Security advisories for Monday

Debian has updated proftpd-dfsg (privilege escalation) and asterisk (denial of service).

Fedora has updated nss (F17; F16: certificate removal), tcl-snack (F17; F16: code execution), qt (F17: confusing SSL error messages), gnupg2 (F17: memory access violations), drupal7-context (F17; F16: information disclosure), elinks (F17: information disclosure), and kde-filesystem (F17: unspecified vulnerability).

Oracle has updated net-snmp (OL5: denial of service), tcl (OL5: multiple vulnerabilities), freeradius2 (OL5: code execution), gtk2 (OL5: integer overflow), openipmi (OL5: invalid permissions), quota (OL5: bypass TCP Wrappers rules), wireshark (OL5: multiple vulnerabilities), libvirt (OL5: unintended access to USB devices), conga (OL5: leaks authentication credentials), httpd (OL5: cross-site scripting), gnome-vfs2 (OL5: denial of service, man in the middle attack), hplip3 (OL5: multiple vulnerabilities), autofs (OL5: denial of service), firefox (OL5: multiple vulnerabilities), squirrelmail (OL5: denial of service), mysql (OL5: authentication bypass), and ruby (OL5: multiple vulnerabilities).

Ubuntu has updated tomcat (multiple vulnerabilities) and freetype (multiple vulnerabilities).

Comments (none posted)