5 matches found
CLSA-2026-1778933429 Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
SECURITY UPDATE: drop usage of Module::ScanDeps to prevent LPE - debian/patches/CVE-2024-11003.patch: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 SECURITY UPDATE: do not set PYTHONPATH environment variable to prevent a LPE - debian/patches/CVE-2024-48990.patch: do not set...
RLSA-2023:5537 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvp...
RLSA-2024:4249 Low: c-ares security update
The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
CLSA-2023-1693904834 Fix CVE(s): CVE-2022-48174
SECURITY UPDATE: unlikely stack overflow vulnerability - debian/patches/CVE-2022-48174.patch: break if a number string containing invalid characters - CVE-2022-48174...
CLSA-2022-1654804099 Fix CVE(s): CVE-2022-1851, CVE-2022-1886, CVE-2022-0319, CVE-2022-1898
SECURITY UPDATE: mlget error when exchanging windows in Visual mode - debian/patches/CVE-2022-0319.patch: Correct end of Visual area when entering another buffer - CVE-2022-0319 SECURITY UPDATE: Cursor may be in an invalid position after text formatting - debian/patches/CVE-2022-1851.patch: Corre...