Blogs

Opera 10.51 for Windows Released

http://my.opera.com/desktopteam/blog/2010/03/22/opera-10-51-for-windows-...

" Opera 10.51 for Windows changelog
Release notes

Release date: March 22, 2010

Opera 10.51 is a recommended security and stability upgrade. Opera
highly recommends all users to upgrade to Opera 10.51 to take advantage
of these improvements. "

http://www.opera.com/docs/changelogs/windows/1051/

HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code

http://permalink.gmane.org/gmane.comp.security.bugtraq/42791

"A potential vulnerability (CVE-2010-0104) has been identified with
certain HP Small Form Factor and Microtower PCs with Broadcom
Integrated NIC Firmware [in versions earlier than v1.40.0.0 and
earlier than v8.08]. The vulnerability could be remotely exploited to
execute arbitrary code."

MFSA 2010-08 Firefox 3.6.2 released early

http://www.mozilla.com/en-US/firefox/3.6.2/releasenotes/

Mozilla was originally going to release 3.6.2 on March 30.

"Firefox 3.6.2 fixes the following issues found in previous versions of
Firefox 3.6:

* Fixed a critical security issue that could potentially allow
remote code execution (see bug 552216).
* Fixed several additional security issues.
* Fixed several stability issues."

It is recommended that all Firefox 3.6.x users update to 3.6.2.

Opera 10.51 for Windows Released

http://my.opera.com/desktopteam/blog/2010/03/22/opera-10-51-for-windows-...

" Opera 10.51 for Windows changelog
Release notes

Release date: March 22, 2010

Opera 10.51 is a recommended security and stability upgrade. Opera
highly recommends all users to upgrade to Opera 10.51 to take advantage
of these improvements. "

http://www.opera.com/docs/changelogs/windows/1051/

CVE-2010-0419 kvm: emulator privilege escalation segment selector check

http://www.securityfocus.com/bid/38467

"The Linux kernel is prone to a privilege-escalation vulnerability
affecting the Kernel-based Virtual Machine (KVM).

A guest user could exploit this issue to gain elevated privileges on the
guest operating system or crash the guest."

https://rhn.redhat.com/errata/RHSA-2010-0126.html

It is recommended that kvm package updates be applied to mitigate this
vulnerability.

CVE-2010-0419 kvm: emulator privilege escalation segment selector check

http://www.securityfocus.com/bid/38467

"The Linux kernel is prone to a privilege-escalation vulnerability
affecting the Kernel-based Virtual Machine (KVM).

A guest user could exploit this issue to gain elevated privileges on the
guest operating system or crash the guest."

https://rhn.redhat.com/errata/RHSA-2010-0126.html

It is recommended that kvm package updates be applied to mitigate this
vulnerability.

CVE-2010-0419 kvm: emulator privilege escalation segment selector check

http://www.securityfocus.com/bid/38467

"The Linux kernel is prone to a privilege-escalation vulnerability
affecting the Kernel-based Virtual Machine (KVM).

A guest user could exploit this issue to gain elevated privileges on the
guest operating system or crash the guest."

https://rhn.redhat.com/errata/RHSA-2010-0126.html

It is recommended that kvm package updates be applied to mitigate this
vulnerability.

Opera Browser "Content-Length" Header Buffer Overflow Vulnerability in newly released 10.50

http://secunia.com/advisories/38820/

Two new vulnerabilities have been found in 10.50 and earlier versions.
The first can cause a DoS, the second could allow for remote code execution.

No patches are available as of yet. Recommendations from the Secunia
report are "do not browse untrusted websites or follow untrusted links."
This is a good recommendation in general. Other recommendations have
been to stop using Opera all together until an official patch is available.

Pages