6009 matches found
Updated rootcerts, nss & firefox packages fix security vulnerabilities
Use-after-free in XSLT. CVE-2025-1009 Use-after-free in Custom Highlight. CVE-2025-1010 A bug in WebAssembly code generation could result in a crash. CVE-2025-1011 Use-after-free during concurrent delazification. CVE-2025-1012 Potential double-free vulnerability in PKCS7 decryption handling...
Updated gstreamer1.0, gstreamer1.0-plugins-base & gstreamer1.0-plugins-good packages fix security vulnerabilities
GStreamer has an OOB-write in isomp4/qtdemux.c. CVE-2024-47537 GStreamer has a stack-buffer overflow in vorbishandleidentificationpacket. CVE-2024-47538 GStreamer has an OOB-write in converttos3341a. CVE-2024-47539 GStreamer uses uninitialized stack memory in Matroska/WebM demuxer. CVE-2024-47540...
Updated python-django packages fix security vulnerabilities
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets. CVE-2024-38875 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. T...
Updated raptor2 packages fix security vulnerability
In the Raptor RDF Syntax Library there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath...
Updated libjxl packages fix security vulnerabilities
Out of Bounds Memory Read/Write in libjxl. CVE-2024-11403 Resource exhaustion via Stack overflow in libjxl. CVE-2024-11498...
Updated thunderbird packages fix security vulnerabilities
Select list elements could be shown over another site. CVE-2024-11692 CSP Bypass and XSS Exposure via Web Compatibility Shims. CVE-2024-11694 URL Bar Spoofing via Manipulated Punycode and Whitespace Characters. CVE-2024-11695 Unhandled Exception in Add-on Signature Verification. CVE-2024-11696...
Updated postgresql15 & postgresql13 packages fix security vulnerabilities
PostgreSQL row security below e.g. subqueries disregards user ID changes. CVE-2024-10976 PostgreSQL libpq retains an error message from man-in-the-middle. CVE-2024-10977 PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID. CVE-2024-10978 PostgreSQL PL/Perl environment variable...
Updated golang packages fix security vulnerabilities
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Calling Parse o...
Updated kanboard packages fix security vulnerability
In versions prior to 1.2.31 an authenticated user is able to perform a SQL injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations the code improperly uses the PicoDB library to update/insert new information...
Updated python-werkzeug packages fix security vulnerability
Werkzeug is a Web Server Gateway Interface web application library. Applications using werkzeug.formparser.MultiPartParser corresponding to a version of Werkzeug prior to 3.0.6 to parsing multipart/form-data requests e.g. all flask applications are vulnerable to a relatively simple but effective...
Updated glib2.0 packages fix security vulnerability
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...
Updated postgresql15 & postgresql13 packages fix security vulnerability
Time-of-check Time-of-use TOCTOU race condition in pgdump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pgdump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting...
Updated libtiff packages fix security vulnerability
A null pointer dereference flaw was found in Libtiff via tifdirinfo.c. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash,...
Updated roundcubemail packages fix security vulnerabilities
This is a security update to the stable version 1.6 of Roundcube Webmail. Fix cross-site scripting XSS vulnerability in handling SVG animate attributes. Reported by Valentin T. and Lutz Wolf of CrowdStrike. Fix cross-site scripting XSS vulnerability in handling list columns from user preferences...
Updated libqb packages fix a security vulnerability
This update fixes a security issue. logblackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered CVE-2023-39976...
Updated python-flask-restx packages fix security vulnerability
Fixes unspecified security issues...
Updated colord packages fix security vulnerability
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'errmsg' of 'sqlite3exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it...
Updated python-ujson packages fix security vulnerability
Benchmark refactor - argparse CLI. Fix segmentation faults when errors occur while handling unserialisable objects. Fix segmentation fault when an exception is raised while converting a dict key to a string. Fix memory leak dumping on non-string dict keys - Fix ref counting on repeated default...
Updated hiredis packages fix security vulnerability
Updated hiredis packages fix security vulnerability: It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies CVE-2021-32765...
Updated gpsd packages fix security vulnerability and other bugs
It was discovered that GPSd incorrectly handled certain leap second events which would result in the time jumping back 1024 weeks on 2021-10-31. This update provides upstream version 3.23 that has this and several other upstream issues fixed. It also fixes issues that prevents it to start properl...
Updated ruby-mechanize packages fix a security vulnerability
In Mechanize, from v2.0.0 until v2.7.7, there is a command injection vulnerability. Affected versions of Mechanize allow for OS commands to be injected using several classes' methods which implicitly use Ruby's Kernelopen method CVE-2021-21289...
Updated libcaca packages fix a security vulnerability
A buffer overflow issue in cacaresize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context CVE-2021-3410...
Updated xrdp packages fix security vulnerability
Ashley Newson discovered that the XRDP sessions manager was susceptible to denial of service. A local attacker can further take advantage of this flaw to impersonate the XRDP sessions manager and capture any user credentials that are submitted to XRDP, approve or reject arbitrary login credential...
Updated xdg-utils package fixes a security vulnerability
Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information CVE-2020-27748...
Updated lilypond package fixes a security vulnerability
It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. CVE-2020-17353...
Updated hylafax+ packages fix security vulnerabilities
In HylaFAX+ through 7.0.2, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root CVE-2020-15396. HylaFAX+ through 7.0.2 has scripts that execute binaries from directories writable by unprivileged...
Updated ark packages fix security vulnerability
A maliciously crafted archive with "../" in the file paths would install files anywhere in the user's home directory upon extraction CVE-2020-16116...
Updated mediawiki packages fix security vulnerability
Updated mediawiki packages fix security vulnerability: MediaWiki through 1.33.1 allows attackers to bypass the Titleblacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editi...
Updated giflib packages fix security vulnerability
Updated giflib packages fix security vulnerability: In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height field of the ImageSize data structure is equal to zero CVE-2019-15133...
Updated svgsalamander packages fix security vulnerability
A vulnerability was found in the svgsalamander library. If the library is being used in a web application for processing user supplied SVG files then the app is vulnerable to SSRF CVE-2017-5617...
Updated giflib packages fix security vulnerability
Null dereferences in main of gifclrmp. Heap Buffer Overflow-2 in function DGifDecompressLine in cgif.c. CVE-2018-11490 Segmentation fault in PrintCodeBlock. Segmentation fault of giftool reading a crafted file. Floating point exception in giftext utility. Heap buffer overflow in DumpScreen2RGB in...
Updated aria2 package fixes security vulnerability
It was observed that URL's which gets downloaded via "--log=" attribute stores sensitive information. This update fixes that...
Updated cimg and gmic packages fix security vulnerabilities
Updated cimg and gmic packages fix security vulnerabilities: An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in loadbmp in CImg.h CVE-2018-7587. An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp i...
Updated calibre packages fix security vulnerability
Updated calibre package fixes security vulnerability: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...
Updated afflib packages fix security vulnerability
A flaw was found in AFFLIB aka AFFLIBv3 through 3.7.16. The afgetpage function in lib/afflibpages.cpp allows remote attackers to cause a denial of service segmentation fault via a corrupt AFF image that triggers an unexpected pagesize value CVE-2018-8050...
Updated xdg-user-dirs packages fix security vulnerability
Xsession creation of XDG user directories does not honour system umask policy CVE-2017-15131...
Updated sssd packages fix security vulnerability
SSSD stores its cached data in an LDAP like local database file using libldb. To lookup cached data LDAP search filters like 'objectClass=user name=username' are used. However, in sysdbsearchuserbyupnres, the input is not sanitized and allows to manipulate the search filter for cache lookups. Thi...
Updated libgd packages fix security vulnerability
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. CVE-2017-6362...
Updated varnish packages fix security vulnerability
A denial of service vulnerability was discovered in Varnish, a state of the art, high-performance web accelerator. Specially crafted HTTP requests can cause the Varnish daemon to assert and restart, clearing the cache in the process CVE-2017-12425...
Updated kodi packages fix security vulnerability
Updated Kodi package to fix world readable $HOME/.kodi directory which could potentially contain clear passwords for add-ons...
Updated roundcubemail packages fix security vulnerability
Users can execute commands on the server by writing e-mails, due to insufficient sanitation of the from field when calling PHP's mail function CVE-2016-9920. Note that only roundcubemail installations that don't have an SMTP server configured for mail delivery are affected...
Updated resteasy packages fix security vulnerability
It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in deserialization of potentially untrusted data. An attacker could possibly use this flaw to execute arbitrary code with the permissions of the application using...
Updated ansible packages fix CVE-2016-3096
Updated ansible package fixes security vulnerability: A vulnerability in lxccontainer, ansible module, was found allowing to get root inside the container. The problem is in the createscript function, which tries to write to /opt/.lxc-attach-script inside of the container. If the attacker can wri...
Updated eog packages fix security vulnerability
Due to a logic error, an attempt to allocate a large block of memory fails in createsurfacefrompixbuf, leading to a crash of eog CVE-2013-7447...
Updated shutter packages fix CVE-2015-0854
Updated shutter package fixes security vulnerability: In the "Shutter" screenshot application, it was discovered that using the "Show in folder" menu option while viewing a file with a specially-crafted path allows for arbitrary code execution with the permissions of the user running Shutter...
Updated mono packages fix security vulnerabilities
A TLS impersonation attack was discovered in Mono's TLS stack by researchers at Inria CVE-2015-2318. During checks on the TLS stack, they have discovered two further issues which have been fixed, a vulnerability to a protocol downgrade attack CVE-2015-2319 and SSLv2 support still being available...
Updated plasma-nm packages add openvpn certificate verification
Updated plasma-applet-nm packages add OpenVPN option for server certificate verification Plasma-nm does not tell OpenVPN to perform server certificate verification. Consequently, anyone with the preshared key is able to perform a MITM attack by impersonating the server. This update add option to...
Updated perl-Plack package fixes security vulnerability
Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files CVE-2014-5269...
Updated perl-XML-DT package fix CVE-2014-5260
Updated perl-XML-DT package fixes security vulnerability: The mkxmltype and mkdtskel scripts provided in perl-XML-DT allow local users to overwrite arbitrary files via a symlink attack on a /tmp/xml temporary file CVE-2014-5260...
Updated php-pear-CAS packages fix CVE-2014-4172
Updated php-pear-CAS packages fix security vulnerabilities: A flaw in php-pear-CAS before 1.3.3, utilized by Moodle, has been found which could potentially allow unauthorised access and privilege escalation CVE-2014-4172...