502 matches found
Fixed CVEs in openssh-5.3p1: CVE-2016-10708, CVE-2016-10012
CVE-2016-10708: fix crash in packet handling code by moving inbound NEWKEYS handling to kex layer - CVE-2016-10012: abandon the fix due to compression mode issues...
Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377
CVE-2022-26377: modproxyajp: fix HTTP request smuggling - CVE-2022-28615: fix possible out-of-bounds read in apstrcmpmatch - CVE-2022-31813: modproxy: preserve original request headers so an upstream knows what the original request hostname was, and so send X-Forwarded- headers correctly...
Update of tzdata
Upgrade to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/CiudadJuarez that splits from America/Ojinaga. - Mexico will stop observing DST except near the US border. - Chihuahua...
Fixed CVEs in java-1.8.0-openjdk: CVE-2022-21434, CVE-2022-21443, CVE-2022-21476, CVE-2022-21426, CVE-2022-21496
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u332-b09. That fixes following CVEs: - CVE-2022-21476: Defective secure validation in Apache Santuario - CVE-2022-21496: URI parsing inconsistencies - CVE-2022-21434: Improper object-to-string conversion in AnnotationInvocationHandler -...
Fix of CVE: CVE-2021-43527
CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS - Update to CKBI 2.50 from NSS 3.67 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "AddTrust Low-Value Services Root" - Certificate "AddTrust...
Update of ca-certificates
remove old certificate - Removing: - Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "GeoTrust Global CA" - Certificate "GeoTrust Universal...
Fix of CVE: CVE-2022-23307, CVE-2022-23302
CVE-2022-23307: Fix Unsafe deserialization flaw in Chainsaw log viewer - CVE-2022-23302: Fix remote code execution when application is configured to use JMSSink...
Fix of CVE: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619
Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...
Fix CVE-2021-3156: Heap-based buffer overflow in sudo
Fix CVE-2021-3156: Heap-based buffer overflow in sudo...
bind: Fix of 2 CVEs
CVE-2023-50387: Resolved CPU exhaustion from specially crafted DNSSEC-signed zone responses - CVE-2023-50868: Resolved CPU exhaustion from DNSSEC-signed zones using NSEC3 - Enable internal tests by default...
zlib: Fix of CVE-2023-45853
CVE-2023-45853: Reject overflows of zip header fields in minizip...
openssh: Fix of CVE-2023-51385
CVE-2023-51385: ban user/hostnames with most shell metacharacters in command line...
python: Fix of CVE-2023-24329
CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character...
openssl: Fix of CVE-2023-2650
CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...
Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068
CVE-2022-1292: crehash: Do not use shell to invoke openssl to prevent command injection - CVE-2022-2068: crehash: Fix file operations to prevent command injection...
Fixed CVE-2022-37434 in zlib
CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field with inflate...
Fix of CVE: CVE-2021-3618
CVE-2021-3618: drop the connection after reaching the specified number of invalid protocol commmands...
Fixed 7 CVEs in vim
CVE-2022-2206: adjust cmdlinerow and msgrow to the value of Rows - CVE-2022-2284: stop visual mode when closing a window - CVE-2022-2285: put a NUL after the typeahead - CVE-2022-2286: check the length of the string - CVE-2022-2287: disallow adding a word with control characters or a trailing...
Fix of CVE: CVE-2022-23305
CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...
Fix of CVE: CVE-2020-0466, CVE-2022-0492, CVE-2021-4155, CVE-2021-0920
cgroup-v1: Require capabilities to set releaseagent ELSCVE-3555 CVE-2022-0492 - xfs: map unwritten blocks in XFSIOCALLOC,FREESP just like fallocate ELSCVE-3891 CVE-2021-4155 - afunix: fix garbage collect vs MSGPEEK ELSCVE-3728 CVE-2021-0920 - epoll: Keep a reference on files added to the check...
python: Fix of CVE-2022-48565
CVE-2022-48565: Reject XML entity declarations in plist files...
Fixed CVE-2022-40674 in expat
CVE-2022-40674: Ensure raw tagnames are safe exiting internalEntityParser - fix tests leak - fix xmlparse leak...
Fixed CVE-2016-10012 in openssh
CVE-2016-10012: re-remove pre-authentication compression and potentially unsecure shared memory manager used by zlib - Move not yet valid timestamps for certs to 2030-2040 range, make sure all tests are passed and add %check unset DISPLAY section...
Fixed CVEs in exim: CVE-2022-37451, CVE-2022-37452
CVE-2022-37452: fix heap-based buffer overflow for the alias list in hostnamelookup - CVE-2022-37451: fix invalid free in pamconverse...
Fixed CVE-2018-5741 in bind
CVE-2018-5741: update krb5,ms-self,subdomain descriptions...
Fix of CVE: CVE-2017-20005
CVE-2017-20005: fix buffer overflow for years that exceed four digits...
Fixed CVE-2022-29154 in rsync
CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc server MITM attack - Add '%check unset DISPLAY ' section but disable broken 'daemon' and 'hardlinks' tests...
Fix of CVE: CVE-2021-4034
CVE-2021-4034: pkexec: argv overflow results in local privilege esc...
Fix of CVE: CVE-2022-24407
CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands...
Fixed CVE-2019-17571 in log4j
CVE-2019-17571: Fix the deserialization of untrusted data in SocketServer that allows an attacker to remotely execute arbitrary code...
Fix of CVE: CVE-2021-23017
Update fix for CVE-2021-23017 accoding nginx.org recomendations...
Fix of CVE: CVE-2022-0547
CVE-2022-0547: Fix authentication bypass via multiple deferred authentication plug-ins...
openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen...
openssl: Fix of 3 CVEs
CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509VERIFYPARAMadd0policy - CVE-2022-3996: Drop redundant flag setting in policycachesetmapping...
Fixed CVEs in vim: CVE-2022-2289, CVE-2022-2304
CVE-2022-2289: bail out when diff pointer is no longer valid to avoid accessing freed memory with diff put - CVE-2022-2304: limit the word length to avoid out of bound accesing...
Fix of CVE: CVE-2022-22721, CVE-2022-22720
CVE-2022-22720: simpler connection close logic if discarding the request body fails - CVE-2022-22721: make sure and check that LimitXMLRequestBody fits in system memory...
Fix of CVE: CVE-2021-22555
ELS-130: CVE-2021-22555: netfilter: xtables: fix compat match/target pad out-of-bound write...
Fix of CVE: CVE-2021-25215, CVE-2021-25214, CVE-2021-25216
A broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215 - A second vulnerability in BIND's GSSAPI security...
Fixed CVE-2022-1271 in gzip
CVE-2022-1271: Fix arbitrary file override with crafted file names...
sudo: Fix of CVE-2023-42465
CVE-2023-42465: make sudo less vulnerable to ROWHAMMER attacks...
Fixed CVE-2016-10009 in openssh-5.3p1
CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...
Fix of CVE: CVE-2022-28391
CVE-2022-28391: fix possible terminal injection attacks from DNS query results...
nginx: Fix of CVE-2023-44487
CVE-2023-44487: HTTP/2 - per-iteration stream handling limit...
Fix of CVE: CVE-2022-0554, CVE-2022-0729, CVE-2022-0685, CVE-2022-0572
CVE-2022-0554: fix ending up with no current buffer - CVE-2022-0572: fix crashing when repeatedly using :retab - CVE-2022-0685: fix crashing when using special multi-byte character - CVE-2022-0729: fix crashing with specific regexp pattern and string...
openssl: Fix of 2 CVEs
CVE-2023-0215: Fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0286: Fix GENERALNAMEcmp for x400Address...
Fix of CVE: CVE-2021-4104
CVE-2021-4104: Fix remote code execution vulnerability...
Fixed CVE-2020-12723 in perl-5.10.1
CVE-2020-12723: fix a buffer overflow caused by a crafted regular expression because of recursive Sstudychunk calls...
Fix of CVE: CVE-2017-15022, CVE-2017-9742, CVE-2017-9749, CVE-2017-14940, CVE-2017-15225, CVE-2017-9753, CVE-2017-14130, CVE-2017-14333, CVE-2017-8421, CVE-2017-8398, CVE-2017-12448, CVE-2017-16826, CVE-2017-15938, CVE-2017-16831, CVE-2017-9744, CVE-2017-12455, CVE-2017-15996, CVE-2017-8396, CVE-2017-12451, CVE-2017-7614, CVE-2017-12452, CVE-2017-9748, CVE-2017-7225, CVE-2017-7302, CVE-2017-12449, CVE-2017-12458, CVE-2017-16827, CVE-2017-15939, CVE-2017-7227, CVE-2017-7226, CVE-2017-16828, CVE-2017-17121, CVE-2017-12453, CVE-2017-17080, CVE-2017-17124, CVE-2017-7223, CVE-2017-9747, CVE-2017-12457, CVE-2017-12456, CVE-2017-7299, CVE-2017-7300, CVE-2017-9754, CVE-2017-13710, CVE-2017-12450, CVE-2017-7301, CVE-2017-8394, CVE-2017-12454, CVE-2017-14932, CVE-2017-15020, CVE-2017-17123, CVE-2017-12459, CVE-2017-7224, CVE-2017-17125, CVE-2017-12799, CVE-2017-8393, CVE-2017-14938
CVE-2017-7223: Fix global buffer overflow of size 1 - CVE-2017-7224: Fix invalid write of size 1 while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow -...
Fix of 227 CVE
Fix bug 69720: Null pointer dereference in phargetfpoffset - Fix bug 70728: Type Confusion Vulnerability in PHPtoXMLRPCworker - Fix bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization - Fix bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability - Fix bug...
kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...