LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Thursday's security updates

[Posted February 21, 2013 by ris]

CentOS has updated firefox (C6: multiple vulnerabilities), thunderbird (C6: multiple vulnerabilities), xulrunner (C6: multiple vulnerabilities), yelp (C6: multiple vulnerabilities), libproxy (C6: multiple vulnerabilities), java-1.6.0-openjdk (C6; C5: multiple vulnerabilities), and java-1.7.0-openjdk (C6; C5: multiple vulnerabilities).

Debian has updated postgresql (information disclosure/denial of service).

Fedora has updated mediatomb (F18; F17: multiple vulnerabilities), java-1.7.0-openjdk (F18; F17: multiple vulnerabilities), rubygem-activemodel (F18; F17: protection bypass), rubygem-activerecord (F17: code execution), kernel (F18: denial of service), and gimp (F17: code execution).

openSUSE has updated postgresql (information disclosure/denial of service).

Oracle has updated axis (OL6: incorrect certificate validation), jakarta-commons-httpclient (OL6: incorrect certificate validation), thunderbird (OL6: multiple vulnerabilities), java-1.6.0-openjdk (OL6: multiple vulnerabilities), java-1.7.0-openjdk (OL6; OL5: multiple vulnerabilities), and firefox (OL6; OL5: multiple vulnerabilities).

Red Hat has updated java-1.6.0-sun (multiple vulnerabilities), java-1.7.0-oracle (multiple vulnerabilities), libvirt (RHEL6: DNS proxy is wrongly created), dnsmasq (RHEL6: DNS proxy is wrongly created), kernel (RHEL6: multiple vulnerabilities), xinetd (RHEL6: service disclosure flaw), hplip (RHEL6: multiple vulnerabilities), xorg-x11 (RHEL6: code execution), 389-ds-base (RHEL6: ACL restriction bypass), dhcp (RHEL6: denial of service), squid (RHEL6: denial of service), samba4 (RHEL6: remote code execution), sssd (RHEL6: file modification and denial of service), rdma (RHEL6: multiple vulnerabilities), pki-core (RHEL6: cross-site scripting), httpd (RHEL6: multiple vulnerabilities), php (RHEL6: multiple vulnerabilities), openchange (RHEL6: remote code execution), evolution (RHEL6: information disclosure), util-linux-ng (RHEL6: information disclosure), openssh (RHEL6: code execution), dovecot (RHEL6: multiple vulnerabilities), pam (RHEL6: arbitrary code execution), gdb (RHEL6: code execution), ccid (RHEL6: arbitrary code execution), pcsc-lite (RHEL6: arbitrary code execution), automake (RHEL6: code execution), and ipa (RHEL6: incorrect Certificate Revocation Lists).

Scientific Linux has updated java-1.6.0-openjdk (SL5; SL6: multiple vulnerabilities), java-1.7.0-openjdk (multiple vulnerabilities), axis (SL6: incorrect certificate validation), firefox (multiple vulnerabilities), thunderbird (multiple vulnerabilities), and jakarta-commons-httpclient (incorrect certificate validation).

Ubuntu has updated keystone (multiple vulnerabilities), cinder (denial of service), openssl (multiple vulnerabilities), and ruby (multiple vulnerabilities).

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds