LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Thursday's security advisories

[Posted November 10, 2011 by jake]

Thursday's security advisories
[Security] Posted Nov 10, 2011 20:09 UTC (Thu) by jake

CentOS has updated nss (C4; C5: certificate authority removal), firefox (C4; C5: multiple vulnerabilities), thunderbird (C4; C5: cross-site scripting), rpm (C4: code execution), xorg-x11 (C4: multiple vulnerabilities), pidgin (C4: multiple vulnerabilities), postgresql (C4: crackable password hashing), kdelibs (C4: certificate spoofing), httpd (C4: mod_proxy reverse proxy exposure), freetype (C4: code execution), and seamonkey (C4: cross-site scripting).

Debian has updated openssl (certificate authority removal).

Fedora has updated tor (F16: multiple vulnerabilities), tomcat6 (F15: HTTP digest authentication flaws), java-1.7.0-openjdk (F16: multiple vulnerabilities), asterisk (F15; F16: denial of service), icedtea-web (F15; F16: same-origin policy violation), and freetype (F15: code execution).

Mandriva has updated mozilla (multiple vulnerabilities).

Oracle has updated firefox (OL4; OL5; OL6: multiple vulnerabilities), thunderbird (OL4; OL6: multiple vulnerabilities), seamonkey (OL4: cross-site scripting), icedtea-web (OL6: same-origin policy violation), and nss (OL4; OL5; OL6: certificate authority removal).

Ubuntu has updated radvd (code execution) and clamav (code execution).

Comments (none posted)

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds