[SECURITY] Fedora 31 Update: pxz-4.999.9-19.beta.20200421git.fc31

Parallel XZ is a compression utility that takes advantage of running XZ compression simultaneously on different parts of an input file on multiple cores and processors. This significantly speeds up compression tim e...

[SECURITY] Fedora 32 Update: openvpn-2.4.9-1.fc32

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Mitigation Mitigation for this issue is either not available or the currently available options do not meet th...

Low: Red Hat Security Advisory: libmspack security and bug fix update

An update for libmspack is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Low: libmspack security and bug fix update

The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes: libmspack: buffer overflow in function chmdreadheaders CVE-2019-1010305 For more details about the security issues, including the impact, a CVSS score,...

RLSA-2020:1686 Low: libmspack security and bug fix update

The libmspack packages contain a library providing compression and extraction of the Cabinet CAB file format used by Microsoft. Security Fixes: libmspack: buffer overflow in function chmdreadheaders CVE-2019-1010305 For more details about the security issues, including the impact, a CVSS score,...

wavpack security update

An update is available for wavpack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WavPack is a completely open audio compression format providing lossless,...

ALSA-2020:1581 Low: wavpack security update

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19840 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads ...

RLSA-2020:1581 Low: wavpack security update

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19840 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads ...

[SECURITY] Fedora 31 Update: openvpn-2.4.9-1.fc31

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...

DLL Hijacking Vulnerability in Cloud Orange Image Compression Software

Cloud Orange picture compression software is a picture compression software of Xunwu Cloud Orange Information Technology Co., Ltd, using excellent picture compression algorithms, support for one-key batch picture lossless compression, compression multiples of up to 10 times, safe and efficient...

DEBIAN-CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

AZL-44448 CVE-2020-11762 affecting package OpenEXR 2.3.0-6

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

Out-of-bounds

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

UBUNTU-CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

CVE-2020-11762

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case...

Denial Of Service (DoS)

cURL is vulnerable to denial of service DoS. When deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code...