[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 5609 Download | Alert*

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs . Security Fix: * nodejs: HTTP2 "unknownProtocol" cause DoS by resource exhaustion * nodejs: DNS rebinding in --inspect For more details about the security issue, including the impact, ...

Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. The following packages have been upgraded to a later upstream version: tigervnc . Security Fix: * tigervnc: c ...

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. * It was discovered that the LDAPCertStore class in the JNDI component of Op ...

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: * Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. * It was discovered that the LDAPCertStore class in the JNDI component of Op ...

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. * It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely ...

The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: * A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. * It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely ...

libxslt is a library for transforming XML files into other textual formats using the standard XSLT stylesheet transformation mechanism. Security Fix: * libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL * libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure For more details about the security issue, including the impact, a CV ...

The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies . Security Fix: * libsepol: use-after-free in __cil_verify_classperms * libsepol: use-after-free in __cil_verify_classperms * libsepol: use-after-free in cil_res ...

FreeRDP is a free implementation of the Remote Desktop Protocol , released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix: * freerdp: improper client input validation for gateway connections allows to overwrite memory * freerdp: improper region checks in all clients allow out of bound write to memory ...

BIND is an implementation of the DNS protocols. A flaw was discovered in the way BIND checked the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks. For users of Red Hat Enterprise Linux 3 this update also addresses a bug which can cause BIND ...


Pages:      Start    289    290    291    292    293    294    295    296    297    298    299    300    301    302    ..   560

© SecPod Technologies