A big pile of security updates

[Posted June 1, 2007 by ris]

Debian Testing has updated samba (several vulnerabilities).

Fedora has its own huge pile:

Fedora Core 5: thunderbird (pop mail man-in-the-middle attacks), seamonkey (multiple vulnerabilities), devhelp (multiple vulnerabilities), yelp (multiple vulnerabilities), epiphany (multiple vulnerabilities), firefox (multiple vulnerabilities), lha (multiple vulnerabilities).
Fedora Core 6: epiphany (FTP PASV port-scanning), devhelp (FTP PASV port-scanning), firefox (FTP PASV port-scanning), yelp (FTP PASV port-scanning), thunderbird (pop mail man-in-the-middle attacks).
Fedora 7: mutt (pop mail man-in-the-middle attacks), libpng10 (denial of service), jasper (denial of service), libexif (integer overflow), devhelp (multiple vulnerabilities), firefox (multiple vulnerabilities), yelp (multiple vulnerabilities).

Foresight has updated firefox (multiple vulnerabilities).

Gentoo has updated Sun JDK/JRE (multiple vulnerabilities), libpng (denial of service), file (integer overflow).

OpenPKG has updated php (multiple vulnerabilities).

rPath has updated firefox, thunderbird (multiple vulnerabilities).

Ubuntu has updated gimp (arbitrary code execution).

A big pile of security updates

Posted Jun 1, 2007 19:38 UTC (Fri) by jengelh (guest, #33263) [Link] (1 responses)

Again no openSUSE updates?
(a) don't care
(b) threat too low to justify update
(c) updated long ago
Which is it?

A big pile of security updates

Posted Jun 1, 2007 20:11 UTC (Fri) by sfeam (subscriber, #2841) [Link]

If you go to the LWN Security page and click on the corresponding issue,
you'll get a recent history of updates from the various distros. To take
for instance the first issue listed on today's page (SAMBA SIDs and NDR
vulnerabilities), you'll find that a relevant SUSE update was issued on 21
May.

A big pile of security updates

Posted Jun 3, 2007 3:51 UTC (Sun) by pr1268 (guest, #24648) [Link]

Don't forget Slackware updated Mozilla-Firefox to 1.5.0.12 and Seamonkey to 1.1.2 (Security update). Of course, Slackware and mirrors didn't update until 21:50 CDT (02:50 UTC June 2), presumably long after this article was published.