openssl: NULL pointer dereference in signature_algorithms processing

A flaw was found in openssl. A server crash and denial of service attack could occur if a client sends a TLSv1.2 renegotiation ClientHello and omits the signaturealgorithms extension but includes a signaturealgorithmscert extension. The highest threat from this vulnerability is to system...

The vulnerability of the SQLDriverConnect function in the ODBC library for UNIX UnixODBC, related to an exception that triggers outside the allowed data buffer limits, allows a malicious actor to cause a service failure.

The vulnerability of the SQLDriverConnect function in the ODBC library for UNIX systems is related to buffer overflows caused by a long string in the FILEDSN option. Exploiting this vulnerability could allow an attacker to cause a service failure...

Design/Logic Flaw

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix like systems, the system's temporary...

Webmin 1.840 / 1.880 LFI

A local file inclusion vulnerability exists in Webmin 1.840 and 1.880 when the default Yes setting of 'Can view any file as a log file' is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to...

dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker

A flaw was found in dnsmasq. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:replyquery if the reply destination address/port is used by the pending forwarded queries. However, it does not use the address/port to retrieve the exact forwarded query, substantially...

lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c

A buffer overflow was found in the lldpdecode function in daemon/protocols/lldp.c in lldpd. This flaw allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. This threatens the...

fontforge: SFD_GetFontMetaData() insufficient CVE-2020-5395 backport

An out-of-bounds write flaw was found in FontForge while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is t...

tcpdump: SMB data printing mishandled

tcpdump before 4.9.3 mishandles the printing of SMB data issue 2 of 2...

webkitgtk: Buffer overflow leading to arbitrary code execution

A flaw was found in the webkitgtk package. Affected versions of this package are vulnerable to a buffer overflow caused by improper bounds checking by the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrar...

libssh: unsanitized location in scp could lead to unwanted command execution

A flaw was found with the libssh API function sshscpnew. A user able to connect to a server using SCP could execute arbitrary command using a user-provided path, leading to a compromise of the remote target...

sos bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

chromium-browser: Use after free in WebRTC

Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-15250

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this...

CVE-2020-15250

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this...

python-pip security update

...

samba: Combination of parameters and permissions can allow user to escape from the share path definition

A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share...

libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

qt5-qtbase: QImage allocation failure in qgifhandler

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault...

ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment

A stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced assignment. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by...

thunderbird security update

68.6.0-1.0.1.el81 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2...