Saturday, January 19, 2013

REDHAT VULNERABILITY ALERTS also Ruby Linux Others

Subscribe to email alerts

http://www.debian.org/security/

http://article.gmane.org/gmane.linux.debian.security.announce/2740

http://lwn.net/Vulnerabilities/
http://lwn.net/Alerts/
http://lwn.net/Security/
http://lwn.net/Vulnerabilities/
https://www.owasp.org/index.php/Category:Vulnerability



Package(s):railsCVE #(s):CVE-2013-0155Created:January 17, 2013Updated:January 17, 2013Description:From the Debian advisory:An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges.Alerts:DebianDSA-2609-12013-01-16


Most recent security alerts

DistributionIDPackageDateMageiaMGASA-2013-0011kernel-tmb2013-01-18MageiaMGASA-2013-0009kernel-linus2013-01-18MageiaMGASA-2013-0013virtualbox2013-01-18MageiaMGASA-2013-0014claws-mail-plugins2013-01-18MageiaMGASA-2013-0012kernel-vserver2013-01-18SUSESUSE-SU-2013:0047-1Acrobat Reader2013-01-18MageiaMGASA-2013-0015tomcat62013-01-18MageiaMGASA-2013-0010kernel2013-01-18UbuntuUSN-1695-1rpm2013-01-17UbuntuUSN-1694-1rpm2013-01-17UbuntuUSN-1699-1linux2013-01-17OracleELSA-2013-0165java-1.7.0-openjdk2013-01-17UbuntuUSN-1696-1linux2013-01-17SUSESUSE-SU-2013:0044-1Acrobat Reader2013-01-17UbuntuUSN-1698-1linux-ti-omap42013-01-17UbuntuUSN-1700-1linux-ti-omap42013-01-17Scientific LinuxSL-java-20130116java-1.7.0-openjdk2013-01-16Scientific LinuxSL-cong-20130116conga2013-01-16FedoraFEDORA-2013-0891xulrunner2013-01-16Scientific LinuxSL-quot-20130116quota2013-01-16





This database contains security alerts from numerous Linux distributors.

Distributors in the database

CentOSConectivaDebianDebian-TestingEnGardeEridaniFedoraFedora-LegacyForesightGentooHPImmunixMageiaMandrakeMandrivaMeeGoNetwosixOpenPKGopenSUSEOraclePardusProgenyRed HatrPathScientific LinuxSCO GroupSlackwareSorcererSuSESUSETawietinysofaTrustixTurbolinuxUbuntuWhiteboxYellow Dog


The LWN security vulnerabilities database

The LWN security vulnerabilities database

This is the main page for LWN.net's security vulnerability database.

Vulnerabilities with recent alerts

IDUpdatePackage(s)Description533235January 18, 2013linuxkernel: denial of service531056January 18, 2013virtualbox-osevirtualbox-ose: denial of service533230January 18, 2013kernelkernel: information disclosure527917January 18, 2013claws-mailclaws-mail: user credential leak533070January 17, 2013rpmrpm: incorrect signature checking532808January 17, 2013qemu-kvm, qemuqemu: buffer overflow532660January 17, 2013java-1.7.0-oraclejava: multiple vulnerabilities532086January 17, 2013firefox thunderbird xulrunner seamonkeymozilla: multiple vulnerabilities532122January 17, 2013firefox thunderbirdmozilla: multiple vulnerabilities533068January 17, 2013xorg-x11-appsxorg-x11-apps: unspecified vulnerability533067January 17, 2013railsrails: privilege escalation514776January 17, 2013java-1.7.0-openjdkjava: multiple vulnerabilities470976January 17, 2013sossos: key disclosure533031January 17, 2013squirrelmailsquirrelmail: denial of service532553January 17, 2013autofsautofs: denial of service264473January 17, 2013postgresqlPostgreSQL: multiple vulnerabilities520751January 17, 2013rubyruby: unintended file creation519492January 17, 2013ruby1.8ruby: access restriction bypass532554January 17, 2013mysqlmysql: authentication bypass532551January 17, 2013OpenIPMIOpenIPMI: invalid permissionsNext 20 vulnerabilities







No comments:

Post a Comment