502 matches found
java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u372-b07. That fixes following CVEs: - CVE-2023-21930: Improper connection handling during TLS handshake 8294474 - CVE-2023-21937: Missing string checks for NULL characters 8296622 - CVE-2023-21938: Incorrect handling of NULL characters in...
Update of tzdata
Upgrade to tzdata-2023c code and data are identical to 2023a - Egypt now uses DST again, from April through October. - This year Morocco springs forward April 23, not April 30. - Palestine delays the start of DST this year. - Much of Greenland still uses DST from 2024 on. - America/Yellowknife...
exim: Fix of CVE-2021-38371
CVE-2021-38371: Enforce STARTTLS sync point, client side in src/transports/smtp.c...
openssl: Fix of CVE-2023-2650
CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...
vim: Fix of CVE-2023-2609
CVE-2023-2609: check "yarray" is not NULL...
vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
sysstat: Fix of 2 CVEs
CVE-2022-39377: fix possible buffer overflow - CVE-2023-33204: fix possible buffer overflow in an incomplete fix for CVE-2022-39377...
git: Fix of 2 CVEs
CVE-2023-25652: removing a link instead of writing into - CVE-2023-29007: restrict the config file line length to parse it whole - tests were activated - a buffer overflow during reading of configuration's enormous value has been fixed...
openssl: Fix of 3 CVEs
CVE-2023-0464: Fix excessive resource use verifying X.509 policy constraints - CVE-2023-0466: Fix documentation of X509VERIFYPARAMadd0policy - CVE-2022-3996: Drop redundant flag setting in policycachesetmapping...
kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...
kernel: Fix of 7 CVEs
mISDN: fix use-after-free bugs in l1oip timer handlers CVE-2022-3565 - media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work CVE-2023-1989 - proc: procskipspaces shouldn't think it is working on C...
curl: Fix of CVE-2023-27534
CVE-2023-27534: fix SFTP path '' resolving discrepancy - fix resolving SCP relative path...
curl: Fix of 3 CVEs
CVE-2023-27533: prevent TELNET option from IAC injection - CVE-2023-27535: fix behavior when FTP too eager connection reuse - CVE-2023-27536: do not reuse connections with different GSS delegations...
nss: Fix of CVE-2023-0767
CVE-2023-0767: nss: improve handling of unknown PKCS12 safe bag types...
Update of microcode_ctl
Update Intel CPU microcode to microcode-20230214 release: - Addition of 06-6c-01/0x10 microcode in microcode.dat at revision 0x1000211; - Addition of 06-8f-04/0x10 microcode in microcode.dat at revision 0x2c000170; - Addition of 06-8f-04/0x87 microcode in microcode.dat at revision 0x2b000181; -...
vim: Fix of CVE-2023-1170
CVE-2023-1170: adjust the cursor column if needed...
vim: Fix of CVE-2023-1175
CVE-2023-1175: make sure "startspaces" is not negative...
php: Fix of 3 CVEs
CVE-2023-0567: crypt: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DoS vulnerability when parsing multipart request body...
python: Fix of CVE-2023-24329
CVE-2023-24329: Prevent urllib.parse.urlparse from accepting schemes that don't begin with an alphabetical ASCII character...
httpd: Fix of CVE-2006-20001
CVE-2006-20001: moddav: out-of-bounds read/write...
tar: Fix of CVE-2022-48303
CVE-2022-48303: check for the end of field after leading byte 0x80 or 0xff of base-256 encoded header value...
git: Fix of 4 CVEs
CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...
Update of ca-certificates
update to CKBI 2.60 from NSS 3.86 - removed old certificates: - Certificate "EC-ACC" - Certificate "GlobalSign ECC Root CA - R4" - Certificate "GTS Root R1" - Certificate "GTS Root R2" - Certificate "GTS Root R3" - Certificate "GTS Root R4" - Certificate "Hellenic Academic and Research...
Update of nss
Update to CKBI 2.60 from NSS 3.86 - Removed: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "DST Root CA X3" - Certificate "EC-ACC" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "GlobalSign Root CA - R2" -...
openssl: Fix of 2 CVEs
CVE-2023-0215: Fix a UAF resulting from a bug in BIOnewNDEF - CVE-2023-0286: Fix GENERALNAMEcmp for x400Address...
java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization Serialization, 8285021 - CVE-2023-21843: Soundbank URL remote loading Sound, 8293742 - Update tzdata requirement to 2022g to match JDK-8297804 -...
Update of tzdata
Upgrade to tzdata-2022g - The northern edge of the Mexican state of Chihuahua will change time zone to agree with nearby US locations on 2022-11-30. - Added a new Zone America/CiudadJuarez that splits from America/Ojinaga. - Mexico will stop observing DST except near the US border. - Chihuahua...
sudo: Fix of CVE-2023-22809
CVE-2023-22809: do not permit editor arguments to include "--" for sudoedit - build tests have been enabled...
vim: Fix of CVE-2023-0433
CVE-2023-0433: check for not going over the end of the line...
httpd: Fix of CVE-2022-36760
CVE-2022-36760: modproxyajp: fix possible HTTP request smuggling...
vim: Fix of CVE-2023-0049
CVE-2023-0049: fix out-of-bounds read...
Update of ca-certificates
update to CKBI 2.58 from NSS 3.67 - removed old certificates: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "Equifax Secure eBusiness CA 1" - Certificate "Equifax Secure Global eBusiness CA" - Certificate "Explicitly Distrusted DigiNotar...
openssh: Fix of 2 CVEs
CVE-2019-6109: verify character encoding in progress display to avoid spoofing of scp client output - CVE-2016-10012: updated to fix server-side protocol errors observed during rekeying with compression enabled...
vim: Fix of CVE-2022-3591
CVE-2022-3591: disallow navigating to a dummy buffer...
curl: Fix of CVE-2022-32221
CVE-2022-32221: fix issue when POST following PUT confusion...
vim: Fix of CVE-2022-4292
CVE-2022-4292: bail out if the window no longer exists...
vim: Fix of 2 CVEs
CVE-2022-4141: check for text locked in CTRL-W gf - CVE-2022-3520: check that the column does not become negative...
krb5: Fix of CVE-2022-42898
CVE-2022-42898: Fix integer overflows in PAC parsing - A test-suite was activated...
libxml2: Fix of 2 CVEs
CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...
vim: Fix of CVE-2022-3352
CVE-2022-3352: disallow deleting the current buffer to avoid using freed memory...
python: Fix of CVE-2022-45061
CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els...
xterm: Fix of CVE-2022-45063
CVE-2022-45063: improve error recovery when setting a bitmap font for the VT100 window - Add NULL pointer checks in xstrcasecmp and xstrncasecmp to help with error recovery for a missing font...
nginx: Fix of 2 CVEs
CVE-2022-41741: fix memory corruption in the ngxhttpmp4module - CVE-2022-41742: fix memory disclosure in the ngxhttpmp4module...
sqlite: Fix of CVE-2022-35737
CVE-2022-35737: fix a buffer overflow...
perl: Fix of CVE-2020-16156
CVE-2020-16156: recognize CANNOTVERIFY signature verification type...
expat: Fix of CVE-2022-43680
CVE-2022-43680: Fix overeager DTD destruction...
Fixed CVEs in vim: CVE-2022-3296, CVE-2022-3324
CVE-2022-3296: check CSFTRY can be found - CVE-2022-3324: make sure the window width does not become negative...
Fixed CVE-2022-41318 in squid34
CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication...
Fixed CVE-2022-41318 in squid
CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication...
Fixed CVEs in sqlite: CVE-2020-35525, CVE-2020-13435
CVE-2020-13435: add a code that tries to prevent a recurrence of problems - CVE-2020-35525: a potential null pointer dereference was fixed...