Wednesday's security updates

[Posted January 19, 2011 by corbet]

Wednesday's security updates

[Security] Posted Jan 19, 2011 18:54 UTC (Wed) by corbet

Fedora has updated sudo (F14: unauthorized group ID change) and subversion (F14: denial of service).

Mandriva has updated hplip (possible remote code execution).

MeeGo, which is digging out from a security update backlog, has updated openssl (code execution), libtiff (multiple vulnerabilities), git (privilege escalation), vte (command injection), firefox (code execution), chromium (multiple vulnerabilities), qt (denial of service), and libpng (code execution).

openSUSE has updated sssd (denial of service), java-1.6.0-openjdk (security manager bypass), sudo (multiple vulnerabilities), opensc (code execution), kernel (18 CVE numbers), and evince (code execution via embedded font).

Red Hat has updated mysql (RHEL6: 14 CVE numbers), kernel (RHEL4: multiple vulnerabilities), and kernel (RHEL5: SCTP denial of service).

Ubuntu has updated dbus (denial of service).

Comments (none posted)