OPENSUSE-SU-2020:0115-1 Security update for libredwg

This update for libredwg fixes the following issues: libredwg was updated to release 0.10: API breaking changes: Added a new int isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not. removed the UNKNOWN supertype, there are only UNKNOWNOBJ and UNKNOWNE...

Security update for libredwg (moderate)

openSUSE Security Update: Security update for libredwg Announcement ID: openSUSE-SU-2020:0115-1 Rating: moderate References: 1160520 1160522 1160523 1160524 1160525 1160526 1160527 Cross-References: CVE-2020-6609 CVE-2020-6610 CVE-2020-6611 CVE-2020-6612 CVE-2020-6613 CVE-2020-6614 CVE-2020-6615...

Security update for libredwg (moderate)

openSUSE Security Update: Security update for libredwg Announcement ID: openSUSE-SU-2020:0096-1 Rating: moderate References: 1160520 1160522 1160523 1160524 1160525 1160526 1160527 Cross-References: CVE-2020-6609 CVE-2020-6610 CVE-2020-6611 CVE-2020-6612 CVE-2020-6613 CVE-2020-6614 CVE-2020-6615...

openSUSE Security Update : libredwg (openSUSE-2020-96)

This update for libredwg fixes the following issues : libredwg was updated to release 0.10 : API breaking changes : - Added a new int isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not. - removed the UNKNOWN supertype, there are only UNKNOWNOBJ and...

OPENSUSE-SU-2020:0096-1 Security update for libredwg

This update for libredwg fixes the following issues: libredwg was updated to release 0.10: API breaking changes: Added a new int isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not. removed the UNKNOWN supertype, there are only UNKNOWNOBJ and UNKNOWNE...

OPENSUSE-SU-2020:0095-1 Security update for libredwg

This update for libredwg fixes the following issues: libredwg was updated to release 0.9.3: Added the -x,--extnames option to dwglayers for r13-r14 DWGs. Fixed some leaks: SORTENTSTABLE, PROXYENTITY.ownerhandle for r13. Add DICTIONARY.itemhandles for r13 and r14. Fixed some dwglayers null pointer...

OPENSUSE-SU-2020:0068-1 Security update for libredwg

This update for libredwg fixes the following issues: libredwg was updated to release 0.9.3: Added the -x,--extnames option to dwglayers for r13-r14 DWGs. Fixed some leaks: SORTENTSTABLE, PROXYENTITY.ownerhandle for r13. Add DICTIONARY.itemhandles for r13 and r14. Fixed some dwglayers null pointer...

Improper Key Verification in openpgp

Versions of openpgp prior to 4.2.0 are vulnerable to Improper Key Verification. The OpenPGP standard allows signature packets to have subpackets which may be hashed or unhashed. Unhashed subpackets are not cryptographically protected and cannot be trusted. The openpgp package does not verify...

Fedora 27 : ckeditor (2018-e29c7d10da)

4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 Security Updates - Fixed XSS vulnerability in the Enhanced Image image2 plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the tag and specially crafted HTML. Please note that the default...

UPDATE: WordPress Exploit Framework v1.8!

PenTestIT RSS Feed Good news guys! We now have the WordPress Exploit Framework v1.8 amongst us! This new version fixes API compatibility with a shell upload module, updates multiple dependencies, introduces multiple API changes and adds multiple new modules and payloads! WordPress Exploit Framewo...

Fedora 25 : cups-filters / qpdf (2017-a05e2b8545)

Patches solving CVEs in qpdf changes API, so cups-filters needed to be rebuilt with it. ---- Reverting changes from previous update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatical...

openSUSE Security Update : gdk-pixbuf (openSUSE-2015-570)

gdk-pixbuf was updated to version 2.31.6 to fix a secuirty vulnerability and several bugs. - Update to version 2.31.6 boo942801 : + Really fix bgo752297. This is CVE-2015-4491. + Updated translations. - Update to version 2.31.5 : + Add support for gautoptr for all object types bgo750497. + Avoid ...

SUSE-SU-2015:1249-1 Security update for augeas

This update fixes an untrusted argument escaping problem CVE-2014-8119: new API - augescapename - which can be used to escape untrusted inputs before using them as part of path expressions augmatch is changed to return properly escaped output...

[SECURITY] [DSA 2913-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2913-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 25, 2014 http://www.debian.org/security/faq -...

Debian DSA-2913-1 : drupal7 - security update

An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to othe...

[SECURITY] [DSA 2914-1] drupal6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2914-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 25, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2913-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2913-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 25, 2014 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-2914-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 19 : ReviewBoard-1.7.22-1.fc19 (2014-3420)

New upstream security release 1.7.22 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.22/ - Security Fixes : - An XSS vulnerability was found in the Search field's auto-complete. - New Features : - Added support for anonymous access to public Local Sites. - Added support for...

Fedora 18 : zeroinstall-injector-2.3-1.fc18 (2013-12396)

Enhancements : - upstream now ships an experimental OCaml front-end, this is not yet enabled - Add fish-shell command completion - Allow relative files in and for local feeds. This makes it easy to test feeds before passing them to 0repo. Bug fixes : - Better handling of default=' in bindings. Th...