Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 ... 2062 ) Next »
Debian alert: New version of dump released.
This has been fixed in version 0.4b9-0slink1. We recommend you upgrade
your dump package immediately.
Red Hat alert: new initscripts packages available
One security bug and several functionality bugs have been fixed in a
new release of initscripts.
Slackware alert: Security Fixes for Slackware 4.0 Available
There are several security updates available for Slackware 4.0. These
patches should work on any libc5 Slackware system, but we have not tested
them on each of the previous releases.
SuSE alert: inn
The Inter Net News server inn does not do proper bounds checking.
SuSE alert: new security tools
Tools developed by SuSE (all open source) and included in SuSE 6.3 :
SuSE alert: syslogd (a1)
The syslogd server uses a Unix Domain stream socket (/dev/log) for receiving local log messages via syslog(3). Unix Domain stream sockets are non connection-less, that means, that one process is needed to serve one client.
Debian alert: New version of bind released
This has been fixed in version 8.2.5p5-0slink1, and we
recommend that you upgrade your bind package immediately.
SuSE alert: bind
Several vulnerabilities were found within bind4 and bind8.
SuSE alert: nfs-server
The rpc.nfsd which is part of the nfs-server package was found to have two remote vulnerabilities.
Debian alert: New version of nfs-server fixes remote exploit
This has been addressed in version 2.2beta37-1slink.1, and we recommend you
upgrade your nfs-server package immediately.
Debian alert: New version of proftpd fixes remote exploits
Please not that this is not meant to be an exhaustive list.
Red Hat alert: new initscripts available (/tmp problems)
One security bug and several functionality bugs have been fixed in a
new release of initscripts.
Debian alert: New versions of lpr released
This has been fixed in version 0.46-1-0slink1. We recommend you upgrade
your lpr package immediately.
Red Hat alert: security problems with ypserv
The ypserv package, which contains the ypserv NIS server
and the yppasswdd password-change server, has been discovered
to have security holes.
Debian alert: New version of nis released
This has been fixed in version 3.5-2. We recommend you upgrade your nis
package immediately.
Red Hat alert: File access problems in lpr/lpd
There are potential problems with file access checking in
the lpr and lpd programs. These could allow users to
potentially print files they do not have access to. Also,
there are bugs in remote printing in the lpd that shipped
with Red Hat Linux 6.1.
SuSE alert: ypserv
The package ypserv is the former "yellow pages", now called NIS information service, which is used for e.g. central network user account management. Several vulnerability exists: ypserv prior 1.3.9 allows an administrator in the NIS domain to inject password tables; rpc.yppasswd prior 1.3.6.92 has got a buffer overflow in the md5 hash generation [SuSE linux is unaffected by this, other linux falvors are]; rpc.yppasswdd prior 1.3.9 allows users to change GECO and login shell values of other users.
Slackware alert: CA-99-13: minimal fix for Slackware 3.5 through 4.0
An alternative minimal fix is available for Slackware versions 3.5,
3.6, 3.9, and 4.0. Users can download this and run "installpkg" on
it to upgrade the FTP server.
Slackware alert: CA-99-13: wu-ftpd upgrade available
The recent CERT advisory reporting multiple vulnerabilities in WU-FTPD
affects Slackware-current and Slackware-4.0. Here is the advisory that
CERT released:
Red Hat alert: screen defaults to not using Unix98 ptys
Screen uses ptys with world read/write permissions.
« Previous ( 1 ... 2052 2053 2054 2055 2056 2057 2058 2059 2060 2061 ... 2062 ) Next »