ALSA-2021:1702 Moderate: brotli security update

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

Moderate: brotli security update

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

RLSA-2021:1702 Moderate: brotli security update

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

Debian DLA-2657-1 : lz4 security update

It was discovered that there was a potential memory corruption vulnerability in the lz4 compression algorithm library. For Debian 9 'Stretch', this problem has been fixed in version 0.0r131-2+deb9u1. We recommend that you upgrade your lz4 packages. For the detailed security status of lz4 please...

USN-4760-1: libzstd vulnerabilities

It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to expectations...

[SECURITY] Fedora 33 Update: brotli-1.0.9-3.fc33

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

Fedora: Security Advisory for brotli (FEDORA-2020-bc9a739f0c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 25 Update: libpng-1.6.27-1.fc25

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

Microsoft Windows - GDI+ DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=824 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, which may embed bitmaps in records such as EMRPLGBLT, EMRBITBLT, EMRSTRETCHBLT, EMRSTRETCHDIBITS etc. T...

What does a pointer look like, anyway?

Posted by Chris Evans, Renderer of Modern Art In Adobe’s August 2014 Flash Player security update, we see: These updates resolve memory leakage vulnerabilities that could be used to bypass memory address randomization CVE-2014-0540, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545. I...

BREACH decodes HTTPS encrypted data in 30 seconds

A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic in just 30 seconds. The technique was demonstrated at the Black Hat security conference in Las Vegas Presentation PDF & Paper by Gluck along with...

BREACH decodes HTTPS encrypted data in 30 seconds

A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic in just 30 seconds. The technique was demonstrated at the Black Hat security conference in Las Vegas Presentation PDF & Paper by Gluck along with...

Oracle Linux 3 : libtiff (ELSA-2008-0863)

From Red Hat Security Advisory 2008:0863 : Updated libtiff packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The libtiff packages contain a library of...

CentOS Update for libtiff CESA-2009:1159 centos3 i386

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2009:1159 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

IPComp - encapsulation Kernel Memory Corruption

// source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload ------------------------------------------------------------------------------- Gruezi, this document describes CVE-2011-1547. RFC31...

Apple QuickTime PICT File PackBits Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application'...

CentOS 3 / 4 / 5 : gzip (CESA-2010:0061)

An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gzip package provides the GNU gzip data compression program. An integer underfl...

VMSA-2008-0017 : Updated ESX packages for libxml2, ucd-snmp, libtiff

a. Updated ESX Service Console package libxml2 A denial of service flaw was found in the way libxml2 processes certain content. If an application that is linked against libxml2 processes malformed XML content, the XML content might cause the application to stop responding. The Common...

CentOS Update for libtiff CESA-2008:0863-01 centos2 i386

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2008:0863-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

RHEL 5 : libtiff (RHSA-2008:0847)

Updated libtiff packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libtiff packages contain a library of functions for manipulating Tagged Image Fi...