EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1063)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.CVE-2020-8285...

EulerOS 2.0 SP3 : krb5 (EulerOS-SA-2021-1080)

According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...

EulerOS 2.0 SP3 : libproxy (EulerOS-SA-2021-1087)

According to the versions of the libproxy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2021-1064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated krb5 packages fix a security vulnerability

MIT Kerberos 5 aka krb5 before 1.17.2 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit CVE-2020-28196...

MGASA-2021-0022 Updated krb5 packages fix a security vulnerability

MIT Kerberos 5 aka krb5 before 1.17.2 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit CVE-2020-28196...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1029)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1022)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1010)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : curl (EulerOS-SA-2021-1022)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

EulerOS 2.0 SP9 : krb5 (EulerOS-SA-2021-1029)

According to the version of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...

PT-2021-7969 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: xpdf version 4.02 Description: The issue is related to an infinite recursion in the Catalog::findDestInTree function, which can cause a denial of service. This function is part of the xpdf software, used for viewing PDF files. The recursion i...

Updated curl packages fix security vulnerabilities

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231. A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl...

Fedora 32 : xen (2020-df772b417b)

xenstore watch notifications lacking permission checks XSA-115, CVE-2020-29480 1908091 Xenstore: new domains inheriting existing node permissions XSA-322, CVE-2020-29481 1908095 Xenstore: wrong path length check XSA-323, CVE-2020-29482 1908096 Xenstore: guests can crash xenstored via watchs...

SUSE SLES12 Security Update : xen (SUSE-SU-2020:3914-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

SUSE-SU-2020:3916-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

SUSE-SU-2020:3914-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

The vulnerability of the Dovecot mail server, caused by uncontrolled recursion, allows attackers to trigger a service failure.

The vulnerability of the Dovecot mail server arises due to an uncontrolled recursion. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures through a specially crafted email message...

Security update for xen (moderate)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:2313-1 Rating: moderate References: 1027519 1176782 1179496 1179498 1179501 1179502 1179506 1179514 1179516 Cross-References: CVE-2020-29480 CVE-2020-29481 CVE-2020-29483 CVE-2020-29484 CVE-2020-29566 CVE-2020-295...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3881-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...