514 matches found
Update of amanda
Fix bug that leads to amdump and runtar problem due to options recognized as invalid falsely...
microcode_ctl: Fix of CVE-2022-40982
Update Intel CPU microcode to microcode-20230808 release addresses CVE-2022-40982: - Addition of 06-ba-02/0xe0 microcode in microcode.dat at revision 0x4119; - Addition of 06-ba-02/0xe0 microcode in microcode.dat at revision 0x4119; - Addition of 06-ba-03/0xe0 microcode in microcode.dat at...
php: Fix of 2 CVEs
CVE-2023-3823: Fix external entity loading in XML without enabling by sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phardirread...
samba: Fix of CVE-2022-2127
CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request...
amanda: Fix of 2 CVEs
CVE-2022-37705: fix tar option filtering - CVE-2023-30577: introduce tar option allow list...
microcode_ctl: Fix of CVE-2023-20593
Update AMD CPU microcode to 2023-07-19 addresses CVE-2023-20593: - Addition AMD CPU microcode for processor family 17h: sig 0x008a0f00; - Update AMD CPU microcode for processor family 19h: sig 0x00a00f10, sig 0x00a00f11, sig 0x00a00f12; - Update AMD CPU microcode for processor family 17h: sig...
openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen...
java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u382-b05. That fixes following CVEs: - CVE-2023-22045: Array indexing integer overflow issue. 8304468 - CVE-2023-22049: Improper handling of slash characters in URI-to-path conversion 8305312 - Remove patch for pkcs11 cause issue was fixed in...
Update of nss
Update to CKBI 2.62 from NSS 3.91 - Added: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...
Update of ca-certificates
update to CKBI 2.62 from NSS 3.91 - added new certificates: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...
python: Fix of CVE-2023-24329
CVE-2023-24329: part2: Start stripping C0 control and space chars in urlsplit - Also correct the first CVE-2023-24329 patch: Fix testattributesbadscheme to check for non-ascii symbol as first character of url...
openldap: Fix of CVE-2023-2953
CVE-2023-2953: added check for strdup failure, to avoid null pointer dereference...
java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake 8294474 - CVE-2023-21937: Missing string checks for NULL characters 8296622 - CVE-2023-21938: Incorrect handling of NULL characters in...
Update of tzdata
Upgrade to tzdata-2023c code and data are identical to 2023a - Egypt now uses DST again, from April through October. - This year Morocco springs forward April 23, not April 30. - Palestine delays the start of DST this year. - Much of Greenland still uses DST from 2024 on. - America/Yellowknife...
exim: Fix of CVE-2021-38371
CVE-2021-38371: Enforce STARTTLS sync point, client side in src/transports/smtp.c...
openssl: Fix of CVE-2023-2650
CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...
vim: Fix of CVE-2023-2609
CVE-2023-2609: check "yarray" is not NULL...
vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
sysstat: Fix of 2 CVEs
CVE-2022-39377: fix possible buffer overflow - CVE-2023-33204: fix possible buffer overflow in an incomplete fix for CVE-2022-39377...
git: Fix of 2 CVEs
CVE-2023-25652: removing a link instead of writing into - CVE-2023-29007: restrict the config file line length to parse it whole - tests were activated - a buffer overflow during reading of configuration's enormous value has been fixed...
openssl: Fix of 3 CVEs
CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509VERIFYPARAMadd0policy - CVE-2022-3996: Drop redundant flag setting in policycachesetmapping...
kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...
kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...
curl: Fix of CVE-2023-27534
CVE-2023-27534: fix SFTP path '' resolving discrepancy - fix resolving SCP relative path...
curl: Fix of 3 CVEs
CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations...
nss: Fix of CVE-2023-0767
CVE-2023-0767: nss: improve handling of unknown PKCS12 safe bag types...
Update of microcode_ctl
Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode in microcode.dat at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode in microcode.dat at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode in microcode.dat at revision 0x2b000181; -...
vim: Fix of CVE-2023-1170
CVE-2023-1170: adjust the cursor column if needed...
vim: Fix of CVE-2023-1175
CVE-2023-1175: make sure "startspaces" is not negative...
php: Fix of 3 CVEs
CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body...
python: Fix of CVE-2023-24329
CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character...
httpd: Fix of CVE-2006-20001
CVE-2006-20001: moddav: out-of-bounds read/write...
tar: Fix of CVE-2022-48303
CVE-2022-48303: check for the end of field after leading byte 0x80 or 0xff of base-256 encoded header value...
git: Fix of 4 CVEs
CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...
Update of ca-certificates
update to CKBI 2.60 from NSS 3.86 - removed old certificates: - Certificate "EC-ACC" - Certificate "GlobalSign ECC Root CA - R4" - Certificate "GTS Root R1" - Certificate "GTS Root R2" - Certificate "GTS Root R3" - Certificate "GTS Root R4" - Certificate "Hellenic Academic and Research...
Update of nss
Update to CKBI 2.60 from NSS 3.86 - Removed: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "DST Root CA X3" - Certificate "EC-ACC" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "GlobalSign Root CA - R2" -...
openssl: Fix of 2 CVEs
CVE-2023-0215: Fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0286: Fix GENERALNAMEcmp for x400Address...
java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization Serialization, 8285021 - CVE-2023-21843: Soundbank URL remote loading Sound, 8293742 - Update tzdata requirement to 2022g to match JDK-8297804 -...
Update of tzdata
Upgrade to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/CiudadJuarez that splits from America/Ojinaga. - Mexico will stop observing DST except near the US border. - Chihuahua...
sudo: Fix of CVE-2023-22809
CVE-2023-22809: do not permit editor arguments to include "--" for sudoedit - build tests have been enabled...
vim: Fix of CVE-2023-0433
CVE-2023-0433: check for not going over the end of the line...
httpd: Fix of CVE-2022-36760
CVE-2022-36760: modproxyajp: fix possible HTTP request smuggling...
vim: Fix of CVE-2023-0049
CVE-2023-0049: fix out-of-bounds read...
Update of ca-certificates
update to CKBI 2.58 from NSS 3.67 - removed old certificates: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "Equifax Secure eBusiness CA 1" - Certificate "Equifax Secure Global eBusiness CA" - Certificate "Explicitly Distrusted DigiNotar...
openssh: Fix of 2 CVEs
CVE-2019-6109: verify character encoding in progress display to avoid spoofing of scp client output - CVE-2016-10012: updated to fix server-side protocol errors observed during rekeying with compression enabled...
vim: Fix of CVE-2022-3591
CVE-2022-3591: disallow navigating to a dummy buffer...
curl: Fix of CVE-2022-32221
CVE-2022-32221: fix issue when POST following PUT confusion...
vim: Fix of CVE-2022-4292
CVE-2022-4292: bail out if the window no longer exists...
vim: Fix of 2 CVEs
CVE-2022-4141: check for text locked in CTRL-W gf - CVE-2022-3520: check that the column does not become negative...
krb5: Fix of CVE-2022-42898
CVE-2022-42898: Fix integer overflows in PAC parsing - A test-suite was activated...