5 matches found
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via cmForEachFunctionBlocker::ReplayItems function of the file cmForEachCommand.cxx. An attacker can cause a program crash by providing CMakeLists.txt files containing malformed foreach constructs that triggers a...
openSUSE 15 Security Update : cJSON (openSUSE-SU-2024:0139-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0139-1 advisory. - Update to 1.7.18: CVE-2024-31755: NULL pointer dereference via cJSONSetValuestring boo1223420 Remove non-functional list handling of compiler...
XZ backdoor story – Initial analysis
On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux...
SUSE CVE-2016-7958
In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/CMakeLists.txt by registering this dissector...
Fedora 28 : quazip (2018-0c586e5178)
2018-06-13 0.7.6 - Fixed the Zip Slip vulnerability in JlCompress - Renamed crypt.h to minizipcrypt.h to avoid conflicts - 2018-05-20 0.7.5 - Fixed targetlinklibraries call in CMakeLists - Worked around a Qt 4.6 bug QTBUG-15421 screwing up hidden files handling in JlCompress::compressDir -...