This issue was resolved and addressed in
GLSA 201503-04 at http://security.gentoo.org/glsa/glsa-201503-04.xml
by GLSA coordinator Kristian Fiskerstrand (K_F).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue was resolved and addressed in
GLSA 201403-06 at http://security.gentoo.org/glsa/glsa-201403-06.xml
by GLSA coordinator Mikle Kolyada (Zlogene).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue was resolved and addressed in
GLSA 201401-24 at http://security.gentoo.org/glsa/glsa-201401-24.xml
by GLSA coordinator Chris Reffett (creffett).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue was resolved and addressed in
GLSA 201311-07 at http://security.gentoo.org/glsa/glsa-201311-07.xml
by GLSA coordinator Sean Amoss (ackle).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue was resolved and addressed in
GLSA 201308-05 at http://security.gentoo.org/glsa/glsa-201308-05.xml
by GLSA coordinator Sergey Popov (pinkbyte).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2012-5960 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5960):
Stack-based buffer overflow in the unique_service_name function in
ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices
(aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows
This issue was resolved and addressed in
GLSA 201301-03 at http://security.gentoo.org/glsa/glsa-201301-03.xml
by GLSA coordinator Sean Amoss (ackle).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2011-4612 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4612):
icecast before 2.3.3 allows remote attackers to inject control characters
such as newlines into the error loc (error.log) via a crafted URL.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
CVE-2012-3523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3523):
The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly
restrict I/O buffering, which allows man-in-the-middle attackers to insert
commands into encrypted sessions by sending a cleartext command that is
This issue was resolved and addressed in
GLSA 201211-01 at http://security.gentoo.org/glsa/glsa-201211-01.xml
by GLSA coordinator Tobias Heinlein (keytoaster).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue was resolved and addressed in
GLSA 201209-15 at http://security.gentoo.org/glsa/glsa-201209-15.xml
by GLSA coordinator Sean Amoss (ackle).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to asterisk in Ubuntu.
This issue was resolved and addressed in
GLSA 201209-15 at http://security.gentoo.org/glsa/glsa-201209-15.xml
by GLSA coordinator Sean Amoss (ackle).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This issue was resolved and addressed in
GLSA 201209-17 at http://security.gentoo.org/glsa/glsa-201209-17.xml
by GLSA coordinator Sean Amoss (ackle).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2012-4298 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4298):
Integer signedness error in the vwr_read_rec_data_ethernet function in
wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before
1.8.2 allows user-assisted remote attackers to execute arbitrary code via a
This issue was resolved and addressed in
GLSA 201208-03 at http://security.gentoo.org/glsa/glsa-201208-03.xml
by GLSA coordinator Sean Amoss (ackle).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
CVE-2012-3867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3867):
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x
before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly
restrict the characters in the Common Name field of a Certificate Signing
CVE-2012-3867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3867):
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x
before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly
restrict the characters in the Common Name field of a Certificate Signing
CVE-2012-2843 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2843):
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows
remote attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to layout height tracking.
CVE-2012-2842
CVE-2012-3377 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3377):
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG
demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2
allows remote attackers to cause a denial of service (application crash) and
CVE-2012-3812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3812):
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source
1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk
1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones
10.x.x-digiumphones
CVE-2012-3863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3863):
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x
before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified
Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones
CVE-2012-3812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3812):
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source
1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk
1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones
10.x.x-digiumphones
CVE-2012-3863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3863):
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x
before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified
Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones
CVE-2012-3374 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3374):
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in
Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a
crafted inline image in a message.
--
You received this bug notification
24 matches
Mail list logo