Mandriva Linux Security Advisory 2015-173 - Updated ffmpeg packages fix multiple security vulnerabilities.
c679fbd0c531ef8119e61d4cb4851058b9194dbb1b4ca0a0849f92169bdd271eMandriva Linux Security Advisory 2015-172 - Updated firebird packages fix a remote denial of service vulnerability.
de0a9e6377dad5f7163508b2d18e732e76ff1f3ab2850aa7d7f24687b2a7d431Mandriva Linux Security Advisory 2015-171 - Integer overflows in memory allocations in client/X11/xf_graphics.c in FreeRDP through 1.0.2 allows remote RDP servers to have an unspecified impact through unspecified vectors. Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.
29063fe4e6de7743857d4550e95f2ba8d96631bab28fb313d0b41130c92c715cMandriva Linux Security Advisory 2015-168 - Updated glibc packages fix multiple security vulnerabilities.
0412f59ba60e6f3546c153206b4f490e8e4d6187358607bb442d3ffcaa511903Mandriva Linux Security Advisory 2015-170 - Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code. The gcc rtl-optimization sched2 miscompiles syscall sequence which can cause random panic in glibc and kernel clang++ fails to find cxxabi.h and cxxabi_tweaks.h during build
35fc5bd02a45bc115828edb8420fb43e8bf3a96069ea2d6869252a2afe7f265eMandriva Linux Security Advisory 2015-169 - It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the.git/config file when the client performed a git pull. Because git permitted committing.Git/config , on the pull this would replace the user's.git/config. If this malicious config file contained defined external commands (such as for invoking and editor or an external diff utility) it could allow for the execution of arbitrary code with the privileges of the user running the git client.
3d2e5be41e9078bea5ab6f6cc66bb8d225c3913892ae0f3c43bfd3fb44ff1607Mandriva Linux Security Advisory 2015-167 - Due to a bug in GLPI before 0.84.7, a user without access to cost information can in fact see the information when selecting cost as a search criteria. An issue in GLPI before 0.84.8 may allow arbitrary local files to be included by PHP through an autoload function. SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
e3b1d38067d3fcf135b2a6c7247cd928213897e8ebe6436e2ff172e8f2302927
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed