Mandriva Linux Security Advisory 2015-059 – Multiple vulnerabilities has been found and corrected in the Mozilla NSS and NSPR packages. The updated packages provides a solution for these security issues.
Monthly Archives: March 2015
Mandriva Linux Security Advisory 2015-060
Mandriva Linux Security Advisory 2015-060 – Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.
Gentoo Linux Security Advisory 201503-06
Gentoo Linux Security Advisory 201503-6 – Multiple vulnerabilities have been found in ICU, possibly resulting in Denial of Service. Versions less than 54.1-r1 are affected.
CEBA-2015:0690 CentOS 6 ntp BugFix Update
CentOS Errata and Bugfix Advisory 2015:0690 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0690.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d26302d8a3e6329c4cd3acc3230df3ea75a451557ccbe829b8734c7bf15a2adc ntp-4.2.6p5-3.el6.centos.i686.rpm bb76f52aee3e1a06966b8317875f5c35fc95d4f8cd3a10661c0383d2b27b480b ntpdate-4.2.6p5-3.el6.centos.i686.rpm fd59acbb4b9c692d999cadb1d7e5147f25d6526e94be49c428665c7c2122a17d ntp-doc-4.2.6p5-3.el6.centos.noarch.rpm 99d2d0718bc5ac421c677bd4b413fc98fc4a55130c4dc6f88d8c72a1bf3acbb5 ntp-perl-4.2.6p5-3.el6.centos.i686.rpm x86_64: 6af0643489373e924d756f314244d52f69971700f8cdd4313a3c9ade9bedf973 ntp-4.2.6p5-3.el6.centos.x86_64.rpm 4e594acea9a37c4f6a357b68c02672633c1b8ffe9a2009558ef80e38c96b51a2 ntpdate-4.2.6p5-3.el6.centos.x86_64.rpm fd59acbb4b9c692d999cadb1d7e5147f25d6526e94be49c428665c7c2122a17d ntp-doc-4.2.6p5-3.el6.centos.noarch.rpm 64a0636465ef18edfba31d66de1914767998d3e3650c10553dd38bd383f5f087 ntp-perl-4.2.6p5-3.el6.centos.x86_64.rpm Source: 766564669003456502cf684407fbe68677b446c910d30cf5238ca8598a609075 ntp-4.2.6p5-3.el6.centos.src.rpm
RHEA-2015:0689-1: Red Hat Enterprise MRG Realtime 2.5 enhancement update
Red Hat Enterprise Linux: Updated Red Hat Enterprise MRG Realtime packages that add one enhancement are
now available for Red Hat Enterprise MRG 2.5.
RHBA-2015:0690-1: ntp bug fix update
Red Hat Enterprise Linux: Updated ntp packages that fix one bug are now available for Red Hat Enterprise
Linux 6.
RHBA-2015:0688-1: ksh bug fix update
Red Hat Enterprise Linux: Updated ksh packages that fix one bug are now available for Red Hat Enterprise
Linux 5.
RHBA-2015:0687-1: ncurses bug fix update
Red Hat Enterprise Linux: Updated ncurses packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
RHBA-2015:0686-1: chromium-browser bug fix and enhancement update
Red Hat Enterprise Linux: Updated chromium-browser packages that fix several bugs and add various
enhancements are now available for Red Hat Enterprise Linux 6.
RHBA-2015:0685-1: ppp bug fix and enhancement update
Red Hat Enterprise Linux: Updated ppp packages that fix several bugs and add one enhancement are now
available for Red Hat Enterprise Linux 6.