Red Hat released three new security updates this afternoon.
- RHSA-2007:0765 Moderate: libgtop2 security update
This update addresses one vulnerability in the libgtop2 packages for Red Hat Enterprise Linux 4. An attacker could execute arbitrary code due to a flaw in the way libgtop2 handles long filenames (CVE-2007-0235). The Red Hat Security Response Team has rated this update as having moderate security impact. - RHSA-2007:0777 Moderate: gdm security and bug fix update
This update addresses a single vulnerability in the gdm packages for Red Hat Enterprise Linux 5. A local user could crash a running X session by writing malicious data to Gdm’s unix domain socket (CVE-2007-3381). The Red Hat Security Response Team has rated this update as having moderate security impact. - RHSA-2007:0829 Critical: java-1.5.0-ibm security update
This update addresses multiple vulnerabilities in the java-1.5.0-ibm packages for Red Hat Enterprise Linux 4 and 5. A list of vulnerabilities is included in Table 1 below. The Red Hat Security Response Team has rated this update as having critical security impact.
CVE-2007-2435 javaws vulnerabilities CVE-2007-3004 Integer overflow in IBM JDK’s ICC profile parser CVE-2007-3503 HTML files generated with Javadoc are vulnerable to a XSS CVE-2007-3655 A buffer overflow vulnerability in Java Web Start URL parsing code CVE-2007-3922 Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions CVE-2007-2788 Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit CVE-2007-2789 BMP image parser vulnerability CVE-2007-3005 Unspecified vulnerability in Sun JRE
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!