Red Hat released three new security updates this afternoon, including two updates rated important.
RHSA-2007:0406 Important: openoffice.org security update
This security update fixes one vulnerability in the openoffice.org packages for Red Hat Enterprise Linux 3, 4, and 5. A heap overflow in the RTF import filter could allow an attacker to crash OpenOffice or execute arbitrary code (CVE-2007-0245). The Red Hat Security Response Team has rated this update as having important security impact. Further information can be found on the Red Hat Network.
RHSA-2007:0492 Moderate: spamassassin security update
This security update corrects one vulnerability in the spamassassin packages for Red Hat Enterprise Linux 4 and 5. A symlink issue in SpamAssassin could allow an attacker to create or overwrite files writable by the spamd process (CVE-2007-2873). The Red Hat Security Response Team has rated this update as having moderate security impact. For more information, see the Red Hat Network.
RHSA-2007:0494 Important: kdebase security update
This update affects one vulnerability in the kdebase packages for Red Hat Enterprise Linux 3, 4, and 5. An interaction problem between Adobe Flash Player and Konquerer (the KDE web browser) could allow keystrokes to leak from the web browser to Flash Player (CVE-2007-2022). The Red Hat Security Response Team has rated this update as having important security impact. More details can be found on the Red Hat Network.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
Leave a Reply