Jodie Cunningham discovered multiple vulnerabilities in freexl, a
library to read Microsoft Excel spreadsheets, which might result in
denial of service or the execution of arbitrary code if a malformed Excel
file is opened.
Monthly Archives: March 2015
GLSA 201503-13: BusyBox: Multiple vulnerabilities
Fedora 20 Security Update: tcpdump-4.5.1-4.fc20
Resolved Bugs
1201792 – CVE-2015-0261 tcpdump: IPv6 mobility printer mobility_opt_print() typecastimg/signedness error
1201797 – CVE-2015-2154 tcpdump: ethernet printer osi_print_cksum() missing sanity checks out-of-bounds read
1201799 – CVE-2015-0261 CVE-2015-2154 CVE-2015-2153 CVE-2015-2155 tcpdump: various flaws [fedora-all]
1201795 – CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing length check<br
Contains security fix for CVE-2015-0261, CVE-2015-2154, CVE-2015-2153, CVE-2015-2155.
Fedora 20 Security Update: seamonkey-2.33.1-1.fc20
Resolved Bugs
1204761 – seamonkey-2.33.1.source is available
1201308 – seamonkey-2.33.source is available<br
Update to 2.33.1
Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info.
Update to 2.33
Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info.
Fedora 21 Security Update: tcpdump-4.7.3-1.fc21
Resolved Bugs
1201573 – tcpdump-4.7.3 is available
1201799 – CVE-2015-0261 CVE-2015-2154 CVE-2015-2153 CVE-2015-2155 tcpdump: various flaws [fedora-all]
1201792 – CVE-2015-0261 tcpdump: IPv6 mobility printer mobility_opt_print() typecastimg/signedness error
1201795 – CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing length check
1201797 – CVE-2015-2154 tcpdump: ethernet printer osi_print_cksum() missing sanity checks out-of-bounds read<br
Rebase to 4.7.3 (#1201573). Contains security fix for CVE-2015-0261, CVE-2015-2154, CVE-2015-2153, CVE-2015-2155.
Fedora 21 Security Update: seamonkey-2.33.1-1.fc21
Resolved Bugs
1204761 – seamonkey-2.33.1.source is available<br
Update to 2.33.1
Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info.
Fedora 21 Security Update: texlive-2014-3.1.20140525_r34255.fc21
Resolved Bugs
1197082 – CVE-2015-0296 texlive rpm scriptlet allows unprivileged user to delete arbitrary files
1197084 – CVE-2015-0296 texlive: texlive rpm scriptlet allows unprivileged user to delete arbitrary files [fedora-all]<br
CVE-2015-0296 texlive rpm scriptlet allows unprivileged user to delete arbitrary files. This update fixes this issue
Fedora 20 Security Update: setroubleshoot-3.2.17-2.fc20
Fedora 21 Security Update: setroubleshoot-3.2.22-1.fc21
Fedora 22 Security Update: kernel-4.0.0-0.rc5.git1.3.fc22
Resolved Bugs
1205244 – CVE-2015-2686 kernel: sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer [fedora-all]
1187004 – Lenovo Ideapad Z570 backlight brightness keys adjust OSD but not screen brightness
1202362 – udiskd high CPU usage with 4.0 git rc3
1205242 – CVE-2015-2686 kernel: sys_sendto/sys_recvfrom does not validate the user provided ubuf pointer
1204342 – enable SND_CONFIG_BEBOB<br
Update to Linux v4.0-rc5-25-g90a5a895cc8b. Fixes across the tree.