SuSE Essential and Critical Security Patch Updates - Page 793

SuSE: 2009-033: Linux kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update of the Linux kernel for SUSE Linux Enterprise Server 9 This update of the Linux kernel for SUSE Linux Enterprise Server 9 SP4 contains various bug- and two security-fixes. SP4 contains various bug- and two security-fixes. The following security vulnerabilities have been fixed: CVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request [More...]

LinuxSecurity.com Team
Jun 16, 2009

SuSE: Weekly Summary 2009:011

To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]

LinuxSecurity.com Team
Jun 09, 2009

SuSE: 2009-032: Linux kernel Security Update

This Linux kernel update for SUSE Linux Enterprise 11 and openSUSE This Linux kernel update for SUSE Linux Enterprise 11 and openSUSE 11.1 fixes lots of bugs and some security issues. The kernel was also 11.1 fixes lots of bugs and some security issues. The kernel was also updated to the 2.6.27.23 stable release. Following security issues have been fixed: CVE-2009-1439: Buffer overflow in fs/cifs [More...]

LinuxSecurity.com Team
Jun 09, 2009

SuSE: 2009-031: Linux kernel Security Update

This kernel update for openSUSE 11.0 fixes some bugs and several This kernel update for openSUSE 11.0 fixes some bugs and several security problems. security problems. The following security issues are fixed: CVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to remotely execute co [More...]

LinuxSecurity.com Team
Jun 09, 2009

SuSE: 2009-030: Linux kernel Security Update

This kernel update for openSUSE 10.3 fixes some bugs and several This kernel update for openSUSE 10.3 fixes some bugs and several security problems. security problems. The following security issues are fixed: CVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the

LinuxSecurity.com Team
Jun 08, 2009

SuSE: 2009-029: IBM Java 5 Security Update

The update brings IBM Java 5 to SR9-SSU. The update brings IBM Java 5 to SR9-SSU. It fixes a lot of security issues: CVE-2009-1100: A vulnerability in the Java Runtime Environment (JRE) with storing temporary font files may allow an untrusted applet or application to consume a disproportionate amount of disk space resulting in a denial-of-service condition.

LinuxSecurity.com Team
May 25, 2009

SuSE: 2009-028: Linux kernel Security Update

The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was updated to fix various security issues and several bugs. updated to fix various security issues and several bugs. Following security issues were fixed: CVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) [More...]

LinuxSecurity.com Team
May 20, 2009

SuSE: 2009-027: Acrobat Reader Security Update

The Adobe Acrobat Reader "acroread" received fixes for two The Adobe Acrobat Reader "acroread" received fixes for two vulnerabilities in the JavaScript API that allowed attackers vulnerabilities in the JavaScript API that allowed attackers to execute arbitrary code with a malformed PDF file. (CVE-2009-1492,CVE-2009-1493) 2) Solution or Work-Around

LinuxSecurity.com Team
May 20, 2009

SuSE: Weekly Summary 2009:010

LinuxSecurity.com Team
May 12, 2009

SuSE: 2009-026: glib2 Security Update

The advisory was resent because the previous one contained the wrong The advisory was resent because the previous one contained the wrong Announcement ID. Announcement ID. The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network

LinuxSecurity.com Team
Apr 24, 2009

SuSE: 2009-025: glib2 Security Update

The code library glib2 provides base64 encoding and decoding functions The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely t [More...]

LinuxSecurity.com Team
Apr 24, 2009

SuSE: 2009-025: udev local root exploit Security Update

This update fixes a local privilege escalation in udev. We previously This update fixes a local privilege escalation in udev. We previously released these updates and the advisory as SUSE-SA:2009:020 on released these updates and the advisory as SUSE-SA:2009:020 on April 16. Due to a mistake the patch fixing the security problem was not applied to the udev package, and we did not spot this during [More...]

LinuxSecurity.com Team
Apr 22, 2009

SuSE: 2009-024: cups Security Update

The Common Unix Printing System, CUPS, is a printing server for unix-like The Common Unix Printing System, CUPS, is a printing server for unix-like operating systems. It allows a local user to print documents as well as operating systems. It allows a local user to print documents as well as remote users via port 631/tcp. There were two security vulnerabilities fixed in cups. The first one can be [More...]

LinuxSecurity.com Team
Apr 22, 2009

SuSE: Weekly Summary 2009:009

LinuxSecurity.com Team
Apr 21, 2009

SuSE: 2009-023: Mozilla Firefox 2 Security Update

The Mozilla Firefox Browser was refreshed to the current MOZILLA_1_8 The Mozilla Firefox Browser was refreshed to the current MOZILLA_1_8 branch state around fix level 2.0.0.22, backporting various security branch state around fix level 2.0.0.22, backporting various security fixes from the Firefox 3.0.8 browser version. Security issues identified as being fixed are: MFSA 2009-01 / CVE-2009-0352 / [More...]

LinuxSecurity.com Team
Apr 20, 2009

SuSE: 2009-022: Mozilla Firefox 3 Security Update

The Mozilla Firefox Browser was updated to the 3.0.8 release. It The Mozilla Firefox Browser was updated to the 3.0.8 release. It fixes two critical security issues: fixes two critical security issues: MFSA 2009-13 / CVE-2009-1044: Security researcher Nils reported via TippingPoint's Zero Day Initiative that the XUL tree method _moveToEdgeShift was in some cases triggering garbage collection rout [More...]

LinuxSecurity.com Team
Apr 20, 2009

SuSE: 2009-019: krb5 Security Update

The Kerberos implementation from MIT is vulnerable to four The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to different security issues that range from a remote crash to to possible, but very unlikely, remote code execution. - CVE-2009-0844: The SPNEGO GSS-API implementation can readbeyond the end of a buffer (network input) which [More...]

LinuxSecurity.com Team
Apr 08, 2009

SuSE: 2009-018: IBM Java 1.4.2 and 6 Security Update

The IBM Java 1.4.2 JDK and JRE were brought to Service Release 13 The IBM Java 1.4.2 JDK and JRE were brought to Service Release 13 and the IBM JDK and JRE 6 were brought to Service Release 4. and the IBM JDK and JRE 6 were brought to Service Release 4. These updates fix lots of bugs and various security issues: CVE-2008-5350: A security vulnerability in the Java Runtime Environment (JRE) may al [More...]

LinuxSecurity.com Team
Apr 07, 2009

SuSE: Weekly Summary 2009:008

LinuxSecurity.com Team
Apr 06, 2009

SuSE: 2009-017: Linux kernel Security Update

The Linux kernel for SUSE Linux Enterprise 10 Service Pack 2 was The Linux kernel for SUSE Linux Enterprise 10 Service Pack 2 was updated to fixes various bugs and several security issues. updated to fixes various bugs and several security issues. Following security issues were fixed: CVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel permits SKFP_CLR_STATS re [More...]

LinuxSecurity.com Team
Apr 03, 2009