Security Updates(DSA-3548-1 &DSA-3549-1 &DSA-3550-1)

The security updates of samba, chromium-browser and openssh.   Vulnerability Information DSA-3548-1 samba— Security Update Security database details: CVE-2015-5370: Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks. CVE-2016-2110: Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111: When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same ...Read more

Update Record Of Applications In Deepin Store (2016-04)

Update Record Of Applications In Deepin Store (2016-04)

Update Details of April 25 Application Added: Four in a Row,AssaultCube,Quadrapassel,PhotoQt,MEGA,CPU-G,LuckyBackup,CopyQ,Beyond Compare,FF Multi Converter,I-Nex,Conky,Gambas   Update Details of April 18 Application Added: Komodo IDE, Open Broadcaster Software, Room Arrange, Natron, Desura, Synergy, CrossFTP, Draftsight, Minetest, Vokoscreen, Speed Dreams, Google Earth, Vk Audio Saver, Pithons, Lightworks   Update Details of April 12 Scrolling Pictures Updated: UGet, OpenShot, Hedgewars, f.lux, Visual Studio Code   Application Added: Vivaldi, Sweet Home 3D, FlareGet, Messenger for Desktop, Corebird, Viber, ICQ, iptux, IntelliJ IDEA Community, Android issuu, Android Break Bricks   Update Details of April 4 Application Added: Android Angry birds, Foobnix, f.lux, VMware Workstation, xMEdit   Application Updated: Mozilla Firefox, Blender,Transmission   Hot Topic Updated: Find everything in book: Foxit Reader, Calibre, Okular, Comix, Master PDE Editor, Evince ...Read more

Security Updates(DSA-3541-1 &DSA-3542-1 &DSA-3543-1)

The security updates of roundcube, mercurial and oar.   Vulnerability Information DSA-3541-1 roundcube— Security Update Security database details: CVE-2015-8770: High-Tech Bridge Security Research Lab discovered that Roundcube, a webmail client, contained a path traversal vulnerability. This flaw could be exploited by an attacker to access sensitive files on the server, or even execute arbitrary code.   DSA-3542-1 mercurial— Security Update Security database details: Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-3068: Blake Burkhart discovered that Mercurial allows URLs for Git subrepositories that could result in arbitrary ...Read more

Security Updates (DSA-3533-1 & DSA-3540-1)

The security updates of openvswitch and lhasa.   Vulnerability Overview DSA-3533-1 openvswitch— Security Update Security database information: CVE-2016-2074: A remotely triggerable buffer overflow vulnerability was discovered in openvswitch, a production quality, multilayer virtual switch implementation. Specially crafted MPLS packets could overflow the buffer reserved for MPLS labels in an OVS internal data structure. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially, execution of arbitrary code.   DSA-3540-1 lhasa— Security Update Security database information: CVE-2016-2347: An integer underflow was discovered in Lhasa, a lzh archive decompressor, which might result in the execution ...Read more