6009 matches found
Updated openafs packages fix security vulnerabilities
A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix client. CVE-2024-10394 An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash. CVE-2024-10396 A malicious server can crash the OpenAFS cac...
Updated glibc packages fix security vulnerability
The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...
Updated less packages fix security vulnerability
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...
Updated vlc packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket and results in a memory corruption CVE-2023-47359. Videolan VLC prior to version 3.0.20 contains an Integer...
Updated lilypond packages fix a security vulnerability
Updated lilypond packages fix a security vulnerability: LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a...
Updated quictls packages fix a security vulnerability
The updated packages fix a security vulnerability: Incorrect cipher key & IV length processing. CVE-2023-5363...
Updated squid packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Request/Response smuggling in HTTP/1.1 and ICAP. CVE-2023-46846 Denial of Service in HTTP Digest Authentication. CVE-2023-46847 Denial of Service in FTP. CVE-2023-46848...
Updated python-tornado packages fix security vulnerability
Remote unauthenticated attacker may redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.65 and fixes at least the following security issues: An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local...
Updated openssl packages fix security vulnerability
The crehash script allows command injection. CVE-2022-2068...
Updated openssl packages fix security vulnerability
The crehash script allows command injection. CVE-2022-1292...
Updated thunderbird packages fix security vulnerabilities
The updated thunderbird packages fix security vulnerabilities: Use-after-free in NSSToken objects CVE-2022-1097. Use-after-free after VR Process destruction CVE-2022-1196. OpenPGP revocation information was ignored CVE-2022-1197. Denial of Service via complex regular expressions CVE-2022-24713...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...
Updated microcode packages fix security vulnerabilities
Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of service via local access CVE-2021-0127 / SA-00532...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.10 and fixes at least the following security issues: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially...
Updated nodejs packages fix security vulnerability
Multiple security fixes for nodejs. See references for details...
Updated glibc packages fix a security vulnerability
A vulnerability was found in the iconv program provided by glibc when it's invoked with the -c option. It can enter an infinite loop while parsing an invalid multi-byte sequence CVE-2016-10228...
Updated kernel-linus packages fix security vulnerability
This kernel-linus update is based on upstream 5.10.41 and fixes at least the following security issue: kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations. This can be abused to perform out-of-bounds reads and writes in kernel memor...
Updated openjpeg2 packages fix security vulnerability
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as...
Updated curl packages fix security vulnerabilities
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231. A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl...
Updated jupyter-notebook packages fix a security vulnerability
Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for know...
Updated xen packages fix security vulnerability
- Updated from 4.12.0 to 4.12.1 - Device quarantine for alternate pci assignment methods XSA-306 - x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 - TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 - VCPUOPinitialise DoS XSA-296, CVE-2019-18420...
Updated python packages fix security vulnerability
A vulnerability was found in Python 2.x through 2.7.16. An improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization could lead to an Information Disclosure credentials, cookies, etc. that are cached against a given hostname in the urllib.parse.urlsplit,...
Updated aubio packages fix security vulnerabilities
NULL pointer dereference in the function aubiosourceavcodecreadframe which may lead to DoS when playing a crafted audio file CVE-2017-17554. A crash in aubiopitchsetunit CVE-2018-14522. A buffer overrread resulting in crash or information leakage in newaubiopitchyinfft CVE-2018-14523...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.78 and fixes at least the following security issues: An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the...
Updated kernel packages fixes security vulnerabilities
This kernel update is based on the upstream 4.14.56 and fixes at least the following security issues: kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptio...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.4.114 and fixes several security issues. The most important fixes in this update is for the security issue named "Spectre, variant 2 CVE-2017-5715" that is partly mitigated by enabling retpoline support. For full retpoline mitigation, kernel needs to ...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...
Updated openssl packages fix security vulnerability
There is a carry propagation bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. mong EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation CVE-2016-7055. If an...
Updated thunderbird packages fix security vulnerabilities
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash CVE-2016-5296. The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This...
Updated jackson-dataformat-xml packages fix CVE-2016-3720
Updated jackson-dataformat-xml packages fix security vulnerability: It was reported that XmlMapper in jackson-dataformat-xml is vulnerable to XXE attack "Improper Restriction of XML External Entity Reference" CVE-2016-3720...
Updated ipython package fixes security vulnerability
JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack CVE-2015-4707. POST requests exposed via the...
Updated kernel-linus package fixes security vulnerabilities
This kernel-linus update is based on upstream -longterm 3.14.39 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with acce...
Updated cxf packages fix security vulnerabilities
Updated cxf packages fix security vulnerabilities: An Apache CXF JAX-RS service can process SAML tokens received in the authorization header of a request via the SamlHeaderInHandler. However it is possible to cause an infinite loop in the parsing of this header by passing certain bad values for t...
Updated libvirt packages fix security vulnerability
Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file CVE-2014-7823...
Updated openssl package fix two security vulnerabilities
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Updated kernel-tmb package fixes security vulnerabilites.
This kernel-tmb update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers ...
Updated poppler packages fix security vulnerability
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. CVE-2025-43903...
Updated apache packages fix security vulnerabilities
CVE-2024-40898: Apache HTTP Server: SSRF with modrewrite in server/vhost context on Windows cve.mitre.org SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. CVE-2024-40725:...
Updated libcdio packages fix security vulnerability
Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. CVE-2024-36600...
Updated glibc packages fix security vulnerabilities
Stack-based buffer overflow in netgroup cache: If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. CVE-2024-33599 Null pointer crashes after notfound response: If t...
Updated chromium-browser-stable packages fix security vulnerabilities
The chromium-browser-stable package has been updated to the 124.0.6367.128 release. It includes 2 security fixes. Please, do note, only x8664 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest Chromiu...
Updated python3, python packages fix security vulnerabilities
The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. CVE-2023-6597 The zipfile module is...
Updated libtiff packages fix security vulnerability
A segment fault SEGV flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service. CVE-2023-52356...
Updated rootcerts, nss and firefox packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Timing attack against RSA decryption in TLS. CVE-2023-5388 Out-of-bounds memory read in networking channels. CVE-2024-1546 Alert dialog could have been spoofed on another site. CVE-2024-1547 Fullscreen Notification could have been hidden by selec...
Updated kernel-linus fixes security vulnerabilities and many bugs
Upstream version 6.6.14 with many bugfixes and at least the following security fixes: An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to...
Updated thunderbird packages fix security vulnerability
Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the new 108 branch with the 108.0.5359.94 release, fixing many bugs and 29 vulnerabilities, together with 107.0.5304.121 and 108.0.5359.71. Some of the security fixes are - CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao...