Update for ImageMagick, ImageMagick.256, Mozilla... security low

libcgroup1: Fixed heap-based buffer overflow in libcgroup

Two security bugfixes in libcgroup1 were done:

libcgroup suffered from a heap based buffer overflow
(CVE-2011-1006).

The cgrulesengd daemon did not verify the origin of netlink
messages, allowing local users to spoof events
(CVE-2011-1022).

Fixed bugs
bnc#675506
VUL-0: libcgroup1: Heap-based buffer overflow in libcgroup, CVE-2011-1006
bnc#675048
VUL-0: libcgroup1: Failure to verify netlink messages
CVE#CVE-2011-1006
Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line
CVE#CVE-2011-1022
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to bypa
Selected Binaries
openSUSE Build Service is sponsored by