SuSE Essential and Critical Security Patch Updates - Page 790

SuSE: 2010-015: Mozilla Firefox Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues. On openSUSE 11.0 and 11.1 Mozilla Firefox was updated to version 3.0.18. On openSUSE 11.2 Mozilla Seamonkey was updated to version 2.0.2. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla dev [More...]

LinuxSecurity.com Team
Mar 04, 2010

SuSE: 2010-014: Linux kernel Security Update

The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel were updated to 2.6.27.45 fixing The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel were updated to 2.6.27.45 fixing various bugs and security issues. various bugs and security issues. CVE-2010-0622: The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Pr [More...]

LinuxSecurity.com Team
Mar 03, 2010

SuSE: Weekly Summary 2010:005

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LinuxSecurity.com Team
Feb 23, 2010

SuSE: 2010-013: Linux kernel Security Update

This update fixes various security issues and some bugs in the SUSE This update fixes various security issues and some bugs in the SUSE Linux Enterprise 9 kernel. Linux Enterprise 9 kernel. CVE-2009-4005: The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a b [More...]

LinuxSecurity.com Team
Feb 18, 2010

SuSE: Weekly Summary 2010:004

LinuxSecurity.com Team
Feb 16, 2010

SuSE: 2010-012: Linux kernel Security Update

This kernel update for openSUSE 11.0 fixes some bugs and several This kernel update for openSUSE 11.0 fixes some bugs and several security problems. security problems. The following security issues are fixed: CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a [More...]

LinuxSecurity.com Team
Feb 15, 2010

SuSE: 2010-011: postfix Security Update

The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix The value of SMTPD_LISTEN_REMOTE accidentally defaulted to 'yes'. The postfix smtp daemon therefore was reachable over the network by default. smtp daemon therefore was reachable over the network by default. This update resets the value to 'no' in /etc/sysconfig/mail. If you intentionally want postfix to listen for remot [More...]

LinuxSecurity.com Team
Feb 15, 2010

SuSE: Weekly Summary 2010:003

LinuxSecurity.com Team
Feb 09, 2010

SuSE: 2010-010: Linux kernel Security Update

This update of the openSUSE 11.2 kernel brings the kernel to version This update of the openSUSE 11.2 kernel brings the kernel to version 2.6.31.12 and contains a lot of bug and security fixes. 2.6.31.12 and contains a lot of bug and security fixes. CVE-2010-0299: The permission of the devtmpfs root directory was incorrectly 1777 (instead of 755). If it was used, local attackers could escalate pr [More...]

LinuxSecurity.com Team
Feb 08, 2010

SuSE: 2010-009: Linux kernel Security Update

The SUSE Linux Enterprise 10 SP 2 kernel was updated to fix various The SUSE Linux Enterprise 10 SP 2 kernel was updated to fix various bugs and some security issues. bugs and some security issues. Following security issues were fixed: CVE-2009-3556: Two sysfs files in the qla2xxx driver were world writable, so users could change SCSI attributes of the qla2xxx driver.

LinuxSecurity.com Team
Feb 05, 2010

SuSE: Weekly Summary 2010:002

LinuxSecurity.com Team
Feb 01, 2010

SuSE: 2010-008: acoread Security Update

Specially crafted PDF files could crash acroread. Attackers could Specially crafted PDF files could crash acroread. Attackers could potentially exploit that to execute arbitrary code (CVE-2009-3953, potentially exploit that to execute arbitrary code (CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324). Acrobat reader was updated [More...]

LinuxSecurity.com Team
Jan 26, 2010

SuSE: 2010-007: Linux kernel Security Update

This update fixes various bugs and some security issues in the SUSE Linux This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. Enterprise 10 SP 3 kernel. Following security issues were fixed: CVE-2009-4536: drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel handles Ethernet frames that exceed the MTU by processing certain trailin [More...]

LinuxSecurity.com Team
Jan 22, 2010

SuSE: Weekly Summary 2010:001

LinuxSecurity.com Team
Jan 19, 2010

SuSE: 2010-006: krb5 Security Update

Specially crafted AES and RC4 packets could allow unauthenticated Specially crafted AES and RC4 packets could allow unauthenticated remote attackers to trigger an integer underflow that leads to heap memory remote attackers to trigger an integer underflow that leads to heap memory corruption (CVE-2009-4212). Remote attackers could potentially exploit that to execute arbitrary code. openSUSE 11.2 [More...]

LinuxSecurity.com Team
Jan 19, 2010

SuSE: 2010-005: Linux kernel Security Update

The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel was updated to 2.6.27.42 fixing various bugs and security issues. 2.6.27.42 fixing various bugs and security issues. Following security issues were fixed: CVE-2009-4536: A underflow in the e1000 jumbo Ethernet frame handling could be use by link-local remote attackers to cras [More...]

LinuxSecurity.com Team
Jan 15, 2010

SuSE: 2010-004: IBM Java 6 security update Security Update

IBM Java 6 was updated to Service Refresh 7. IBM Java 6 was updated to Service Refresh 7. The following security issues were fixed: CVE-2009-3876 CVE-2009-3877: A vulnerability in the Java Runtime Environment with decoding DER encoded data might allow a remote client to cause the JRE to crash, resulting in a denial of service condition.

LinuxSecurity.com Team
Jan 12, 2010

SuSE: 2010-003: IBM Java 1.4.2 Security Update

IBM Java 1.4.2 was updated to 13 FP3. IBM Java 1.4.2 was updated to 13 FP3. The following security issues were fixed: CVE-2009-3867: A buffer overflow vulnerability in the Java Runtime Environment audio system might allow an untrusted applet or Java Web Start application to escalate privileges. For example, an untrusted applet might grant itself permissions to read and write local files, or run l [More...]

LinuxSecurity.com Team
Jan 12, 2010

SuSE: Weekly Summary 2009:020

LinuxSecurity.com Team
Jan 12, 2010

SuSE: 2010-002: IBM Java 5 Security Update

IBM Java 5 was updated to Service Refresh 11. It fixes lots of bugs IBM Java 5 was updated to Service Refresh 11. It fixes lots of bugs and security issues. and security issues. This included a timezone update to 1.6.9s (with the latest Fiji change). CVE-2009-3876 / CVE-2009-3877: A vulnerability in the Java Runtime Environment with decoding DER encoded data might allow a remote client

LinuxSecurity.com Team
Jan 12, 2010