6007 matches found
Updated kernel packages fix security vulnerabilities
A flaw was found in the way the Linux kernel Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in adjacent range could use this flaw to crash the system causing denial of service or potentially execute arbitrary code on the system by sending a specially crafted L2CAP...
Updated java-1.8.0-openjdk packages fix security vulnerability
Bypass of boundary checks in nio.Buffer via concurrent access. CVE-2020-14583 Incomplete bounds checks in Affine Transformations. CVE-2020-14593 Incorrect handling of access control context in ForkJoinPool. CVE-2020-14556 Unexpected exception raised by DerInputStream. CVE-2020-14578 Unexpected...
Updated kernel packages fix security vulnerabilities
This update is based on upstream 5.5.9 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a blkiotrace structure and place it in a per-cpu...
Updated kernel packages fix security vulnerabilities
This kernel update provides the upstream 4.14.121. It adds additional fixes to the kernel side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities. It also fixes the following security issues: A flaw was found in the Linux kernel's freescale...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 4.4.92 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a...
Updated perl-CGI-Emulate-PSGI packages fix security vulnerability
This update removes the setting of the HTTPPROXY environment value. This works around the httproxy vulnerability aka CVE-2016-5387...
Updated kernel-vserver packages fix security vulnerabilities
This kernel-vserver update is based on upstream -longterm 3.14.32 and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a...
Updated kernel-rt packages fix multiple vulnerabilities
Updated kernel-rt provides upstream 3.12.20 kernel and fixes the following security issues: The ioapicdeliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvmirqdeliverytoapic return value, which allows guest OS users to cause a denial of service...
Updated libsndfile packages fix security vulnerabilities
CVE-2025-52194 A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircamreadheader function at src/ircam.c:164 during sample rate processing, leading to memory corruption a...
Updated sqlite3 packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Heap buffer overflow in sqlite. CVE-2023-2137 A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make...
Updated imagemagick packages fix security vulnerabilities
The updated packages fix security vulnerabilities: A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation...
Updated pam packages fix a security vulnerability
The updated packages fix a security vulnerability: pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365...
Updated bind packages fix security vulnerabilities
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
Updated webkit2 packages fix security vulnerability
Out-of-bounds read CVE-2023-28204 Use-after-free issue CVE-2023-32373...
Updated python-cairosvg packages fix security vulnerability
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...
Updated expat packages fix security vulnerability
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.55 and fixes at least the following security issues: There are use-after-free vulnerabilities caused by timer handler in net/rose/rosetimer.c of linux that allow attackers to crash linux kernel without any privileges CVE-2022-2318. Xen Block and...
Updated gmp packages fix security vulnerability
Integer overflow in mpz/inpraw.c and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
Updated python-reportlab packages fix security vulnerability
Server-side Request Forgery SSRF...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.12 and fixes at least the following security issues: fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPL...
Updated unzip package fixes a security vulnerability
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue CVE-2019-13232...
Updated squid packages fix security vulnerabilities
An issue was discovered in Squid before 4.13. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel R processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2019-0155. TSX...
Updated kernel packages fixes security vulnerabilities
This kernel update is based on the upstream 4.14.116 and fixes at least the following security issues: A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.18 and adds some support for mitigating Spectre, variant 1 CVE-2017-5753 and as it is built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full retpoline mitigation for Spectre, variant 2 CVE-2017-5715. WireGuard has been updated to...
Updated flash-player-plugin packages fix security vulnerability
Adobe Flash Player 28.0.0.161 addresses critical use-after-free vulnerabilities that could lead to remote code execution CVE-2018-4877, CVE-2018-4878. Successful exploitation could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for...
Updated libtiff packages fix security vulnerability
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service TIFFSetupStrips heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted TIFF file. CVE-2017-17095 In LibTIFF 4.0.8, there is a heap-based buffer overfl...
Updated mediawiki packages fix security vulnerabilities
XSS when $wgShowExceptionDetails = false and browser sends non-standard url escaping CVE-2017-8808. Reflected File Download from api.php CVE-2017-8809. On private wikis, login form shouldn't distinguish between login failure due to bad username and bad password CVE-2017-8810. It's possible to...
Updated openssh packages fix security vulnerability
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
Updated ntp packages fixes security vulnerabilities
It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that clien...
Updated dokuwiki packages fix security vulnerabilities
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call CVE-2014-8761. The ajaxmediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access...
Updated bash packages fix CVE-2014-7169
Updated bash packages fix security vulnerability: It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or...
Updated kernel packages fix multiple vulnerabilities
Updated kernel provides upstream 3.10.40 kernel and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service...
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update provides an update to the 3.10 longterm branch, currently 3.10.24 and fixes the following security issues: The ipv6createtempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.10 does not properly handle problems with the generation of IPv6 temporary...
Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.88 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Updated nodejs packages fix security vulnerabilities
Nodejs 20.12.1 release fixes 2 CVE: CVE-2024-27983 - Assertion failed in node::http2::Http2Session::Http2Session leads to HTTP/2 server crash- High CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - Medium...
Updated multipath-tools packages fix security vulnerabilities
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...
Updated gnutls packages fix security vulnerabilities
The updated packages fix security vulnerabilities: A vulnerability was found in GnuTLS, where a cockpit which uses gnuTLS rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated,...
Updated kernel-linus packages fix security vulnerabilities
This kerne-linusl update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated...
Updated php packages fix security vulnerability
Libxml - GHSA-3qrf-m4j2-pcrr Security issue with external entity loading in XML without enabling it. CVE-2023-3823 Phar - GHSA-jqcx-ccgc-xwhv Buffer mismanagement in phardirread CVE-2023-3824...
Updated sqlite3 packages fix security vulnerability
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 109.0.5414.74 release, fixing 17 vulnerabilities. Some of the security fixes are - High CVE-2023-0128 Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16 High CVE-2023-0129 Heap buffer overflow in Network Service...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.82 and fixes atleast the following security issues: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver,...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 102.0.5005.61 version, fixing many bugs and 32 CVE. Some of them are listed below: CVE-2022-1853: Use after free in Indexed DB. CVE-2022-1854: Use after free in ANGLE. CVE-2022-1855: Use after free in Messaging. CVE-2022-1856: Use after...
Updated rsyslog packages fix security vulnerability
Potential heap buffer overflow in TCP syslog server receiver components CVE-2022-24903...
Updated polkit packages fix security vulnerability
There is a file descriptor leak in polkit, which can enable an unprivileged user to cause polkit to crash, due to file descriptor exhaustion. CVE-2021-4115...
Updated libarchive packages fix security vulnerability
Processing fixup entries may follow symbolic links. CVE-2021-31566 libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock. CVE-2021-36976...
Updated openssl packages fix security vulnerability
In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...
Updated apache packages fix security vulnerabilities
modproxywstunnel tunneling of non Upgraded connections: Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connecti...