Showing all newswire headlines

View by date, instead?

« Previous ( 1 ... 7360 7361 7362 7363 7364 7365 7366 7367 7368 7369 7370 ... 7440 ) Next »

Red Hat alert: Updated Pan packages fix denial of service vulnerability

  • Mailing list (Posted by dave on Nov 23, 2003 11:53 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated Pan packages that close a denial of service vulnerability are now available.

Red Hat alert: Updated stunnel packages available

  • Mailing list (Posted by dave on Nov 23, 2003 11:46 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated stunnel packages are now available for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 systems. These updates address problems stemming from improper use of non-reentrant functions in signal handlers.

Red Hat alert: Updated iproute packages fix local security vulnerability

  • Mailing list (Posted by dave on Nov 23, 2003 11:40 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated iproute packages that close a locally-exploitable denial of service vulnerability are now available.

Red Hat alert: Updated EPIC packages fix security vulnerability

  • Mailing list (Posted by dave on Nov 23, 2003 11:25 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated EPIC packages which fix an exploitable buffer overflow vulnerability are now available.

The Big freedesktop.org Interview

  • OSnews (Posted by dave on Nov 23, 2003 8:00 PM EDT)
  • Story Type: News Story
Today we are very happy to publish a very interesting Q&A with major freedesktop.org members: the founder Havoc Pennington (also of Debian, Gnome and Red Hat fame), Waldo Bastian (of SuSE & KDE fame), Keith Packard and Jim Gettys (of X/XFree86/fontconfig/w3c fame) and David Zeuthen, a new member who's taking over the ambitious HAL project.

Debian alert: Some Debian Project machines have been compromised

  • Mailing list (Posted by dave on Nov 21, 2003 7:46 AM EDT)
  • Story Type: Security; Groups: Debian
This is a very unfortunate incident to report about. Some Debian servers were found to have been compromised in the last 30 hours.

Q&A with Sun's Product Team on Java Desktop System

  • OSnews (Posted by dave on Nov 20, 2003 8:00 PM EDT)
  • Story Type: News Story; Groups: Sun
OSNews sent over to Sun Microsystems ten questions for a Q&A session with Sun's product team working on Java Desktop System. Read more for the full Q&A.

Mandrake alert: Updated glibc packagess fix vulnerabilities

A bug was discovered in the getgrouplist function in glibc that can cause a buffer overflow if the size of the group list is too small to hold all the user's groups. This overflow can cause segementation faults in various user applications, some of which may lead to additional security problems. The problem can only be triggered if the user is in a larger number of groups than expected by an application.

Red Hat alert: Updated XFree86 packages provide security and bug fixes

  • Mailing list (Posted by dave on Nov 18, 2003 10:57 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated XFree86 packages for Red Hat Linux 9 provide security fixes to font libraries and XDM.

SuSE alert: sane

  • Mailing list (Posted by dave on Nov 18, 2003 6:27 AM EDT)
  • Story Type: Security; Groups: SUSE
The sane (Scanner Access Now Easy) package provides access to scanners either locally or remotely over the network.

Debian alert: New minimalist package fixes remote command execution

  • Mailing list (Posted by dave on Nov 16, 2003 11:25 PM EDT)
  • Story Type: Security; Groups: Debian
A security-related problem has been discovered in minimalist, a mailing list manager, which allows a remote attacker to execute arbitrary commands.

Debian alert: New hylafax packages fix remote root exploit

  • Mailing list (Posted by dave on Nov 16, 2003 11:07 PM EDT)
  • Story Type: Security; Groups: Debian
The SuSE Security Team discovered several exploitable formats string vulnerabilities in hylafax, a flexible client/server fax system, which could lead to executing arbitrary code as root on the fax server.

Fedora Core 1 Update: glibc-2.3.2-101.1

Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0859 to this issue.

Red Hat alert: Updated glibc packages provide security and bug fixes

  • Mailing list (Posted by dave on Nov 13, 2003 12:20 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated glibc packages that resolve vulnerabilities and address several bugs are now available.

Red Hat alert: Updated zebra packages fix security vulnerabilities

  • Mailing list (Posted by dave on Nov 12, 2003 11:35 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated zebra packages that close a locally-exploitable and a remotely-exploitable denial of service vulnerability are now available.

Red Hat alert: Updated PostgreSQL packages fix buffer overflow

  • Mailing list (Posted by dave on Nov 12, 2003 11:35 PM EDT)
  • Story Type: Security; Groups: Red Hat
Updated PostgreSQL packages that correct a buffer overflow in the to_ascii routines are now available.

Mandrake alert: Updated fileutils and coreutils packages fix vulnerabilities

A memory starvation denial of service vulnerability in the ls program was discovered by Georgi Guninski. It is possible to allocate a huge amount of memory by specifying certain command-line arguments. It is also possible to exploit this remotely via programs that call ls such as wu-ftpd (although wu-ftpd is no longer shipped with Mandrake Linux).

Red Hat alert: Updated glibc packages provide security and bug fixes

  • Mailing list (Posted by dave on Nov 12, 2003 7:30 AM EDT)
  • Story Type: Security; Groups: Red Hat
Updated glibc packages that resolve vulnerabilities and address several bugs are now available.

Mozilla Links Newsletter - 6 - November 11, 2003

On our last issue we asked which e-mail application (client) you used to read this newsletter. A surprising 20% of respondants said they use another e-mail client besides Mozilla, Microsoft Outlook, Opera and Eudora and I wonder which could it be. So if you answer or use another e-mail application, let us know which is it, and we will share those names with other readers.

Debian alert: New omega-rpg packages fix local games exploit

  • Mailing list (Posted by dave on Nov 11, 2003 2:03 AM EDT)
  • Story Type: Security; Groups: Debian
Steve Kemp discovered a buffer overflow in the commandline and environment variable handling of omega-rpg, a text-based rogue-style game of dungeon exploration, which could lead a local attacker to gain unauthorised access to the group games.

« Previous ( 1 ... 7360 7361 7362 7363 7364 7365 7366 7367 7368 7369 7370 ... 7440 ) Next »