Monthly Archives: April 2015

Mandriva

[ MDVSA-2015:217 ] sqlite3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:217
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : sqlite3
 Date    : April 30, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in sqlite3:
 
 SQLite before 3.8.9 does not properly implement the dequoting of
 collation-sequence names, which allows context-dependent attackers to
 cause a denial of service (uninitialized memory access and application
 crash) or possibly have unspecified other impact via a crafted COLLATE
 clause, as demonstrated by COLLATE at the end of a SELECT statement
 (CVE-2015-3414).
 
 The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9
 does not pro
Security

Google Releases Security Update for Chrome

Original release date: April 29, 2015

Google has released Chrome version 42.0.2311.135 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Google Chrome blog entry and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.