[Bug 1048203]

2015-03-12 Thread Glsamaker
This issue was resolved and addressed in GLSA 201503-04 at http://security.gentoo.org/glsa/glsa-201503-04.xml by GLSA coordinator Kristian Fiskerstrand (K_F). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1110273]

2014-03-27 Thread Glsamaker
This issue was resolved and addressed in GLSA 201403-06 at http://security.gentoo.org/glsa/glsa-201403-06.xml by GLSA coordinator Mikle Kolyada (Zlogene). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1039881]

2014-01-22 Thread Glsamaker
This issue was resolved and addressed in GLSA 201401-24 at http://security.gentoo.org/glsa/glsa-201401-24.xml by GLSA coordinator Chris Reffett (creffett). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 222592]

2013-11-15 Thread Glsamaker
This issue was resolved and addressed in GLSA 201311-07 at http://security.gentoo.org/glsa/glsa-201311-07.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1037434]

2013-08-29 Thread Glsamaker
This issue was resolved and addressed in GLSA 201308-05 at http://security.gentoo.org/glsa/glsa-201308-05.xml by GLSA coordinator Sergey Popov (pinkbyte). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1110273]

2013-02-10 Thread Glsamaker
CVE-2012-5960 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5960): Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows

[Bug 1039560]

2013-01-15 Thread Glsamaker
This issue was resolved and addressed in GLSA 201301-03 at http://security.gentoo.org/glsa/glsa-201301-03.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 894782]

2012-11-25 Thread Glsamaker
CVE-2011-4612 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4612): icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL. -- You received this bug notification because you are a member of Ubuntu Bugs, which

[Bug 1039881]

2012-11-21 Thread Glsamaker
CVE-2012-3523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3523): The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is

[Bug 1011823]

2012-11-15 Thread Glsamaker
This issue was resolved and addressed in GLSA 201211-01 at http://security.gentoo.org/glsa/glsa-201211-01.xml by GLSA coordinator Tobias Heinlein (keytoaster). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1022360]

2012-10-04 Thread Glsamaker
This issue was resolved and addressed in GLSA 201209-15 at http://security.gentoo.org/glsa/glsa-201209-15.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to asterisk in Ubuntu.

[Bug 1022360]

2012-10-04 Thread Glsamaker
This issue was resolved and addressed in GLSA 201209-15 at http://security.gentoo.org/glsa/glsa-201209-15.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1022012]

2012-10-04 Thread Glsamaker
This issue was resolved and addressed in GLSA 201209-17 at http://security.gentoo.org/glsa/glsa-201209-17.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1037434]

2012-08-22 Thread Glsamaker
CVE-2012-4298 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4298): Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a

[Bug 1025111]

2012-08-16 Thread Glsamaker
This issue was resolved and addressed in GLSA 201208-03 at http://security.gentoo.org/glsa/glsa-201208-03.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1023931]

2012-08-13 Thread Glsamaker
CVE-2012-3867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3867): lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing

[Bug 1023931]

2012-08-13 Thread Glsamaker
CVE-2012-3867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3867): lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing

[Bug 1025111]

2012-07-25 Thread Glsamaker
CVE-2012-2843 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2843): Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. CVE-2012-2842

[Bug 1020403]

2012-07-25 Thread Glsamaker
CVE-2012-3377 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3377): Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and

[Bug 1022360]

2012-07-14 Thread Glsamaker
CVE-2012-3812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3812): Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones

[Bug 1022360]

2012-07-14 Thread Glsamaker
CVE-2012-3863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3863): channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones

[Bug 1022360]

2012-07-14 Thread Glsamaker
CVE-2012-3812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3812): Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones

[Bug 1022360]

2012-07-14 Thread Glsamaker
CVE-2012-3863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3863): channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones

[Bug 1022012]

2012-07-14 Thread Glsamaker
CVE-2012-3374 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3374): Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. -- You received this bug notification