SuSE Essential and Critical Security Patch Updates - Page 807

Find the information you need for your favorite open source distribution .

SuSE: 2004-011: Live CD 9.1 Security Update

SuSE: 2004-011: Live CD 9.1 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The freshly released SUSE LINUX 9.1 comes in two variants:* SUSE LINUX 9.1 Professional (5 CD-ROMs, 2 double sided DVDs, printed manuals, for Intel i386 32Bit platform and 1 DVD for the AMD 64Bit platform) * SUSE LINUX 9.1 Personal (2 CD-ROMs: 1 installable CD-ROM, 1 Live CD-ROM for running SUSE LINUX on your PC without actually installing the system.)This SUSE Security Announcement targets the [More...]

SuSE: 2004-010: kernel Security Update

SuSE: 2004-010: kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Various vulnerabilities have been fixed in the newly available kernel Various vulnerabilities have been fixed in the newly available kernel updates. The updates consist of fixes for the following vulnerabilities: updates. The updates consist of fixes for the following vulnerabilities: - The do_fork() memory leak, which could lead to a local DoS attack.All kernels except for SLES7 are affected [More...]

SuSE: 2004-008: cvs Security Update

SuSE: 2004-008: cvs Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. During the analyzation of the CVS protocol and their implementation, the SuSE Security Team discovered a flaw within the handling of pathnames. Evil CVS s [More...]

SuSE: 2004-009: Linux Kernel Security Update

SuSE: 2004-009: Linux Kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggered locally by mounting removable media that [More...]

SuSE: 2004-007: openssl Security Update

SuSE: 2004-007: openssl Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. and Transport Layer Security (TLS v1) protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications that use the openssl library. The first bug occurs during [More...]

SuSE: 2004-006: xf86/XFree86 Security Update

SuSE: 2004-006: xf86/XFree86 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

XFree86 is an open-source X Window System implementation that acts XFree86 is an open-source X Window System implementation that acts as a client-server-based API between different hardware components as a client-server-based API between different hardware components like display, mouse, keyboard and so on. Several buffer overflows were found in the fontfile code that handles a user-supplie [More...]

SuSE: 2004-005: Linux Kernel Security Update

SuSE: 2004-005: Linux Kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Another bug in the Kernel's do_mremap() function, which is unrelated to Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. The do_mremap() function of the Linux Kernel is used to manage Virtual Memory Areas (VMAs) which includes moving, removing a [More...]

SuSE: 2004-004: gaim Security Update

SuSE: 2004-004: gaim Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Gaim is a multi-protocol instant-messaging client. Stefan Esser found Gaim is a multi-protocol instant-messaging client. Stefan Esser found 12 vulnerabilities in gaim that can lead to a remote system compromise 12 vulnerabilities in gaim that can lead to a remote system compromise with the privileges of the user running GAIM. The GAIM package that SUSE LINUX ships is affected by just two of [More...]

SuSE: 2004-003: Linux Kernel Security Update

SuSE: 2004-003: Linux Kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The do_mremap() function of the Linux Kernel is used to manage The do_mremap() function of the Linux Kernel is used to manage (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect bounds check in do_mremap() during the remapping of memory it is possible to create a VMA with the size of 0. In normal opera [More...]

SuSE: 2004-002: tcpdump Security Update

SuSE: 2004-002: tcpdump Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Tcpdump is a well known tool for administrators to analyze network Tcpdump is a well known tool for administrators to analyze network traffic. traffic. There is a bug in the tcpdump code responsible for handling ISAKMP messages. This bug allows remote attackers to destroy a current tcpdump session by tricking the tcpdump program with evil ISAKMP messages to enter an endless loop.

SuSE: 2004-001: Linux Kernel Security Update

SuSE: 2004-001: Linux Kernel Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The do_mremap() function of the Linux Kernel is used to manage The do_mremap() function of the Linux Kernel is used to manage (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect bounds check in do_mremap() during the remapping of memory it is [More...]

SuSE: 2003-051: lftp Security Update

SuSE: 2003-051: lftp Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The the flexible and powerful FTP command-line client lftp is vulnerable The the flexible and powerful FTP command-line client lftp is vulnerable to two remote buffer overflows. to two remote buffer overflows. When using lftp via HTTP or HTTPS to execute commands like 'ls' or 'rels' [More...]

SuSE: 2003-050: rsync Security Update

SuSE: 2003-050: rsync Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The rsync suite provides client and server tools to easily support an The rsync suite provides client and server tools to easily support an administrator keeping the files of different machines in sync. administrator keeping the files of different machines in sync. In most private networks the rsync client tool is used via SSH to fulfill [More...]

SuSE: 2003-049: Kernel brk() vulnerability Security Update

SuSE: 2003-049: Kernel brk() vulnerability Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This security update fixes a serious vulnerability in the Linux This security update fixes a serious vulnerability in the Linux kernel. A missing bounds check in the brk() system call allowed kernel. A missing bounds check in the brk() system call allowed processes to request memory beyond the maximum size allowed for tasks, causing kernel memory to be mapped into the process' address spac [More...]

SuSE: 2003-048: gpg Security Update

SuSE: 2003-048: gpg Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The gnupg (the SUSE package is named gpg) package is the most widelyThe gnupg (the SUSE package is named gpg) package is the most widely used software for cryptographic encryption/decryption of data. used software for cryptographic encryption/decryption of data. Two independent errors have been found in gpg (GnuPG) packages as shipped with SUSE products: A) A format string error in the clie [More...]

SuSE: 2003-047: bind8 Security Update

SuSE: 2003-047: bind8 Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To resolve IP addresses to host and domain names and vice versa the To resolve IP addresses to host and domain names and vice versa the DNS service needs to be consulted. The most popular DNS software is DNS service needs to be consulted. The most popular DNS software is the BIND8 and BIND9 suite. The BIND8 code is vulnerable to a remote denial-of-service attack by poisoning the cache with a [More...]

SuSE: 2003-046: sane Security Update

SuSE: 2003-046: sane Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The sane (Scanner Access Now Easy) package provides access to scanners The sane (Scanner Access Now Easy) package provides access to scanners either locally or remotely over the network. either locally or remotely over the network. Several bugs in sane were fixed to avoid remote denial-of-service attacks. These attacks can even be executed if the remote attacker is not allowed to access th [More...]

SuSE: 2003-045: hylafax Security Update

SuSE: 2003-045: hylafax Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Hylafax is an Open Source fax server which allows sharing of fax Hylafax is an Open Source fax server which allows sharing of fax equipment among computers by offering its service to clients by equipment among computers by offering its service to clients by a protocol similar to FTP. The SuSE Security Team found a format bug condition during a code review of the hfaxd server. It allows remo [More...]

SuSE: 2003-044: thttpd Security Update

SuSE: 2003-044: thttpd Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two vulnerabilities were found in the "tiny" web-server thttpd. Two vulnerabilities were found in the "tiny" web-server thttpd. The first bug is a buffer overflow that can be exploited remotely The first bug is a buffer overflow that can be exploited remotely to overwrite the EBP register of the stack. Due to memory-alignment of the stack done by gcc 3.x this bug can not be exploited. All th [More...]

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved