[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 1830 Download | Alert*

A vulnerability has been found and corrected in transmission: Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. in a pathname within a .torrent file . The updated packages have been patched to correct this issue.

A packaging mistake lead to that the gpg-agent was not started by default. The updated packages addresses this problem.

This update fixes an issue with rpm filetriggers : when several file triggers are ran in parallel and try to read from stdin, a pipe filedescriptor leak leads to a deadlock and rpm freezing.

A vulnerability has been found and corrected in curl: content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service or have unspecified other impact by sending crafted compressed data to an application tha ...

Multiple vulnerabilities has been found and corrected in cabextract: The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service via a malformed MSZIP archive in a .cab file during a test or extract action, related to the libmspack library . Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allo ...

The evtouch Xorg driver was not working because its ABI was too old. The new version contains the necessary ABI updates, so the driver can now work correctly.

An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack . Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the system bzip2 library to resolv this issue. Packages for 2008.0 and 2009.0 are provided as of the Ex ...

In mandriva 2010.0 /etc/pam.d/kde was not tagged as a config file so was replaced by a new file on each update.This update fixes this issue.

xvt script was not detecting KDE4 properly and was forking KDE4 terminal, which could break some scripts. This updates fixes this issue and also disable some unwanted sound events when using Firefox 3.6.x under GNOME.

A vulnerability was discovered and corrected in gnucash: gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory . The affected /usr/bin/gnc-test-env file has been removed to mitigate the CVE-2010-3999 vulnerability as gnc-test-env is only us ...

Pages:      Start    168    169    170    171    172    173    174    175    176    177    178    179    180    181    ..   182

© SecPod Technologies