04 and is prone to a buffer overflow vulnerability. A flaw is present in scripts, which fails to properly hand ... oval:org.secpod.oval:def:38100 The host is installed with cryptsetup through 2:1.6.6-5ubuntu2 on Ubuntu 16.04, cryptsetup through 2:1.6.1-1ubuntu1 on Ubuntu 14.04, cryptsetup through 2:1.7.2-0ubuntu1 on Ubuntu 16.10 or cryptsetup through 2:1.4.1-2ubuntu4 on Ubuntu 12.04 and is prone to security bypass vulnerability. A flaw is pre ... oval:org.secpod.oval:def:38605 The host is installed with python-html5lib, python-html5lib-whl or python3-html5lib prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle characters. An attacker who successfully exploited these vulnerability could have unspecified impact oval:org.secpod.oval:def:38606 The host is installed with python-html5lib, python-html5lib-whl or python3-html5lib prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle characters. An attacker who successfully exploited these vulnerability could have cross site scripting oval:org.secpod.oval:def:40152 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:37412 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:703113 firefox: Mozilla Open Source web browser Details: USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue where a device update POST request was sent every time about:preferences#sync was shown. This update fixes the problem. We apologize for the inconvenience. Original advisory USN- ... oval:org.secpod.oval:def:34611 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:703086 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.1 ... oval:org.secpod.oval:def:703085 samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.1 ... oval:org.secpod.oval:def:34322 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer. Incorrect banked access bounds checking in vga module. oval:org.secpod.oval:def:703183 libreoffice: Office productivity suite LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703170 wget: retrieves files from the web Wget could be made to overwrite files. oval:org.secpod.oval:def:703399 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703385 ghostscript: PostScript and PDF interpreter Ghostscript could be made to crash, run programs, or disclose sensitive information if it processed a specially crafted file. oval:org.secpod.oval:def:703383 c-ares: library for asynchronous name resolves c-ares could be made to crash or run programs if it processed a specially crafted hostname. oval:org.secpod.oval:def:703146 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:35561 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:703376 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703375 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703370 gst-plugins-good1.0: GStreamer plugins - gst-plugins-good0.10: GStreamer plugins Details: USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The original security fix was incomplete. This update fixes the problem. Original advisory GStreamer could be made to crash or run programs as your lo ... oval:org.secpod.oval:def:703139 dosfstools: utilities for making and checking MS-DOS FAT filesystems dosfstools could be made to crash or run programs if it processed a specially crafted filesystem. oval:org.secpod.oval:def:703379 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:703361 gst-plugins-good1.0: GStreamer plugins - gst-plugins-good0.10: GStreamer plugins GStreamer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703366 moin: Collaborative hypertext environment Several security issues were fixed in MoinMoin. oval:org.secpod.oval:def:34282 ImageMagick allows to process files with external libraries. This feature is called 'delegate'. It is implemented as a system() with command string ('command') from the config file delegates.xml with actual value for different params (input/output filenames etc). Due to insufficient %M param filteri ... oval:org.secpod.oval:def:34283 ImageMagick allows to make HTTP GET or FTP request. oval:org.secpod.oval:def:34286 ImageMagick allows to get content of the files from the server by using 'label' pseudo protocol. oval:org.secpod.oval:def:34284 ImageMagick allows to delete files by using 'ephemeral' pseudo protocol which deletes files after reading. oval:org.secpod.oval:def:34285 ImageMagick allows to move image files to file with any extension in any folder by using 'msl' pseudo protocol. oval:org.secpod.oval:def:703359 tar: GNU version of the tar archiving utility tar could be made to overwrite files. oval:org.secpod.oval:def:703358 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:703581 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:703343 memcached: high-performance memory object caching system Memcached could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:703342 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-367: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to run programs as an administrator. oval:org.secpod.oval:def:703333 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703332 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:36686 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:703338 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703337 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:703566 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file. oval:org.secpod.oval:def:703329 quagga: BGP/OSPF/RIP routing daemon Quagga could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703328 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703550 samba: SMB/CIFS file, print, and login server for Unix Details: USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced a regression when Samba is configured to disable following symbolic links. This update fixes the problem. Original advisory USN-3242-1 introduced a regression in Sam ... oval:org.secpod.oval:def:703312 quagga: BGP/OSPF/RIP routing daemon Several security issues were fixed in Quagga. oval:org.secpod.oval:def:703557 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:703547 apparmor: Linux security system AppArmor could remove the confinement from some programs. oval:org.secpod.oval:def:703545 gst-plugins-base1.0: GStreamer Plugins - gst-plugins-base0.10: GStreamer Plugins GStreamer Base Plugins could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:703549 firefox: Mozilla Open Source web browser Details: USN-3216-1 fixed vulnerabilities in Firefox. The update resulted in a startup crash when Firefox is used with XRDP. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3216-1 introduced a regression in Firefox. oval:org.secpod.oval:def:703548 gst-plugins-good1.0: GStreamer plugins - gst-plugins-good0.10: GStreamer plugins GStreamer Good Plugins could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:703531 glibc: GNU C Library - eglibc: GNU C Library Details: USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. We apologize for the inconvenience. Please note that lo ... oval:org.secpod.oval:def:703535 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703533 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to expose sensitive information over the network. oval:org.secpod.oval:def:703525 firefox: Mozilla Open Source web browser An integer overflow was discovered in Firefox. oval:org.secpod.oval:def:703523 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:703529 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver - nvidia-graphics-drivers-375: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to crash under certain conditions. oval:org.secpod.oval:def:703526 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file. oval:org.secpod.oval:def:703516 libevent: Asynchronous event notification library Several security issues were fixed in libevent. oval:org.secpod.oval:def:703509 libarchive: Library to read/write archive files libarchive could be made to crash, overwrite files, or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703502 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703506 imagemagick: Image manipulation programs and library Several security issues were fixed in ImageMagick. oval:org.secpod.oval:def:38028 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:703286 python-django: High-level Python web development framework Django could be made to set arbitrary cookies. oval:org.secpod.oval:def:703285 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703283 openssl: Secure Socket Layer cryptographic library and tools Details: USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-308 ... oval:org.secpod.oval:def:703278 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703270 tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine The system could be made to run programs as an administrator. oval:org.secpod.oval:def:37869 mailman: Powerful, web-based mailing list manager Several security issues were fixed in Mailman. oval:org.secpod.oval:def:703261 mysql-5.7: MySQL database - mysql-5.5: MySQL database MySQL could be made to run programs as an administrator. oval:org.secpod.oval:def:703499 network-manager-applet: GNOME frontend for NetworkManager The system could be made to expose sensitive information. oval:org.secpod.oval:def:703241 fontconfig: generic font configuration library Fontconfig be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:703483 imagemagick: Image manipulation programs and library Details: USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes introduced a regression with text labels and a regression with the text coder. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-31 ... oval:org.secpod.oval:def:703240 libgcrypt20: LGPL Crypto library - libgcrypt11: LGPL Crypto library Libgcrypt incorrectly generated random numbers. oval:org.secpod.oval:def:703487 libreoffice: Office productivity suite LibreOffice could be made to disclose files if it opened a specially crafted file. oval:org.secpod.oval:def:36755 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:36753 The host is installed with Linux Kernel on Ubuntu 12.04, 14.04 and 16.04 and is prone to a man in the middle attack vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to hijack TCP sessions. oval:org.secpod.oval:def:703248 eog: Eye of GNOME graphics viewer program Eye of GNOME could be made to crash or run programs as your login if it opened a specially crafted image. oval:org.secpod.oval:def:703471 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:703235 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:703239 postgresql-9.5: object-relational SQL database - postgresql-9.3: Object-relational SQL database - postgresql-9.1: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:703238 gnupg: GNU privacy guard - a free PGP replacement GnuPG incorrectly generated random numbers. oval:org.secpod.oval:def:703479 tcpdump: command-line network traffic analyzer tcpdump could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:703223 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:703467 libgc: Boehm-Demers-Weiser garbage collecting storage allocator library Applications using libgc could be made to crash or run programs as your login. oval:org.secpod.oval:def:703210 apache2: Apache HTTP server A security issue was fixed in the Apache HTTP Server. oval:org.secpod.oval:def:703459 firefox: Mozilla Open Source web browser Details: USN-3175-1 fixed vulnerabilities in Firefox. The update caused a regression on systems where the AppArmor profile for Firefox is set to enforce mode. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3175-1 intr ... oval:org.secpod.oval:def:703440 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703443 libxpm: X11 pixmap library libXpm could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:703206 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:703208 libarchive: Library to read/write archive files libarchive could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:703433 nvidia-graphics-drivers-304: NVIDIA binary X.Org driver - nvidia-graphics-drivers-340: NVIDIA binary X.Org driver NVIDIA graphics drivers could be made to crash under certain conditions. oval:org.secpod.oval:def:703436 tomcat8: Servlet and JSP engine - tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:703435 pcsc-lite: Middleware to access a smart card using PC/SC PCSC-Lite could be made to crash or run programs as an administrator if it received specially crafted input. oval:org.secpod.oval:def:703434 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703439 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703425 libvncserver: vnc server library Several security issues were fixed in LibVNCServer. oval:org.secpod.oval:def:703417 exim4: Exim is a mail transport agent Exim could be made to expose private DKIM signing keys. oval:org.secpod.oval:def:703416 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:25765 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:703515 python-imaging: Python Imaging Library Several security issues were fixed in the Python Imaging Library. oval:org.secpod.oval:def:703397 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702944 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:702809 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703057 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703038 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703213 mysql-5.7: MySQL database - mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701521 libjpeg-turbo: library for handling JPEG files - libjpeg6b: library for handling JPEG files libjpeg and libjpeg-turbo could be made to expose sensitive information. oval:org.secpod.oval:def:701515 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701513 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702390 jasper: Library for manipulating JPEG-2000 files JasPer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703006 jasper: Library for manipulating JPEG-2000 files Several security issues were fixed in JasPer. oval:org.secpod.oval:def:702324 jasper: Library for manipulating JPEG-2000 files JasPer could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703491 w3m: WWW browsable pager with excellent tables/frames support Several security issues were fixed in w3m. oval:org.secpod.oval:def:703336 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:33076 cpio: a tool to manage archives of files Several security issues were fixed in GNU cpio. oval:org.secpod.oval:def:702212 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:702312 dbus: simple interprocess messaging system DBus could be made to stop responding under certain conditions. oval:org.secpod.oval:def:702103 dbus: simple interprocess messaging system Several security issues were fixed in DBus. oval:org.secpod.oval:def:701329 dbus: simple interprocess messaging system DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:703542 eject: ejects CDs and operates CD-Changers under Linux Eject could be made to run programs as an administrator. oval:org.secpod.oval:def:702877 grub2: GRand Unified Bootloader GRUB password protection can be bypassed. oval:org.secpod.oval:def:702749 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702977 nss: Network Security Service library NSS could be made to expose sensitive information. oval:org.secpod.oval:def:702724 gdk-pixbuf: GDK Pixbuf library GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702723 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702711 ubufox: Ubuntu modifications for Firefox Details: USN-2702-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox. Original advisory This update provides compatible packages for Firefox 40. oval:org.secpod.oval:def:702957 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702714 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702943 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702930 libxml2: GNOME XML library libxml2 could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:702920 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702921 firefox: Mozilla Open Source web browser Firefox could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702917 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702916 openssh: secure shell for secure access to remote machines OpenSSH could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702915 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702919 gnutls28: GNU TLS library - gnutls26: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702907 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703157 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703114 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703100 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:703512 icu: International Components for Unicode library Several security issues were fixed in ICU. oval:org.secpod.oval:def:702881 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:31645 libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:702865 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702866 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702847 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:702830 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702825 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702824 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702814 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:703064 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703068 oxygen-gtk3: Oxygen widget theme for GTK3-based applications Details: USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. We apologize for the in ... oval:org.secpod.oval:def:703067 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703298 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:703279 thunderbird: Mozilla Open Source mail and newsgroup client Thunderbird could be made to crash or run programs as your login if it opened a malicious message. oval:org.secpod.oval:def:703011 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703017 nss: Network Security Service library NSS could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:703016 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703212 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:703201 nss: Network Security Service library NSS could be made to crash or run programs if it processed specially crafted network traffic. oval:org.secpod.oval:def:702780 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702751 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory This update provides compatible packages for Firefox 41 oval:org.secpod.oval:def:703357 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:703560 linux-hwe: Linux hardware enablement kernel - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash under certain conditions. oval:org.secpod.oval:def:703559 linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws: Linux kernel for Amazon Web Services systems - linux-gke: Linux kernel for Google Container Engine systems - linux-snapdragon: Linux kernel for Snapdragon Processors - linux-ti-omap4: Linux kernel for OMAP4 The system ... oval:org.secpod.oval:def:703457 nettle: low level cryptographic library Nettle could be made to expose sensitive information over the network. oval:org.secpod.oval:def:39001 gnutls28: GNU TLS library - gnutls26: GNU TLS library Several security issues were fixed in GnuTLS. oval:org.secpod.oval:def:703527 gnutls26: GNU TLS library Details: USN-3183-1 fixed CVE-2016-8610 in GnuTLS in Ubuntu 16.04 LTS and Ubuntu 16.10. This update provides the corresponding update for Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Original advisory GnuTLS could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:38970 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701344 swift: OpenStack distributed virtual object store Multiple security issues were fixed in OpenStack Swift. oval:org.secpod.oval:def:701556 linux-lts-saucy: Linux hardware enablement kernel from Saucy The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701557 linux-lts-raring: Linux hardware enablement kernel from Raring The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701083 lynx-cur: Text-mode WWW Browser with NLS support Two security issues were fixed in Lynx. oval:org.secpod.oval:def:702704 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:702649 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:35819 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:703368 vim: Vi IMproved - enhanced vi editor Vim could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701250 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701251 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701242 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703519 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:702874 libxml2: GNOME XML library libxml2 could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:703087 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:703004 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702718 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702707 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702668 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702898 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702896 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702883 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702645 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702863 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702602 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702837 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702831 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702821 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702820 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702800 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702593 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702799 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702798 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702509 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:701641 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:702716 net-snmp: SNMP server and applications Net-SNMP could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701620 openssh: secure shell for secure access to remote machines OpenSSH incorrectly handled environment restrictions with wildcards. oval:org.secpod.oval:def:39033 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702080 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702293 ruby2.0: Object-oriented scripting language - ruby2.1: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby1.8: Object-oriented scripting language Ruby could be made to consume resources. oval:org.secpod.oval:def:702276 ruby2.0: Object-oriented scripting language - ruby2.1: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language - ruby1.8: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:702241 bash: GNU Bourne Again SHell Several security issues were fixed in Bash. oval:org.secpod.oval:def:702239 bash: GNU Bourne Again SHell Several security issues were fixed in Bash. oval:org.secpod.oval:def:702469 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702466 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702678 tidy: HTML syntax checker and reformatter HTML Tidy could be made to crash or run programs if it processed specially crafted data. oval:org.secpod.oval:def:702420 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702631 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701516 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702180 procmail: Versatile e-mail processor formail could be made to crash or run programs if it processed specially crafted mail. oval:org.secpod.oval:def:37870 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:702396 eglibc: GNU C Library The GNU C Library could be made to crash or run programs. oval:org.secpod.oval:def:702359 unzip: De-archiver for .zip files unzip could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701490 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:701491 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701498 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702317 glibc: GNU C Library - eglibc: GNU C Library The GNU C Library could be made to crash or run programs. oval:org.secpod.oval:def:702542 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:702772 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702513 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:702044 gnutls26: GNU TLS library GnuTLS could be made to crash or run programs if it connected to a malicious server. oval:org.secpod.oval:def:702463 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702457 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701591 gnutls26: GNU TLS library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701587 gnutls26: GNU TLS library GnuTLS incorrectly validated certain intermediate certificates. oval:org.secpod.oval:def:702401 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702399 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702138 libtasn1-6: Library to manage ASN.1 structures - libtasn1-3: Library to manage ASN.1 structures Libtasn1 could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:24346 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702594 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702561 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702565 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702541 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702534 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702529 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701624 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702092 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received specially crafted input. oval:org.secpod.oval:def:702201 nss: Network Security Service library NSS could be made to crash or run programs as your login if it processed a specially crafted certificate. oval:org.secpod.oval:def:701583 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701564 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701550 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701948 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:702135 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:702134 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:700960 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700956 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701192 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701186 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701187 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701155 inkscape: vector-based drawing program Several security issues were fixed in Inkscape. oval:org.secpod.oval:def:701141 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701148 linux-lts-quantal: Linux kernel LTS from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701373 linux-lts-raring: Linux hardware enablement kernel from Raring The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701116 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701119 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701331 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701332 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701335 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701300 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to crash or run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:701304 linux: Linux kernel The system could be made to crash or run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:700878 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700865 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701089 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701088 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701294 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701291 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701266 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701267 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701268 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701234 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701221 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701220 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700975 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could allow unintended access to files over the network when using the XML2 extension. oval:org.secpod.oval:def:700929 tiff: Tag Image File Format library The TIFF library could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701168 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701240 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:700903 raptor: Raptor RDF parser and serializer library Applications using Raptor could be made to expose sensitive information or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701357 raptor2: Raptor 2 RDF syntax library Applications using Raptor could be made to expose sensitive information or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:702136 apache2: Apache HTTP server Several security issues were fixed in Apache HTTP Server. oval:org.secpod.oval:def:702729 expat: XML parsing C library Expat could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:700993 xmlrpc-c: Lightweight RPC library based on XML and HTTP Details: USN-1527-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Both issues described in the original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04, 11.10 and 12 ... oval:org.secpod.oval:def:700959 expat: XML parsing C library - example application Expat could be made to cause a denial of service by consuming excessive CPU and memory resources. oval:org.secpod.oval:def:703172 xmlrpc-c: Lightweight RPC library based on XML and HTTP Several security issues were fixed in XML-RPC for C and C++. oval:org.secpod.oval:def:703167 expat: XML parsing C library Several security issues were fixed in Expat. oval:org.secpod.oval:def:25770 sqlite3: C library that implements an SQL database engine SQLite could be made to crash or run programs if it processed specially crafted queries. oval:org.secpod.oval:def:703112 expat: XML parsing C library Expat could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703220 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701396 php5: HTML-embedded scripting language interpreter Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701305 linux-lts-raring: Linux hardware enablement kernel from Raring The system could be made to crash or run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:701295 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701284 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701281 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to run programs as an administrator. oval:org.secpod.oval:def:702240 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702247 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702235 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702684 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702434 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702658 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702526 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:700906 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:700881 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash or incorrectly handle authentication. oval:org.secpod.oval:def:703484 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703481 linux: Linux kernel - linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702197 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702195 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702335 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702334 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701474 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702486 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:38125 python2.7: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:702068 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701589 python2.7: An interactive high-level object-oriented language - python3.3: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language - python2.6: An interactive high-level object-oriented language Python could be made to crash or run programs ... oval:org.secpod.oval:def:702871 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:702624 python2.7: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:703280 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701053 python3.2: Interactive high-level object-oriented language Several security issues were fixed in Python 3.2. oval:org.secpod.oval:def:703468 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701441 python2.7: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:701443 python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:702985 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702730 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702959 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702951 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702954 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:702949 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702934 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:703163 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703162 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703151 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:703155 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:25768 pcre3: Perl 5 Compatible Regular Expression Library PCRE could be made to crash or run programs if it processed a specially-crafted regular expression. oval:org.secpod.oval:def:703141 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:703129 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:703352 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703353 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703103 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703102 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703573 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise The system could be made to crash under certain conditions. oval:org.secpod.oval:def:702891 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702899 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702813 php5: HTML-embedded scripting language interpreter PHP could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:703099 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703052 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703058 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:703293 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:703039 pcre3: Perl 5 Compatible Regular Expression Library PCRE could be made to crash or run programs if it processed a specially-crafted regular expression. oval:org.secpod.oval:def:703021 linux: Linux kernel The system could be made to crash or run programs as an administrator by someone with physical access. oval:org.secpod.oval:def:703020 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash or run programs as an administrator by someone with physical access. oval:org.secpod.oval:def:703268 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:703028 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:36104 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:703219 php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:703418 linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702775 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702774 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702990 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702994 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701651 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701401 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701644 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701405 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701648 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701404 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701625 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701605 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701604 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701602 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702097 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702099 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702093 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702091 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702269 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701398 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701395 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701389 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702226 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702224 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702229 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701597 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701598 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701581 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702432 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702438 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701574 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701577 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701578 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701579 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701530 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701534 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701537 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701535 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701525 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701506 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701504 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701502 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702199 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702154 linux-lts-trusty: Linux hardware enablement kernel from Trusty The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701042 linux: Linux kernel The system could be made to perform privileged actions as an administrator. oval:org.secpod.oval:def:702124 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702123 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702122 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701033 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run actions or potentially programs as an administrator. oval:org.secpod.oval:def:702121 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702125 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702110 linux-lts-trusty: Block storage devices Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701497 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702101 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701494 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702100 linux-lts-trusty: Block storage devices The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702341 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702105 linux-lts-raring: Linux hardware enablement kernel from Raring The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702107 linux-lts-saucy: Linux hardware enablement kernel from Saucy The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701481 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701455 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702301 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702307 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702305 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701672 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701431 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701671 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701434 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701432 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701433 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701666 linux-lts-raring: Linux hardware enablement kernel from Raring The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701668 linux-lts-saucy: Linux hardware enablement kernel from Saucy The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701363 icedtea-web: A web browser plugin to execute Java applets Details: USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7. Original advisory IcedTea Web updated to work with new OpenJDK 7. oval:org.secpod.oval:def:701366 openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK 6. oval:org.secpod.oval:def:701058 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:702053 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702052 linux-lts-quantal: Linux hardware enablement kernel from Quantal Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702047 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702090 linux-lts-trusty: Block storage devices Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702072 linux-lts-saucy: Linux hardware enablement kernel from Saucy Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702065 linux-lts-quantal: Linux hardware enablement kernel from Quantal The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:702064 linux-lts-raring: Linux hardware enablement kernel from Raring Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702067 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702060 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702161 linux-lts-trusty: Linux hardware enablement kernel from Trusty Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702043 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:702049 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. |
