Showing all newswire headlines

The wu-ftp FTP server does not do proper bounds checking while processing the SITE EXEC command.

A security bug in wu-ftpd can permit remote users, even without an account, to gain root access. The new version closes the hole.

The version of wu-ftpd distributed in Debian GNU/Linux 2.1 (a.k.a. slink), as well as in the frozen (potato) and unstable (woody) distributions, is vulnerable to a remote root compromise. The default configuration in all current Debian packages prevents the currently available exploits in the case of anonymous access, although local users could still possibly compromise the server.

Remote vulnerabilities exist with all Zope-

This new kernel release fixes a security hole that could affect any setuid program on the system. In addition, several accumulated fixes are included.

This new kernel release fixes a security hole that could affect any setuid program on the system. In addition, several accumulated fixes are included.

Security vulnerabilities have been found in the Kerberos 5 implementation shipped with Red Hat Linux 6.

Security vulnerabilities have been found in the Kerberos 5 implementation shipped with Red Hat Linux 6.

With emacs < 20.7, unprivileged local users can eavesdrop the communication between Emacs and its subprocesses.

The 2.2.16 release of the Linux kernel is available and includes a number of security fixes. The following list of fixes comes from the kernel release notes:

In kdelibs 1.1.2 there are security issues for some applications when they are run suid root.

New majordomo packages are available to fix local security problems in majordomo.

New mailman packages are available which close security holes present in earlier versions of mailman.