514 matches found
kernel: Fix of 7 CVEs
KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...
curl: Fix of 3 CVEs
CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations...
git: Fix of 4 CVEs
CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...
Fixed CVEs in vim: CVE-2022-1735, CVE-2022-1733
CVE-2022-1733: fix reading past end of the line when C-indenting - CVE-2022-1735: fix invalid memory access caused by changing text in Visual mode...
Fixed CVE-2018-25032 in rsync
CVE-2018-25032: Fix memory corruption when deflating if the input has many distant matches...
Fix of CVE: CVE-2021-3800
CVE-2021-3800: Fix privilege escalation...
Fix of CVE: CVE-2021-3875, CVE-2021-3872, CVE-2021-3903
CVE-2021-3872: fix illegal memory access if buffer name is very long - CVE-2021-3875: fix mlget error after search with range - CVE-2021-3903: fix invalid memory access when scrolling without a valid screen...
Fix of CVE: CVE-2020-35452
CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...
vim: Fix of CVE-2023-4736
CVE-2023-4736: improve search path to avoid run an executable in untrusted dir...
java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization Serialization, 8285021 - CVE-2023-21843: Soundbank URL remote loading Sound, 8293742 - Update tzdata requirement to 2022g to match JDK-8297804 -...
xterm: Fix of CVE-2022-45063
CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in xstrcasecmp and xstrncasecmp to help with error recovery for a missing font...
Fixed CVE-2022-2581 in vim
CVE-2022-2581: fix illegal memory access when pattern starts with illegal byte...
glibc: Fix of CVE-2024-33599
CVE-2024-33599: Fix buffer overflow in netgroup cache...
Fix of CVE: CVE-2021-3326, CVE-2021-43396
CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...
Update of python-perf, kernel-debug, kernel-debug-devel, kernel-headers, kernel-debug-devel, kernel, perf, kernel-devel
...
kernel: Fix of 11 CVEs
drm/vmwgfx: Fix invalid reads in fence signaled events CVE-2024-36960 - afunix: Fix garbage collector racing against connect CVE-2024-26923 - ipv6: remove maxsize check inline with ipv4 CVE-2023-52340 - aoe: fix the potential use-after-free problem in aoecmdcfgpkts CVE-2023-6270 - smb: client:...
exim: Fix of 2 CVEs
CVE-2023-42114: fix possible OOB read in SPA authenticator - CVE-2023-42116: fix possible OOB write in SPA authenticator...
vim: Fix of CVE-2022-3352
CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory...
Fixed CVE-2022-28614 in httpd
CVE-2022-28614: fix out-of-bounds read via aprwrite...
Fixed CVE-2022-27782 in curl
CVE-2022-27782: add missing checks of ssl and ssh options during matching a connection for reuse...
Fix of CVE: CVE-2017-6363, CVE-2021-40145
CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette...
Fix of CVE: CVE-2020-10878
CVE-2020-10878: fix integer overflow leading to RCE...
Update of libcurl, curl, libcurl-devel, libcurl-devel, libcurl
...
Update of python-libs, python-tools, python, python-devel, python-libs, python-devel, python, python-test, tkinter
Rebuilt...
Fix of CVE:CVE-2021-23841
Fix Null pointer deref in X509issuerandserialhash CVE-2021-23841...
nss: Fix of CVE-2023-0767
CVE-2023-0767: nss: improve handling of unknown PKCS12 safe bag types...
Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435
CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed...
Fixed CVE-2022-2795 in bind
CVE-2022-2795: fix possible resolver performance degradation when processing large delegations...
Fixed CVEs in vim: CVE-2022-2845, CVE-2022-2849
CVE-2022-2849: fix invalid memory access with for loop over NULL string - CVE-2022-2845: fix reading before the start of the line...
Fixed CVE-2021-22543 in kernel
KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22543...
Fix of CVE: CVE-2020-8284
trusting FTP PASV responses CVE-2020-8284...
microcode_ctl: Fix of CVE-2023-23583
Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2023-23583 INTEL-SA-00950: - Update of 06-6a-06/0x87 ICX-SP D0 microcode in 06-6a-06 from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 ICL-D B0 microcode in 06-6c-01 from revision 0x1000230 up to 0x1000268; -...
libwebp: Fix of CVE-2023-1999
CVE-2023-1999: avoids a double free...
curl: Fix of CVE-2022-32221
CVE-2022-32221: fix issue when POST following PUT confusion...
Fix of 56 CVEs
CVE-2017-7223: Fix global buffer overflow of size 1 - CVE-2017-7224: Fix invalid write of size 1 while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow -...
Fix of CVE: CVE-2021-3778, CVE-2021-3796
CVE-2021-3778: crafted input leads to heap-based buffer overflow - CVE-2021-3796: crafted input leads to use-after-free...
kernel: Fix of 7 CVEs
KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...
exim: Fix of CVE-2023-42117
CVE-2023-42117: fix stringisipaddress...
Fixed CVE-2022-29154 in rsync
CVE-2022-29154: fix arbitrary file write vulnerability via malicious rsync server MITM attack, refactoring - fix test-system components, enable 'daemon' and 'hardlinks' tests...
Fixed CVE-2015-20170 in python
CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...
Fix of CVE: CVE-2020-25211, CVE-2020-25656, CVE-2019-19532, CVE-2020-29661
CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...
ansible: Fix of CVE-2023-5764
CVE-2023-5764: avoid evaluate unsafe conditions...
libxml2: Fix of CVE-2024-25062
CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader interface with DTD validation and XInclude expansion enabled - test suite was partially activated...
python: Fix of CVE-2023-24329
CVE-2023-24329: part2: Start stripping C0 control and space chars in urlsplit - Also correct the first CVE-2023-24329 patch: Fix testattributesbadscheme to check for non-ascii symbol as first character of url...
openldap: Fix of CVE-2023-2953
CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference...
Fixed CVE-2022-41318 in squid
CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication...
Fix of 14 CVEs
CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...
Fix of CVE: CVE-2021-23840
Fixed integer overflow in CipherUpdateCVE-2021-23840...
kernel: Fix of 13 CVEs
btrfs: fix use-after-free after failure to create a snapshot CVE-2022-48733 - hwmon: nct6775-core Fix underflows seen when writing limit attributes CVE-2024-46757 - wifi: mac80211: Avoid address calculations via out of bounds array indexing CVE-2024-41071 - netfilter: conntrack: dccp: copy entire...
microcode_ctl: Fix of CVE-2023-20593
Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00; - Update AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor family 17h: sig...