Download
| Alert*
oval:org.secpod.oval:def:701057
exim4: Exim is a mail transport agent Exim could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701095 firefox: Mozilla Open Source web browser Details: USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem. Original advisory Regressions were introduced in the last Firefox update. oval:org.secpod.oval:def:701073 python-django: High-level Python web development framework Details: USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. Original advisory ... oval:org.secpod.oval:def:701051 Ubuntu 12.10 is installed oval:org.secpod.oval:def:701072 python-django: High-level Python web development framework Django could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701062 remote-login-service: Service to track the remote servers to use Remote Login Service could be made to expose sensitive information. oval:org.secpod.oval:def:701081 libssh: A tiny C SSH library linssh could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701079 libunity-webapps: UnityWebapps library libunity-webapps could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701064 icedtea-web: A web browser plugin to execute Java applets The Icedtea-Web plugin could be made to crash or run programs as your login if it opened a specially crafted web page. oval:org.secpod.oval:def:701065 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701080 unity-firefox-extension: Firefox extension: Unity Integration unity-firefox-extension could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701070 glance: OpenStack Image Registry and Delivery Service Glance could be made to delete arbitrary images. oval:org.secpod.oval:def:701061 munin: Network-wide graphing framework Several security issues were fixed in Munin. oval:org.secpod.oval:def:701068 glance: OpenStack Image Registry and Delivery Service Details: USN-1626-1 fixed vulnerabilities in the v1 API of Glance. This update provides the corresponding updates for the v2 API. Original advisory Glance could be made to delete arbitrary images. oval:org.secpod.oval:def:701056 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701059 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web cont ... oval:org.secpod.oval:def:701075 thunderbird: Mozilla Open Source mail and newsgroup client Multiple security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701078 ubufox: Ubuntu Firefox specific configuration defaults and apt support Details: USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory This update provides compatible ubufox packages for the latest Firefox. oval:org.secpod.oval:def:701076 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701074 python-keyring: store and access your passwords safely Several security issues were fixed in Python Keyring. oval:org.secpod.oval:def:701418 ubuntu-system-service: Dbus service to set various system-wide configurations ubuntu-system-service could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701419 software-properties: manage the repositories that you install software from Software Properties could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701412 language-selector: Language selector for Ubuntu language-selector could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701538 puppet: Centralized configuration management Puppet could be made to overwrite files. oval:org.secpod.oval:def:701415 usb-creator: create a startup disk using a CD or disc image usb-creator could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701640 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701407 python-httplib2: comprehensive HTTP client library written for Python Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701408 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701522 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701523 curl: HTTP, HTTPS, and FTP client and client libraries Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701524 horizon: Web interface for OpenStack cloud infrastructure Horizon could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701645 cups: Common UNIX Printing System CUPS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701195 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701196 transmission: lightweight BitTorrent client Transmission could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701639 python-django: High-level Python web development framework Details: USN-2169-1 fixed vulnerabilities in Django. The upstream security patch for CVE-2014-0472 introduced a regression for certain applications. This update fixes the problem. Original advisory USN-2169-1 introduced a regression in Djang ... oval:org.secpod.oval:def:701511 curl: HTTP, HTTPS, and FTP client and client libraries Details: USN-2048-1 fixed a vulnerability in curl. The security fix uncovered a bug in the curl command line tool which resulted in the --insecure option not working as intended. This update fixes the problem. We apologize for the inconvenience ... oval:org.secpod.oval:def:701630 Ubuntu 12.10 is installed oval:org.secpod.oval:def:701631 openssh: secure shell for secure access to remote machines A malicious server could bypass OpenSSH SSHFP DNS record checking. oval:org.secpod.oval:def:701636 curl: HTTP, HTTPS, and FTP client and client libraries Several security issues were fixed in curl. oval:org.secpod.oval:def:701637 python-imaging: Python Imaging Library Python Imaging Library could be made to overwrite or expose files. oval:org.secpod.oval:def:701188 nova: OpenStack Compute cloud infrastructure Nova could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701180 cinder: Cinder storage service - api server Cinder could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701508 curl: HTTP, HTTPS, and FTP client and client libraries Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701500 keystone: OpenStack identity service Keystone would improperly remove roles when it was configured to use the LDAP backend. oval:org.secpod.oval:def:701622 libyaml: Fast YAML 1.1 parser and emitter library LibYAML could be made to crash or run programs if it opened a specially crafted YAML document. oval:org.secpod.oval:def:701626 clamav: Anti-virus utility for Unix ClamAV has been updated to a new version. oval:org.secpod.oval:def:701623 libyaml-libyaml-perl: Perl interface to libyaml, a YAML implementation libyaml-libyaml-perl could be made to crash or run programs if it opened a specially crafted YAML file. oval:org.secpod.oval:def:701174 boost1.49: C++ representation of time duration, time point, and clocks Boost incorrectly validated certain UTF-8 sequences. oval:org.secpod.oval:def:701298 kde4libs: KDE 4 core applications and libraries KDE-Libs could be made to expose web credentials. oval:org.secpod.oval:def:701178 keystone: OpenStack identity service Keystone could be made to crash or expose sensitive information over the network. oval:org.secpod.oval:def:701296 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:701297 nova: OpenStack Compute cloud infrastructure Details: USN-1831-1 fixed a vulnerability in OpenStack Nova. The upstream fix introduced a regression where instances using uncached QCOW2 images would fail to start. This update fixes the problem. We apologize for the inconvenience. Original advisory USN ... oval:org.secpod.oval:def:701619 ca-certificates: Common CA certificates ca-certificates was updated to the 20130906 package. oval:org.secpod.oval:def:701617 initramfs-tools: tools for generating an initramfs initramfs-tools used incorrect mount options. oval:org.secpod.oval:def:701610 mutt: text-based mailreader supporting MIME, GPG, PGP and threading The mutt mail client could be made to crash or run programs as your login if it opened a specially crafted email. oval:org.secpod.oval:def:701179 ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby. oval:org.secpod.oval:def:701614 gtk+3.0: GTK+ graphical user interface library Details: USN-2149-1 fixed a vulnerability in librsvg. This update provides a compatibility fix for GTK+ to work with the librsvg security update. Original advisory This update provides a compatibility fix for GTK+. oval:org.secpod.oval:def:701613 librsvg: renderer library for SVG files Librsvg could be made to expose sensitive information. oval:org.secpod.oval:def:701162 keystone: OpenStack identity service Keystone could be made to fill server disks with error messages. oval:org.secpod.oval:def:701166 gnome-screensaver: GNOME screen saver and locker gnome-screensaver would allow unintended access to the user session. oval:org.secpod.oval:def:701287 nova: OpenStack Compute cloud infrastructure Nova could be made to crash the system if instances used a specially crafted image. oval:org.secpod.oval:def:701288 keystone: OpenStack identity service Keystone would allow unintended access over the network. oval:org.secpod.oval:def:701164 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a ... oval:org.secpod.oval:def:701165 curl: HTTP, HTTPS, and FTP client and client libraries curl could be made to crash or run programs if it opened a malicious URL. oval:org.secpod.oval:def:701608 cups-filters: OpenPrinting CUPS Filters cups-filters could be made to run programs as the lp user if it processed a specially crafted file. oval:org.secpod.oval:def:701609 libssh: A tiny C SSH library A security issue was fixed in libssh. oval:org.secpod.oval:def:701961 python-django: High-level Python web development framework Django applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701151 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701273 clamav: Anti-virus utility for Unix ClamAV could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701150 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701154 nova: OpenStack Compute cloud infrastructure Nova volume could be made to expose volumes from other users. oval:org.secpod.oval:def:701957 swift: OpenStack distributed virtual object store OpenStack Swift would allow unintended access to files over the network. oval:org.secpod.oval:def:701159 linux: Linux kernel Details: USN-1699-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1699-1 introduced a regression in the Linux ker ... oval:org.secpod.oval:def:701952 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701278 telepathy-idle: IRC connection manager for Telepathy telepathy-idle could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701158 linux-ti-omap4: Linux kernel for OMAP4 Details: USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1700-1 introduced a regressi ... oval:org.secpod.oval:def:701956 dpkg: Debian package management system A malicious source package could write files outside the unpack directory. oval:org.secpod.oval:def:701953 quantum: OpenStack Virtual Network Service Details: USN-2208-1 fixed vulnerabilities in OpenStack Cinder. This update provides the corresponding updates for OpenStack Quantum. Original advisory OpenStack Quantum could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701262 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701144 vino: VNC server for GNOME Vino could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701387 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:701385 libimobiledevice: Library for communicating with iPhone and iPod Touch devices libimobiledevice could be made to overwrite files as the administrator, or access device keys. oval:org.secpod.oval:def:701947 libxml2: GNOME XML library libxml2 could be made to consume resources if it processed a specially crafted file. oval:org.secpod.oval:def:701941 dovecot: IMAP and POP3 email server Dovecot could be made to stop responding if it received specially crafted network traffic. oval:org.secpod.oval:def:701147 firefox: Mozilla Open Source web browser Details: USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, some translations became unusable after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1681-1 introduced a regression in ... oval:org.secpod.oval:def:701944 dpkg: Debian package management system Details: USN-2183-1 fixed a vulnerability in dpkg. Javier Serrano Polo discovered that the fix introduced a vulnerability in releases with an older version of the patch utility. This update fixes the problem. Original advisory A malicious source package could w ... oval:org.secpod.oval:def:701945 jbigkit: JBIG1 data compression library JBIG-KIT could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:701371 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701372 lcms2: Little CMS 2 color management library Little CMS could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701133 nspr: NetScape Portable Runtime Library Details: USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:701254 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701132 nss: Network Security Service library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701253 nvidia-graphics-drivers: NVIDIA binary Xorg driver - nvidia-graphics-drivers-updates: NVIDIA binary Xorg driver - nvidia-settings: Tool for configuring the NVIDIA graphics driver - nvidia-settings-updates: Tool for configuring the NVIDIA graphics driver NVIDIA graphics drivers could be made to run p ... oval:org.secpod.oval:def:701495 pixman: pixel-manipulation library for X and cairo pixman could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701938 elfutils: collection of utilities to handle ELF objects elfutils could be made to crash or run programs if it processed a specially crafted file. oval:org.secpod.oval:def:701258 icedtea-web: A web browser plugin to execute Java applets Two security issues were fixed in IcedTea-Web. oval:org.secpod.oval:def:701257 xorg-server: X.Org X server - xorg-server-lts-quantal: X.Org X server The X server could be made to reveal keystrokes of other users. oval:org.secpod.oval:def:701499 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Several security issues were fixed in Ruby. oval:org.secpod.oval:def:701933 cinder: OpenStack storage service OpenStack Cinder could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701361 file-roller: archive manager for GNOME File Roller could be made to create or overwrite files. oval:org.secpod.oval:def:701485 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701123 moin: Collaborative hypertext environment MoinMoin could be made to run programs and overwrite files. oval:org.secpod.oval:def:701365 libxml2: GNOME XML library Details: USN-1904-1 fixed vulnerabilities in libxml2. The update caused a regression for certain users. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1904-1 introduced a regression in libxml2. oval:org.secpod.oval:def:701246 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701471 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701353 libmodule-signature-perl: module to manipulate CPAN SIGNATURE files Module::Signature could be made to run programs if it verified a signature. oval:org.secpod.oval:def:701595 icedtea-web: A web browser plugin to execute Java applets IcedTea Web could be made to expose or alter sensitive information. oval:org.secpod.oval:def:701596 imagemagick: Image manipulation programs and library ImageMagick could be made to crash or run programs if it opened a specially crafted image file. oval:org.secpod.oval:def:701352 firefox: Mozilla Open Source web browser Details: USN-1890-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in Firefox using the wrong network proxy settings. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-1890 ... oval:org.secpod.oval:def:701473 maas: Ubuntu MAAS Server MAAS could be made to run programs as an administrator. oval:org.secpod.oval:def:701594 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:701236 poppler: PDF rendering library Applications using poppler could be made to crash or possibly run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701238 libxslt: XSLT processing library Applications using libxslt could be made to crash if they processed a specially crafted file. oval:org.secpod.oval:def:701100 libxml2: GNOME XML library Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. oval:org.secpod.oval:def:701343 haproxy: fast and reliable load balancing reverse proxy HAProxy could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701464 glance: OpenStack Image Registry and Delivery Service Glance could be made to expose sensitive information over the network under certain circumstances. oval:org.secpod.oval:def:701340 puppet: Centralized configuration management Puppet could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701582 firefox: Mozilla Open Source web browser Details: USN-2102-1 fixed vulnerabilities in Firefox. The update introduced a regression which could make Firefox crash under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2102-1 introduced a regr ... oval:org.secpod.oval:def:701341 libraw: raw image decoder library LibRaw could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701462 swift: OpenStack distributed virtual object store Swift could cause the system to crash if it received specially crafted requests over the network. oval:org.secpod.oval:def:701225 nova: OpenStack Compute cloud infrastructure Two security issues were fixed in Nova. oval:org.secpod.oval:def:701105 nova: OpenStack Compute cloud infrastructure Nova could be made to expose sensitive information. oval:org.secpod.oval:def:701347 ubuntu-release-upgrader: manage release upgrades ubuntu-release-upgrader would crash when attempting to upgrade. oval:org.secpod.oval:def:701465 suds: Lightweight SOAP client for Python Suds could be made to overwrite files. oval:org.secpod.oval:def:701586 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:701224 clamav: Anti-virus utility for Unix Several security issues were fixed in ClamAV. oval:org.secpod.oval:def:701466 apport: automatically generate crash reports for debugging Apport could be made to expose privileged information. oval:org.secpod.oval:def:701108 unity-firefox-extension: Firefox extension: Unity Integration unity-firefox-extension could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701107 apt: Advanced front-end for dpkg APT could expose sensitive information. oval:org.secpod.oval:def:701210 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:701213 apt: Advanced front-end for dpkg An attacker could trick APT into installing altered packages. oval:org.secpod.oval:def:701218 pam-xdg-support: PAM module for XDG_RUNTIME_DIR support pam-xdg-support could be made to run programs as an administrator. oval:org.secpod.oval:def:701216 glance: OpenStack Image Registry and Delivery Service Glance could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701217 nspr: NetScape Portable Runtime Library Details: USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory NSPR update to work with the new NSS. oval:org.secpod.oval:def:701320 libxv: X11 Video extension library Several security issues were fixed in libxv. oval:org.secpod.oval:def:701562 pidgin: graphical multi-protocol instant messaging client for X Several security issues were fixed in Pidgin. oval:org.secpod.oval:def:701321 libxinerama: X11 Xinerama extension library Several security issues were fixed in libxinerama. oval:org.secpod.oval:def:701442 nas: Network Audio System Several security issues were fixed in Network Audio System . oval:org.secpod.oval:def:701563 libgadu: Gadu-Gadu protocol library libgadu could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701560 libyaml: Fast YAML 1.1 parser and emitter library LibYAML could be made to crash or run programs if it opened specially crafted yaml document. oval:org.secpod.oval:def:701203 openssl: Secure Socket Layer cryptographic library and tools Details: USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0166 and CVE-2012-2686 introduced a regression causing decryption failures on hardware supporting AES-NI. This update temporarily reverts the security fix pending ... oval:org.secpod.oval:def:701324 libxi: X11 Input extension library Several security issues were fixed in libxi. oval:org.secpod.oval:def:701204 firefox: Mozilla Open Source web browser Details: USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in freezes and crashes when using multiple tabs with images displayed. This update fixes the problem. We apologize for the inconvenience. Origin ... oval:org.secpod.oval:def:701325 libxcb: X C Binding Several security issues were fixed in libxcb. oval:org.secpod.oval:def:701567 libyaml: Fast YAML 1.1 parser and emitter library Details: USN-2098-1 fixed a vulnerability in LibYAML. The security fix used introduced a regression that caused parsing failures for certain valid YAML files. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-20 ... oval:org.secpod.oval:def:701322 libx11: X11 client-side library Several security issues were fixed in libx11. oval:org.secpod.oval:def:701323 libxrender: X Rendering Extension client library Several security issues were fixed in libxrender. oval:org.secpod.oval:def:701565 libav: Multimedia player, server, encoder and transcoder Libav could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701207 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701328 telepathy-gabble: Jabber/XMPP connection manager Several security issues were fixed in telepathy-gabble. oval:org.secpod.oval:def:701568 maas: Ubuntu MAAS Server The cluster could be made to run programs as an administrator. oval:org.secpod.oval:def:701551 nspr: NetScape Portable Runtime Library NSPR could be made to crash or run programs if it received a specially crafted certificate. oval:org.secpod.oval:def:701310 libxrandr: X11 RandR extension library - libxrandr-lts-quantal: X11 RandR extension library Several security issues were fixed in libxrandr. oval:org.secpod.oval:def:701552 munin: Network-wide graphing framework Several security issues were fixed in Munin. oval:org.secpod.oval:def:701670 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701319 libxt: X11 toolkit intrinsics library Several security issues were fixed in libxt. oval:org.secpod.oval:def:701313 libxp: X Printing Extension client library Several security issues were fixed in libxp. oval:org.secpod.oval:def:701555 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:701314 libxfixes: X11 miscellaneous fixes extension library Several security issues were fixed in libxfixes. oval:org.secpod.oval:def:701311 libxcursor: X cursor management library Several security issues were fixed in libxcursor. oval:org.secpod.oval:def:701553 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:701312 libdmx: X11 Distributed Multihead extension library Several security issues were fixed in libdmx. oval:org.secpod.oval:def:701317 libxxf86vm: X11 XFree86 video mode extension library Several security issues were fixed in libxxf86vm. oval:org.secpod.oval:def:701559 curl: HTTP, HTTPS, and FTP client and client libraries libcurl could be made to expose sensitive information. oval:org.secpod.oval:def:701315 libfs: X11 Font Services library Several security issues were fixed in libfs. oval:org.secpod.oval:def:701436 txt2man: Converts flat ASCII text to man page format txt2man could be made to overwrite files. oval:org.secpod.oval:def:701316 libxres: X11 Resource extension library Several security issues were fixed in libxres. oval:org.secpod.oval:def:701540 puppet: Centralized configuration management Details: USN-2077-1 fixed a vulnerability in Puppet. The upstream patch introduced a regression resulting in the default file mode being incorrect. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2077-1 introduced ... oval:org.secpod.oval:def:701420 rtkit: Realtime Policy and Watchdog Daemon RealtimeKit could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701541 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701308 libxxf86dga: X11 Direct Graphics Access extension library Several security issues were fixed in libxxf86dga. oval:org.secpod.oval:def:701309 libxext: X11 miscellaneous extensions library Several security issues were fixed in libxext. oval:org.secpod.oval:def:701423 libraw: raw image decoder library LibRaw could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:701544 memcached: A high-performance memory object caching system Several security issues were fixed in Memcached. oval:org.secpod.oval:def:701424 pyopenssl: Python wrapper around the OpenSSL library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701545 graphviz: rich set of graph drawing tools Graphviz could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701421 apt-xapian-index: maintenance and search tools for a Xapian index of Debian package apt-xapian-index could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701542 cups: Common UNIX Printing System CUPS could be made to expose sensitive information. oval:org.secpod.oval:def:701548 devscripts: scripts to make the life of a Debian Package maintainer easier devscripts could be made to run programs if it opened a specially crafted file. oval:org.secpod.oval:def:701307 libxvmc: X11 Video extension library Several security issues were fixed in libxvmc. oval:org.secpod.oval:def:701425 python-django: High-level Python web development framework Several security issues were fixed in Django. oval:org.secpod.oval:def:701097 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701380 evolution-data-server: Evolution suite data server Evolution would sometimes encrypt email to the wrong recipient. oval:org.secpod.oval:def:701958 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:701627 openssl: Secure Socket Layer cryptographic library and tools OpenSSL could be made to expose sensitive information over the network, possibly including private keys. oval:org.secpod.oval:def:701606 udisks: service to access and manipulate storage devices - udisks2: service to access and manipulate storage devices UDisks could be made to manipulate directories as the administrator. oval:org.secpod.oval:def:701337 keystone: OpenStack identity service Keystone did not always properly verify expired PKI tokens or properly authenticate users. oval:org.secpod.oval:def:701518 qt4-x11: Qt 4 libraries - qtbase-opensource-src: Qt 5 libraries Qt could be made to consume resources and hang if it processed XML data. oval:org.secpod.oval:def:701422 policykit-1: framework for managing administrative policies and privileges polkit could be tricked into giving out improper authorization. oval:org.secpod.oval:def:701411 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:701459 keystone: OpenStack identity service Keystone would improperly grant access to invalid tokens under certain circumstances. oval:org.secpod.oval:def:701460 nova: OpenStack Compute cloud infrastructure Nova could be made to crash if it received specially crafted network requests. oval:org.secpod.oval:def:701351 pymongo: Python interface to the MongoDB document-oriented database PyMongo could be made to crash under certain conditions. oval:org.secpod.oval:def:701326 xserver-xorg-video-openchrome: X.Org X server -- VIA display driver - xserver-xorg-video-openchrome-lts-quantal: X.Org X server -- VIA display driver Several security issues were fixed in xserver-xorg-video-openchrome. oval:org.secpod.oval:def:701318 libxtst: X11 Record extension library Several security issues were fixed in libxtst. oval:org.secpod.oval:def:701230 gnome-online-accounts: GNOME Online Accounts GNOME Online Accounts could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701227 keystone: OpenStack identity service Under certain configurations, Keystone would allow unintended access over the network. oval:org.secpod.oval:def:701153 glance: OpenStack Image Registry and Delivery Service Glance could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701175 qt4-x11: Qt 4 libraries Several security issues were fixed in Qt. oval:org.secpod.oval:def:701152 libvirt: Libvirt virtualization toolkit libvirt could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701156 squid3: Full featured Web Proxy cache - squid: Internet object cache squid-cgi could consume excessive system resources, leading to a denial of service attack on it and other hosted services. oval:org.secpod.oval:def:701143 rpm: package manager for RPM RPM could incorrectly validate package signatures. oval:org.secpod.oval:def:701082 keystone: OpenStack identity service Keystone would allow unintended access to files over the network. oval:org.secpod.oval:def:701071 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701198 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701201 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701359 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:701448 icu: International Components for Unicode library ICU could be made to crash or run programs as your login if it processed specially crafted data. oval:org.secpod.oval:def:701098 cups: Common UNIX Printing System - cupsys: Common UNIX Printing System CUPS could be made to read files or run programs as an administrator. oval:org.secpod.oval:def:701090 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701410 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701417 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701086 perl: Larry Wall"s Practical Extraction and Report Language Perl programs could be made to crash or run programs if they receive specially crafted network traffic or other input. oval:org.secpod.oval:def:701084 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701194 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701199 dbus-glib: simple interprocess messaging system An attacker could send crafted input to applications using DBus-GLib and possibly escalate privileges. oval:org.secpod.oval:def:701191 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701066 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP server. oval:org.secpod.oval:def:701181 openssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL. oval:org.secpod.oval:def:701050 ruby1.9.1: Interpreter of object-oriented scripting language Ruby Several security issues were fixed in Ruby. oval:org.secpod.oval:def:701171 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701177 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701054 ruby1.8: Interpreter of object-oriented scripting language Ruby 1.8 Details: USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Original advisory Ruby could allow excessive access in untrusted programs. oval:org.secpod.oval:def:701280 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701279 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701382 ubufox: Ubuntu Firefox specific configuration defaults and apt support - unity-firefox-extension: Unity Integration for Firefox Details: USN-1924-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox and Unity Firefox Extension. Original advisory This update p ... oval:org.secpod.oval:def:701383 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701384 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701255 curl: HTTP, HTTPS, and FTP client and client libraries Applications using libcurl could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701252 unity-firefox-extension: Unity Integration for Firefox Details: USN-1786-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Unity Firefox Extension. Original advisory This update provides a compatible version of Unity Firefox Extension for Firefox 20. oval:org.secpod.oval:def:701379 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701138 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701135 tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Several security issues were fixed in Tomcat. oval:org.secpod.oval:def:701377 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701360 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701243 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701362 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701126 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701245 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701125 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701129 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701233 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language Ruby could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701358 ruby1.8: Object-oriented scripting language - ruby1.9.1: Object-oriented scripting language An attacker could trick Ruby into trusting a rogue server. oval:org.secpod.oval:def:701235 libxml2: GNOME XML library libxml2 could be made to hang if it received specially crafted input. oval:org.secpod.oval:def:701356 openssl: Secure Socket Layer cryptographic library and tools Applications could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701342 mesa: free implementation of the EGL API - mesa-lts-quantal: free implementation of the EGL API Mesa could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:701346 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701223 perl: Practical Extraction and Report Language Perl could be made to stop responding if it received specially crafted input. oval:org.secpod.oval:def:701345 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701228 openssl: Secure Socket Layer cryptographic library and tools Details: USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 was reverted in USN-1732-2 because of a regression. This update restores the security fix, and includes an extra fix from upstream to addres ... oval:org.secpod.oval:def:701349 curl: HTTP, HTTPS, and FTP client and client libraries libcurl could be made to crash or run programs as your login if it received specially crafted input. oval:org.secpod.oval:def:701211 thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory Thunderbird could be made to crash or run programs as your login. oval:org.secpod.oval:def:701453 linux: Linux kernel The system could be made to expose sensitive information to a local user. oval:org.secpod.oval:def:701456 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to expose sensitive information to a local user. oval:org.secpod.oval:def:701215 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701219 apache2: Apache HTTP server Several security issues were fixed in the Apache HTTP Server. oval:org.secpod.oval:def:701200 sudo: Provide limited super user privileges to specific users Sudo could be made to run programs as the administrator without a password prompt. oval:org.secpod.oval:def:701561 perl: Practical Extraction and Report Language Perl could be made to run programs if it processed a specially crafted Locale::Maketext templates. oval:org.secpod.oval:def:701209 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701208 openjdk-7: Open Source Java implementation Details: USN-1755-1 fixed vulnerabilities in OpenJDK 6. This update provides the corresponding updates for OpenJDK 7. Original advisory OpenJDK could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701539 libxfont: X11 font rasterisation library libXfont could be made to crash or run programs as an administrator if it opened a specially crafted font file. oval:org.secpod.oval:def:701520 gnupg: GNU privacy guard - a free PGP replacement GnuPG could expose sensitive information when performing decryption. oval:org.secpod.oval:def:701638 mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701512 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701634 php5: HTML-embedded scripting language interpreter PHP could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701635 file: Tool to determine file types File could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701514 samba: SMB/CIFS file, print, and login server for Unix Several security issues were fixed in Samba. oval:org.secpod.oval:def:701621 samba: SMB/CIFS file, print, and login server for Unix Samba did not properly enforce the password guessing protection mechanism. oval:org.secpod.oval:def:701299 gnutls26: GNU TLS library GnuTLS could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701618 apache2: Apache HTTP server Apache HTTP server could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701616 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701611 sudo: Provide limited super user privileges to specific users Several security issues were fixed in Sudo. oval:org.secpod.oval:def:701615 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701289 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701959 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701954 libxfont: X11 font rasterisation library Several security issues were fixed in libXfont. oval:org.secpod.oval:def:701943 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:701374 gnupg: GNU privacy guard - a free PGP replacement - libgcrypt11: LGPL Crypto library - runtime library GnuPG and Libgcrypt could be made to expose sensitive information. oval:org.secpod.oval:def:701935 tiff: Tag Image File Format library LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701137 qemu-kvm: Machine emulator and virtualizer QEMU could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:701378 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701128 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement GnuPG could be made to corrupt the keyring if it imported a specially crafted key. oval:org.secpod.oval:def:701470 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701590 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701237 bind9: Internet Domain Name Server Bind could be made to consume memory or crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701584 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701104 gimp: The GNU Image Manipulation Program GIMP could be made to crash or run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:701588 file: Tool to determine file types File could be made to crash if it processed a specially crafted file. oval:org.secpod.oval:def:701348 subversion: Advanced version control system Several security issues were fixed in Subversion. oval:org.secpod.oval:def:701469 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701450 eglibc: GNU C Library Several security issues were fixed in the GNU C Library. oval:org.secpod.oval:def:701214 php5: HTML-embedded scripting language interpreter PHP could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701440 vino: VNC server for GNOME Vino could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:701446 gnupg: GNU privacy guard - a free PGP replacement - gnupg2: GNU privacy guard - a free PGP replacement Several security issues were fixed in GnuPG. oval:org.secpod.oval:def:701202 gnutls26: GNU TLS library - gnutls13: GNU TLS library GnuTLS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701449 xorg-server: X.Org X11 server - xorg-server-lts-quantal: X.Org X11 server - xorg-server-lts-raring: X.Org X11 server The X.Org X server could be made to crash or run programs as an administrator if it received specially crafted input. oval:org.secpod.oval:def:701543 bind9: Internet Domain Name Server Bind could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701549 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:701426 samba: SMB/CIFS file, print, and login server for Unix Samba could be made to hang if it received specially crafted network traffic. oval:org.secpod.oval:def:701547 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701521 libjpeg-turbo: library for handling JPEG files - libjpeg6b: library for handling JPEG files libjpeg and libjpeg-turbo could be made to expose sensitive information. oval:org.secpod.oval:def:701515 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701513 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701329 dbus: simple interprocess messaging system DBus could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701344 swift: OpenStack distributed virtual object store Multiple security issues were fixed in OpenStack Swift. oval:org.secpod.oval:def:701083 lynx-cur: Text-mode WWW Browser with NLS support Two security issues were fixed in Lynx. oval:org.secpod.oval:def:701244 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701247 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701641 net-snmp: SNMP server and applications Net-SNMP could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:701516 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:701620 openssh: secure shell for secure access to remote machines OpenSSH incorrectly handled environment restrictions with wildcards. oval:org.secpod.oval:def:701490 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:701491 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:701498 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701591 gnutls26: GNU TLS library Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701587 gnutls26: GNU TLS library GnuTLS incorrectly validated certain intermediate certificates. oval:org.secpod.oval:def:701624 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701948 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701583 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:701564 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701550 nss: Network Security Service library NSS could be made to expose sensitive information over the network. oval:org.secpod.oval:def:701185 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701182 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701293 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701272 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701271 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701155 inkscape: vector-based drawing program Several security issues were fixed in Inkscape. oval:org.secpod.oval:def:701139 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701122 linux-ti-omap4: Linux kernel for OMAP4 The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701118 linux: Linux kernel The system could be made to crash under certain conditions. oval:org.secpod.oval:def:701222 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701226 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701333 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701338 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701303 linux: Linux kernel The system could be made to crash or run programs as an administrator if it received specially crafted network traffic. oval:org.secpod.oval:def:701168 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database PostgreSQL could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:701240 postgresql-9.1: Object-relational SQL database - postgresql-8.4: Object-relational SQL database - postgresql-8.3: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:701396 php5: HTML-embedded scripting language interpreter Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. oval:org.secpod.oval:def:701292 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701282 linux: Linux kernel The system could be made to run programs as an administrator. oval:org.secpod.oval:def:701260 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:701364 openjdk-7: Open Source Java implementation Several security issues were fixed in OpenJDK 7. oval:org.secpod.oval:def:701363 icedtea-web: A web browser plugin to execute Java applets Details: USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7. Original advisory IcedTea Web updated to work with new OpenJDK 7. oval:org.secpod.oval:def:701058 openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation Several security issues were fixed in OpenJDK. oval:org.secpod.oval:def:701136 openjdk-7: Open Source Java implementation OpenJDK 7 could be made to crash or run programs as your login if it opened a specially crafted Java applet. oval:org.secpod.oval:def:701053 python3.2: Interactive high-level object-oriented language Several security issues were fixed in Python 3.2. oval:org.secpod.oval:def:701589 python2.7: An interactive high-level object-oriented language - python3.3: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language - python2.6: An interactive high-level object-oriented language Python could be made to crash or run programs ... oval:org.secpod.oval:def:701441 python2.7: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:701445 python3.3: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:701443 python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:701531 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701649 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701402 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701406 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701527 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701646 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701600 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701603 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701393 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701390 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701493 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701496 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701478 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701477 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701571 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701572 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701430 linux: Linux kernel Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701669 linux: Linux kernel The system could be made to crash or run programs as an administrator. oval:org.secpod.oval:def:701428 linux-ti-omap4: Linux kernel for OMAP4 Several security issues were fixed in the kernel. oval:org.secpod.oval:def:701060 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701146 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701468 mysql-5.5: MySQL database - mysql-dfsg-5.1: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:701103 mysql-5.5: MySQL database - mysql-5.1: MySQL database - mysql-dfsg-5.1: MySQL database MySQL could be made to run programs if it received specially crafted network traffic from an authenticated user. oval:org.secpod.oval:def:701413 hplip: HP Linux Printing and Imaging System HPLIP could be tricked into bypassing polkit authorizations. oval:org.secpod.oval:def:701439 hplip: HP Linux Printing and Imaging System HPLIP could be made to overwrite files. oval:org.secpod.oval:def:701546 hplip: HP Linux Printing and Imaging System Several security issues were fixed in HPLIP. |