Tuesday's security advisories

by
ris
from LWN.net on (#CX5D)

CentOS has updated postgresql (C7; C6:multiple vulnerabilities) and xerces-c (C7:denial of service).

Debian has updated unattended-upgrades (authentication bypass).

Debian-LTS has updated aptdaemon (information leak), hostapd (denial of service), jqueryui (cross-site scripting), and shibboleth-sp2 (denial of service).

Fedora has updated chicken (F22; F21:out-of-bounds read), openvas-cli (F21: sqlinjection), openvas-libraries (F21: sqlinjection), openvas-manager (F21: sqlinjection), openvas-scanner (F21: sqlinjection), php-htmLawed (F22; F21: multiple vulnerabilities), postgresql (F21: multiple vulnerabilities),python-jwt (F22; F21: token verification bypass),rubygem-jquery-rails (F22; F21: CSRF vulnerability), and rubygem-web-console (F22: code execution).

Oracle has updated postgresql (OL7; OL6:multiple vulnerabilities) and xerces-c(OL7: denial of service).

Red Hat has updated kernel(RHEL6.5: two vulnerabilities), openssl(RHEL5: multiple vulnerabilities), postgresql (RHEL6,7: multiplevulnerabilities), postgresql92-postgresql(RHSCL2: multiple vulnerabilities), rh-postgresql94-postgresql (RHSCL2: multiplevulnerabilities), and xerces-c (RHEL7: denial of service).

Scientific Linux has updated nss(SL6,7: cipher-downgrade attacks), postgresql (SL6,7: multiple vulnerabilities),and xerces-c (SL7: denial of service).

SUSE has updated java-1_6_0-ibm(SLEM12: multiple vulnerabilities).

Ubuntu has updated oxide-qt(15.04, 14.10, 14.04: multiple vulnerabilities) and unattended-upgrades (15.04, 14.10, 14.04,12.04: authentication bypass).

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments