Search results
Search results
SUSE security update to firefox-esr
([Security]
Posted Dec 16, 2024 14:04 UTC (Mon)
by jake )
CVE-2015-4510 * CVE-2015-4511 * CVE-2015-4512 * CVE-2015-4513 * CVE-2015-4515 * CVE-2015-4516 * CVE-2015-4517 * CVE-2015-4518 * CVE-2015-4519 * CVE-2015-4520 * CVE-2015-7174 * CVE-2015-7178 * CVE-2015-7180 * CVE-2015-7181 * CVE-2015-7184 * CVE-2015-7185 * CVE-2015-7186 * CVE-2015-7187 * CVE-2015-7188 * CVE-2015-7189 * CVE-2015-7190 * CVE-2015-7191 * CVE-2015-7192 * CVE-2015-7193 * CVE-2015-7194 * CVE-2015-7195 * CVE-2015-7196 * CVE-2015-7197 * CVE-2015-7198 * CVE-2015-7201 * CVE-2015-7203 * CVE-2015-7204 * CVE-2015-7205 * CVE-2015-7207 * CVE-2015-7208 * CVE-2015-7210 * CVE-2015-7211 * CVE-2015-7212 * CVE-2015-7213 * CVE-2015-7214 * CVE-2015-7215 * CVE-2015-7216 * CVE-2015-7218 * CVE-2015-7222 * CVE-2015-7223 * CVE-2015-7575 * CVE-2016-0718 * CVE-2016-1930 * CVE-2016-1933 * CVE-2016-1935 * CVE-2016-1937 * CVE-2016-1938 * CVE-2016-1942 * CVE-2016-1944 * CVE-2016-1947 * CVE-2016-1949 * CVE-2016-1950 * CVE-2016-1952 * CVE-2016-1954 * CVE-2016-1955 * CVE-2016-1956 * CVE-2016-1957 * CVE-2016-1958 * CVE-2016-1959 * CVE-2016-1960 * CVE-2016-1961
SUSE security update to spamassassin
([Security]
Posted Jul 25, 2019 14:54 UTC (Thu)
by jake )
CVE-2016-1238 CVE-2017-15705 CVE-2018-11780
CVE-2018-11781
Affected Products:
SUSE Linux Enterprise Server 12-SP4
SUSE Linux Enterprise Desktop 12-SP4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for spamassassin to version 3.4.2 fixes the following issues:
Security issues fixed:
- CVE-2017-15705: Fixed denial of service via unclosed tags in crafted
emails (bsc#1108745).
- CVE-2018-11781: Fixed a code injection in the meta rule syntax by local
users (bsc#1108748).
- CVE-2018-11780: Fixed a potential remote code execution vulnerability in
PDFInfo plugin (bsc#1108750).
Non-security issues fixed:
- Added four new plugins (disabled by default): HashBL, ResourceLimits,
FromNameSpoof, Phishing
- sa-update script: optional support for SHA-256 / SHA-512 been added for
better validation of rules
- GeoIP2 support has been added to RelayCountry and URILocalBL plugins
- Several new or enhanced configuration options
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP4:
zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-1961
Debian-LTS security update to tiff3
([Security]
Posted Sep 6, 2016 16:24 UTC (Tue)
by ris )
CVE-2013-1961 CVE-2014-8128
CVE-2014-8129 CVE-2014-9655 CVE-2015-1547
CVE-2015-8665 CVE-2015-8683 CVE-2016-3186
CVE-2016-3623 CVE-2016-3945 CVE-2016-3990
CVE-2016-3991 CVE-2016-5314 CVE-2016-5315
CVE-2016-5316 CVE-2016-5317 CVE-2016
Oracle security update to libtiff
([Security]
Posted Aug 3, 2016 16:34 UTC (Wed)
by ris )
-2016-1547 Important: Oracle Linux 6 libtiff security update
Date :
Tue, 2 Aug 2016 14:06:53 -0700
Message-ID :
<9560a208-4bf2-85f5-aa1a-8eb9c3fc8bde@oracle.com>
Oracle Linux Security Advisory ELSA-2016-1547
http://linux.oracle.com/errata/ELSA-2016-1547.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
libtiff-3.9.4-18.el6_8.i686.rpm
libtiff-devel-3.9.4-18.el6_8.i686.rpm
libtiff-static-3.9.4-18.el6_8.i686.rpm
x86_64:
libtiff-3.9.4-18.el6_8.i686.rpm
libtiff-3.9.4-18.el6_8.x86_64.rpm
libtiff-devel-3.9.4-18.el6_8.i686.rpm
libtiff-devel-3.9.4-18.el6_8.x86_64.rpm
libtiff-static-3.9.4-18.el6_8.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/libtiff-3.9.4-18....
Description of changes:
[3.9.4-18]
- Update patch for CVE-2014-8127
- Related: #1335099
[3.9.4-17]
- Fix patches for CVE-2016-3990 and CVE-2016-5320
- Related: #1335099
[3.9.4-16]
- Add patches for CVEs:
- CVE-2016-3632 CVE-2016-3945 CVE-2016-3990
- CVE-2016-3991 CVE-2016-5320
- Related: #1335099
[3.9.4-15]
- Update patch for CVE-2014-8129
- Related: #1335099
[3.9.4-14]
- Merge previously released fixes for CVEs:
- CVE-2013-1960 CVE-2013-1961
openSUSE security update to thunderbird
([Security]
Posted Jul 11, 2016 16:52 UTC (Mon)
by ris )
CVE-2016-1952 CVE-2016-1953 CVE-2016-1954
CVE-2016-1955 CVE-2016-1956 CVE-2016-1957
CVE-2016-1960 CVE-2016-1961 CVE-2016-1964
CVE-2016-1974 CVE-2016-1977 CVE-2016-2790
CVE-2016-2791 CVE-2016-2792 CVE-2016-2793
CVE-2016-2794 CVE-2016
openSUSE security update to thunderbird
([Security]
Posted Jul 11, 2016 16:50 UTC (Mon)
by ris )
CVE-2016-1952 CVE-2016-1953 CVE-2016-1954
CVE-2016-1955 CVE-2016-1956 CVE-2016-1957
CVE-2016-1960 CVE-2016-1961 CVE-2016-1964
CVE-2016-1974 CVE-2016-1977 CVE-2016-2790
CVE-2016-2791 CVE-2016-2792 CVE-2016-2793
CVE-2016-2794 CVE-2016
openSUSE security update to thunderbird
([Security]
Posted Jul 11, 2016 16:49 UTC (Mon)
by ris )
CVE-2016-1952 CVE-2016-1953 CVE-2016-1954
CVE-2016-1955 CVE-2016-1956 CVE-2016-1957
CVE-2016-1960 CVE-2016-1961 CVE-2016-1964
CVE-2016-1974 CVE-2016-1977 CVE-2016-2790
CVE-2016-2791 CVE-2016-2792 CVE-2016-2793
CVE-2016-2794 CVE-2016
Gentoo security update to nss
([Security]
Posted May 31, 2016 17:54 UTC (Tue)
by ris )
CVE-2016-1946
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1946
[ 95 ] CVE-2016-1946
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1946
[ 96 ] CVE-2016-1947
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1947
[ 97 ] CVE-2016-1947
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1947
[ 98 ] CVE-2016-1948
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1948
[ 99 ] CVE-2016-1948
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1948
[ 100 ] CVE-2016-1949
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1949
[ 101 ] CVE-2016-1949
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1949
[ 102 ] CVE-2016-1950
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1950
[ 103 ] CVE-2016-1950
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1950
[ 104 ] CVE-2016-1952
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1952
[ 105 ] CVE-2016-1952
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1952
[ 106 ] CVE-2016-1953
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1953
[ 107 ] CVE-2016-1953
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1953
[ 108 ] CVE-2016-1954
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1954
[ 109 ] CVE-2016-1954
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1954
[ 110 ] CVE-2016-1955
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1955
[ 111 ] CVE-2016-1955
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1955
[ 112 ] CVE-2016-1956
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1956
[ 113 ] CVE-2016-1956
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1956
[ 114 ] CVE-2016-1957
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1957
[ 115 ] CVE-2016-1957
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1957
[ 116 ] CVE-2016-1958
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1958
[ 117 ] CVE-2016-1958
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1958
[ 118 ] CVE-2016-1959
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1959
[ 119 ] CVE-2016-1959
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1959
[ 120 ] CVE-2016-1960
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1960
[ 121 ] CVE-2016-1960
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1960
[ 122 ] CVE-2016-1961
Ubuntu security update to thunderbird
([Security]
Posted Apr 28, 2016 14:59 UTC (Thu)
by jake )
CVE-2016-1950) Holger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple memory safety issues in the Graphite 2 library. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: thunderbird 1:38.7.2+build1-0ubuntu0.16.04.1 Ubuntu 15.10: thunderbird 1:38.7.2+build1-0ubuntu0.15.10.1 Ubuntu 14.04 LTS: thunderbird 1:38.7.2+build1-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: thunderbird 1:38.7.2+build1-0ubuntu0.12.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2934-1 CVE-2016-1950, CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961
Ubuntu security update to firefox
([Security]
Posted Apr 20, 2016 15:56 UTC (Wed)
by ris )
CVE-2016-1958) Looben Yang discovered an out-of-bounds read in Service Worker Manager. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1959) A use-after-free was discovered in the HTML5 string parser. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1960) A use-after-free was discovered in the SetBody function of HTMLDocument. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1961
Ubuntu security update to firefox
([Security]
Posted Apr 8, 2016 16:00 UTC (Fri)
by ris )
CVE-2016-1958) Looben Yang discovered an out-of-bounds read in Service Worker Manager. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1959) A use-after-free was discovered in the HTML5 string parser. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1960) A use-after-free was discovered in the SetBody function of HTMLDocument. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1961
SUSE security update to firefox, nspr, nss
([Security]
Posted Mar 30, 2016 15:48 UTC (Wed)
by ris )
CVE-2016-1950 CVE-2016-1952 CVE-2016-1953
CVE-2016-1954 CVE-2016-1957 CVE-2016-1958
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1964 CVE-2016-1965 CVE-2016-1966
CVE-2016-1974 CVE-2016-1977 CVE-2016-1978
CVE-2016-1979 CVE-2016
openSUSE security update to thunderbird
([Security]
Posted Mar 28, 2016 16:33 UTC (Mon)
by ris )
CVE-2016-1952
CVE-2016-1954 CVE-2016-1957 CVE-2016-1958
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1964 CVE-2016-1965 CVE-2016-1966
CVE-2016-1974 CVE-2016-1977 CVE-2016-2790
CVE-2016-2791 CVE-2016-2792 CVE-2016-2793
CVE-2016
openSUSE security update to thunderbird
([Security]
Posted Mar 24, 2016 16:38 UTC (Thu)
by jake )
CVE-2016-1952
CVE-2016-1954 CVE-2016-1957 CVE-2016-1958
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1964 CVE-2016-1965 CVE-2016-1966
CVE-2016-1974 CVE-2016-1977 CVE-2016-2790
CVE-2016-2791 CVE-2016-2792 CVE-2016-2793
CVE-2016
Debian security update to icedove
([Security]
Posted Mar 21, 2016 16:05 UTC (Mon)
by ris )
CVE ID : CVE-2016-1950 CVE-2016-1954 CVE-2016-1957 CVE-2016-1960
CVE-2016-1961 CVE-2016-1962 CVE-2016-1964 CVE-2016-1966
CVE-2016-1974 CVE-2016-1977 CVE-2016-2790 CVE-2016-2791
CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795
CVE
Arch Linux security update to thunderbird
([Security]
Posted Mar 21, 2016 16:02 UTC (Mon)
by ris )
CVE-ID : CVE-2016-1952 CVE-2016-1953 CVE-2016-1954 CVE-2016-1957 CVE-2016-1960 CVE-2016-1961 CVE-2016-1964 CVE-2016-1966 CVE-2016-1974 CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE
Scientific Linux security update to thunderbird
([Security]
Posted Mar 17, 2016 15:33 UTC (Thu)
by jake )
-2016:0460-1
Issue Date: 2016-03-16
CVE Numbers: CVE-2016-1952
CVE-2016-1954
CVE-2016-1957
CVE-2016-1960
CVE-2016-1961
CVE-2016-1964
CVE-2016-1966
CVE-2016-1974
--
Several flaws were found in the processing of malformed web content. A web
page containing malicious
Mageia security update to thunderbird
([Security]
Posted Mar 17, 2016 15:22 UTC (Thu)
by jake )
CVE-2016-1964,
CVE-2016-1966,
CVE-2016-1974,
CVE-2016-1977,
CVE-2016-2790,
CVE-2016-2791,
CVE-2016-2792,
CVE-2016-2793,
CVE-2016-2794,
CVE-2016-2795,
CVE-2016-2796,
CVE-2016-2797,
CVE-2016-2798,
CVE-2016-2799,
CVE-2016-2800,
CVE-2016-2801,
CVE-2016-2802
Description:
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user running
Thunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,
CVE-2016-1961
Red Hat security update to thunderbird
([Security]
Posted Mar 17, 2016 14:45 UTC (Thu)
by jake )
CVE Names: CVE-2016-1952 CVE-2016-1954 CVE-2016-1957
CVE-2016-1960 CVE-2016-1961 CVE-2016-1964
CVE-2016-1966 CVE-2016-1974 CVE-2016-1977
CVE-2016-2790 CVE-2016-2791 CVE-2016-2792
CVE-2016-2793 CVE-2016-2794 CVE-2016-2795
CVE-2016-2796 CVE
SUSE security update to firefox nspr nss
([Security]
Posted Mar 16, 2016 16:06 UTC (Wed)
by ris )
CVE-2016-1950 CVE-2016-1952 CVE-2016-1953
CVE-2016-1954 CVE-2016-1957 CVE-2016-1958
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1964 CVE-2016-1965 CVE-2016-1966
CVE-2016-1974 CVE-2016-1977 CVE-2016-1978
CVE-2016-1979 CVE-2016
SUSE security update to firefox, nspr, nss
([Security]
Posted Mar 14, 2016 18:23 UTC (Mon)
by ris )
CVE-2016-1950 CVE-2016-1952 CVE-2016-1953
CVE-2016-1954 CVE-2016-1957 CVE-2016-1958
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1964 CVE-2016-1965 CVE-2016-1966
CVE-2016-1974 CVE-2016-1977 CVE-2016-1978
CVE-2016-1979 CVE-2016
openSUSE security update to firefox nss nspr
([Security]
Posted Mar 14, 2016 18:18 UTC (Mon)
by ris )
CVE-2016-1950 CVE-2016-1952 CVE-2016-1953
CVE-2016-1954 CVE-2016-1955 CVE-2016-1956
CVE-2016-1957 CVE-2016-1958 CVE-2016-1959
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1963 CVE-2016-1964 CVE-2016-1965
CVE-2016-1966 CVE-2016
openSUSE security update to Firefox
([Security]
Posted Mar 14, 2016 18:15 UTC (Mon)
by ris )
CVE-2016-1950 CVE-2016-1952 CVE-2016-1953
CVE-2016-1954 CVE-2016-1955 CVE-2016-1956
CVE-2016-1957 CVE-2016-1958 CVE-2016-1959
CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1963 CVE-2016-1964 CVE-2016-1965
CVE-2016-1966 CVE-2016
Mageia security update to firefox
([Security]
Posted Mar 10, 2016 16:51 UTC (Thu)
by n8willis )
CVE-2016-1950,
CVE-2016-1952,
CVE-2016-1954,
CVE-2016-1957,
CVE-2016-1958,
CVE-2016-1960,
CVE-2016-1961,
CVE-2016-1962,
CVE-2016-1964,
CVE-2016-1965,
CVE-2016-1966,
CVE-2016-1974,
CVE-2016-1977,
CVE-2016-1979,
CVE-2016-2790,
CVE-2016-2791,
CVE-2016
Debian security update to iceweasel
([Security]
Posted Mar 10, 2016 16:47 UTC (Thu)
by n8willis )
CVE ID : CVE-2016-1950 CVE-2016-1952 CVE-2016-1954 CVE-2016-1957
CVE-2016-1958 CVE-2016-1960 CVE-2016-1961 CVE-2016-1962
CVE-2016-1964 CVE-2016-1965 CVE-2016-1966 CVE-2016-1974
CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792
CVE