CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

[SECURITY] [DLA 2470-1] zsh security update

Debian LTS Advisory DLA-2470-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 30, 2020 https://wiki.debian.org/LTS Package : zsh Version : 5.3.1-4+deb9u4 CVE ID : CVE-2017-18206 CVE-2018-0502 CVE-2018-1071 CVE-2018-1083 CVE-2018-1100 CVE-2018-13259...

Debian DLA-2470-1 : zsh security update

Several security vulnerabilities were found and corrected in zsh, a powerful shell and scripting language. Off-by-one errors, wrong parsing of shebang lines and buffer overflows may lead to unexpected behavior. A local, unprivileged user can create a specially crafted message file or directory...

openSUSE Security Update : slurm (openSUSE-2020-2033)

This update for slurm fixes the following issues : - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem bsc1178890. - CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command bsc1178891. This update was imported...

openSUSE Security Update : slurm (openSUSE-2020-2056)

This update for slurm fixes the following issues : - Updated to 20.02.6 : - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem bsc1178890. - CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command bsc1178891. -...

Security update for slurm (important)

openSUSE Security Update: Security update for slurm Announcement ID: openSUSE-SU-2020:2056-1 Rating: important References: 1173805 1178890 1178891 Cross-References: CVE-2020-27745 CVE-2020-27746 Affected Products: openSUSE Leap 15.2 An update that solves two vulnerabilities and has one errata is...

OPENSUSE-SU-2020:2056-1 Security update for slurm

This update for slurm fixes the following issues: - Updated to 20.02.6: CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem bsc1178890. CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command bsc1178891. Added...

Security update for slurm (important)

openSUSE Security Update: Security update for slurm Announcement ID: openSUSE-SU-2020:2033-1 Rating: important References: 1178890 1178891 Cross-References: CVE-2020-27745 CVE-2020-27746 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...

Debian DLA-2462-1 : cimg security update

Multiple heap buffer overflows have been fixed in CImg, a C++ toolkit to load, save, process and display images. For Debian 9 stretch, this problem has been fixed in version 1.7.9+dfsg-1+deb9u2. We recommend that you upgrade your cimg packages. For the detailed security status of cimg please refe...

Debian: Security Advisory (DLA-2462-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Heap overflow

raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...

CVE-2017-18926

raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2020-2347)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : glusterfs (EulerOS-SA-2020-2347)

According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that glusterfs server does not properly sanitize file paths in the 'trusted.io-stats-dump' extended attribute which is used by t...

Fedora 32 : lout (2020-869cd99560)

Add lout-3.40-cve.patch from https://lists.nongnu.org/archive/html/lout-users/2020-10/msg00013.html fixing rhbz1787383 and rhbz1787386 CVE-2019-19918 and CVE-2019-19917, two buffer overflows. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Fedora 33 : lout (2020-81c80ff1ed)

Add lout-3.40-cve.patch from https://lists.nongnu.org/archive/html/lout-users/2020-10/msg00013.html fixing rhbz1787383 and rhbz1787386 CVE-2019-19918 and CVE-2019-19917, two buffer overflows. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2311)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : SDL (ALAS-2020-1500)

The version of SDL installed on the remote host is prior to 1.2.15-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1500 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave....

EulerOS Virtualization 3.0.2.2 : glusterfs (EulerOS-SA-2020-2187)

According to the versions of the glusterfs packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPC request using gfs3lookupreq in glusterfs server. An authenticated attacker could use this flaw to leak...