USN-1263-1 caused a regression when using OpenJDK 6’s SSL/TLS
implementation ...
Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed ...
Synopsis
Critical: firefox security update
Type/Severity
Security Advisory: Critical
Topic
Updated firefox packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common Vulne ...
Synopsis
Critical: java-142-ibm security update
Type/Severity
Security Advisory: Critical
Topic
Updated java-142-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras and Red Hat EnterpriseLinux 5 SupplementaryThe Red Hat Security Response Team has rated t ...
Synopsis
Moderate: java-142-ibm-sap security update
Type/Severity
Security Advisory: Moderate
Topic
Updated java-142-ibm-sap packages that fix several security issues arenow available for Red Hat Enterprise Linux 4, 5 and 6 for SAPThe Red Hat Security Response Team has rated this update as having moder ...
Synopsis
Critical: java-160-ibm security update
Type/Severity
Security Advisory: Critical
Topic
Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras, and Red Hat EnterpriseLinux 5 and 6 SupplementaryThe Red Hat Security Response Team has ...
Synopsis
Critical: thunderbird security update
Type/Severity
Security Advisory: Critical
Topic
An updated thunderbird package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact C ...
Synopsis
Low: Red Hat Network Satellite server IBM Java Runtime security update
Type/Severity
Security Advisory: Low
Topic
Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54The Red Hat Security Response Team has rated this update as ha ...
Debian Bug report logs -
#652726
CVE-2011-4362: DoS because of incorrect code in src/http_authc:67
Package:
src:lighttpd;
Maintainer for src:lighttpd is Debian QA Group <packages@qadebianorg>;
Reported by: Mahyuddin Susanto <udienz@ubuntucom>
Date: Tue, 20 Dec 2011 10:12:23 UTC
Severity: grave
Tags: fixed-upstrea ...
Debian Bug report logs -
#838832
asterisk: chan_sip: File descriptors leak (UDP sockets) / AST-2016-007, CVE-2016-7551
Package:
src:asterisk;
Maintainer for src:asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 25 Sep 2016 15:0 ...
Debian Bug report logs -
#782411
asterisk: CVE-2015-3008: TLS Certificate Common name NULL byte exploit
Package:
src:asterisk;
Maintainer for src:asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 11 Apr 2015 17:57:02 UTC
Sever ...
Debian Bug report logs -
#773625
nss: CVE-2014-1569 information leak
Package:
src:nss;
Maintainer for src:nss is Maintainers of Mozilla-related packages <team+pkg-mozilla@trackerdebianorg>;
Reported by: Michael Gilbert <mgilbert@debianorg>
Date: Sun, 21 Dec 2014 03:51:02 UTC
Severity: serious
Tags: patch
Found in ...
A flaw was found in the Java RMI (Remote Method Invocation) registry implementation A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry (CVE-2011-3556)
A flaw was found in the Java RMI registry implementation A remote RMI client could use this flaw to execute code on the RMI server with unrest ...
Several vulnerabilities have been discovered in lighttpd, a small and fast
webserver with minimal memory footprint
CVE-2011-4362
Xi Wang discovered that the base64 decoding routine which is used to
decode user input during an HTTP authentication, suffers of a signedness
issue when processing user input As a result it is possible to force
...
Several vulnerabilities have been discovered in cURL, an URL transfer
library The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2011-3389
This update enables OpenSSL workarounds against the BEAST attack
Additional information can be found in the cURL advisory
CVE-2012-0036
Dan Fandrich discovere ...
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Java platform:
CVE-2011-3389
The TLS implementation does not guard properly against certain
chosen-plaintext attacks when block ciphers are used in CBC
mode
CVE-2011-3521
The CORBA implementation contains a deserialization
vulnerability in the IIOP implementati ...