Ubuntu Security Notice 2154-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20130906 package.
db0bb7598d0ce78b823879d8616fc042fa6c46ae17e6aa342b29fc69a0ba253a
Ubuntu Security Notice 2153-1 - Kees Cook discovered that initramfs-tools incorrectly mounted /run without the noexec option, contrary to expected behaviour.
0c0be50832191b5dd596c547394e1fef8f12e9e8ef6f54a4d8205d8eaaae8cda
RSA BSAFE MES 4.0.5 contains fix for a security vulnerability that could potentially be exploited by malicious users to deny access to the affected system.
dfe19b0d0c102e00ac21bfdce90d832a779c6e7fcfdf9adf1d7faa4dce766eea
Debian Linux Security Advisory 2883-1 - Several vulnerabilities have been discovered in the chromium web browser.
20d2cc124c759b4aeafe649d18d538e924cbb1dda3765de0b62d0d053aa72638
php-font-lib version 0.3 suffers from a reflective cross site scripting vulnerability.
1a474dde8ce092bdffb789154f90356da33e4828fac208b7fd109580e7cc335d
Ubuntu Security Notice 2152-1 - Ning Zhang & Amin Tora discovered that the mod_dav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. Rainer M Canavan discovered that the mod_log_config module incorrectly handled certain cookies. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.
70897e4a151774b44bf8ff4c6dde27469165bc65253008e06cba703d1f29a859
Red Hat Security Advisory 2014-0323-01 - Red Hat JBoss Fuse 6.0.0 is an integration platform based on Apache ServiceMix. Red Hat JBoss A-MQ 6.0.0, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.0.0 and Red Hat JBoss A-MQ 6.0.0. It includes bug fixes, which are documented in the readme file included with the patch files.
4033631904ad3db4b86abd7def5c87820283de0a4d5d1c79aaedd5f2366bee35
Red Hat Security Advisory 2014-0322-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmpd, the Net-SNMP daemon, handled subagent timeouts. A remote attacker able to trigger a subagent timeout could use this flaw to cause snmpd to loop infinitely or crash.
82b41a8b11f98433502f365e31a509572e514c0d50441c3f75ead69dbd1d31f9
Red Hat Security Advisory 2014-0321-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file.
eed20b6823d411b76ec67ad4e096e4db4919dcef35c74801bb53e46ffbac5c15
Debian Linux Security Advisory 2873-2 - It was discovered that the recent file update, DSA-2873-1, introduced a regression in the recognition of Perl scripts containing BEGIN code blocks.
139056d024e837938143454b0c60fea8616e2792361357360989db9949788139
PHP Login Script version 2.0 suffers from a cross site scripting vulnerability.
6a12219997b095202cbd5aaa5f2d6ac30483abe8709a9d07c4bd74eca78aa35c
KCFinder versions 2.51 through 2.53 suffers from a remote shell upload vulnerability.
ca0d1095ee9a88abe10850735a99afc8f80ac67e0259e5a9cce07bb9ba0e8baf
BigDump version 0.35b suffers from a remote shell upload vulnerability.
f9f701ce6b05bbb8f7d2b195365909e13439c58f11865e01dded6e4c81696c59
Windows Media Player version 11.0.5721.5230 memory corruption proof of concept exploit.
5dc8e0ebd404657746cdcfc7d783e3ef7ba754bf8126c1f3fae1c69ac25052c2
jetVideo version 8.1.1 Basic local crash proof of concept denial of service exploit.
a248304c0afdce390b860cd251654d000c396faa7166423af81b7b7bc21e485c
Light Audio Player version 1.0.14 memory corrupt proof of concept exploit.
0d21a7cb66715b9c8732cdd3b1fd335aee82aba26fa64acdc26d8e53f1eb513d