LWN.net Logo

Advertisement

Writers Wanted

Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Wednesday's security updates

[Posted April 20, 2011 by corbet]

Wednesday's security updates
[Security] Posted Apr 20, 2011 17:39 UTC (Wed) by corbet

CentOS has updated conga (C5: remote privilege escalation).

Debian has updated libmojolicious-perl (directory traversal) and request-tracker (multiple vulnerabilities).

Fedora has updated libtiff (F14: code execution bug with 2009 CVE number) and kdelibs (F13: web site spoofing).

Mandriva has updated kdelibs4 (web site spoofing).

Red Hat has updated polkit (local privilege escalation).

Slackware has updated polkit (local privilege escalation).

Ubuntu has updated openslp (denial of service), policykit (local privilege escalation), krb5 ("denial of service" - though the CVE entry says that code execution is possible as well), language-selector (local privilege escalation), and dhcp3 (remote root command execution).

Comments (none posted)

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds