6007 matches found
Updated nginx package fixes a security vulnerability
A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in...
Updated openssh packages fix a security vulnerability
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host CVE-2021-28041...
Updated fwupd packages fix a security vulnerability
A PGP signature bypass was found in fwupd, which could lead to possible installation of unsigned firmware CVE-2020-10759...
Updated openssh packages fix a security vulnerability
The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client CVE-2020-14145...
Updated microcode package fixes security vulnerabilities
Insufficient access control in the Linux kernel driver for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8694 Observable discrepancy in the RAPL interface for some IntelR Processors may allow a privileged user to...
Updated php packages fix security vulnerability
Updated php packages fix security vulnerabilities: - Fixed bug 78875 Long filenames cause OOM and temp files are not cleaned. 1 - Fixed bug 78876 Long variables in multipart/form-data cause OOM and temp files are not cleaned. 2 - Fixed bug 79441 Segfault in mbchr if internal encoding is...
Updated php packages fix security vulnerability
Critical bugs closed: - Use-of-uninitialized-value in exif 1 - mbstrtolower UTF-32LE: stack-buffer-overflow at phpunicodetolowerfull 2 - getheaders silently truncates after a null byte 3 Some more bugs closed, as: - Memory corruption in pregreplace/pregreplacecallback and unicode -...
Updated python-psutil packages fix security vulnerability
Updated python-psutil packages fix security vulnerability: Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code...
Updated nginx packages fix security vulnerabilities
Updated nginx packages fix security vulnerabilities: When using HTTP/2 a client might cause excessive memory consumption and CPU usage CVE-2019-9511, CVE-2019-9513, CVE-2019-9516...
Updated python packages fix security vulnerability
A vulnerability was found in Python 2.x through 2.7.16. An improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization could lead to an Information Disclosure credentials, cookies, etc. that are cached against a given hostname in the urllib.parse.urlsplit,...
Updated mariadb packages fix security vulnerability
Updated mariadb packages fix security vulnerabilities: Vulnerability in the MariaDB Server component of MariaDB subcomponent: MyISAM. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this...
Updated microcode packages fix security vulnerability
This update adds microcode fixes and mitigations for Spectre CVE-2017-5715 for the following: Intel Pentium Silver N/J5xxx, Celeron N/J4xxx Intel Xeon E5/E7 v4; Core i7-69xx/68xx Amd has also released their updated microcode for Fam15 and Fam17 cpus...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113. Fix infinite...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...
Updated jackson-databind packages fix security vulnerability
An unsafe deserialization vulnerability was found due to incomplete blacklisting of the unsafe elements, due to an incomplete fix for CVE-2017-7525 CVE-2017-15095...
Updated kernel packages fixes security vulnerabilities
This kernel update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline CVE-2017-263...
Updated kernel-tmb-4.4.32 packages fix security vulnerability
This update is based on upstream 4.4.32 and fixes alteast the following security issues: The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data,...
Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerabilities: It is possible to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. An attacker can spoof a packet from a legitimate ntpd server with an origin...
Updated apache package fixes security vulnerabilities
A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a specially crafted request that would cause the httpd chi...
Updated poppler packages fix security vulnerability
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. CVE-2025-43903...
Updated kernel, kmod-virtualbox & kmod-xtables-addons packages fix security vulnerabilities
Upstream kernel version 6.6.79 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
Updated glibc packages fix security vulnerabilities
Stack-based buffer overflow in netgroup cache: If the Name Service Cache Daemon's nscd fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. CVE-2024-33599 Null pointer crashes after notfound response: If t...
Updated thunderbird packages fix security vulnerabilities
Crash in NSS TLS method. CVE-2024-0743 JIT code failed to save return registers on Armv7-A. CVE-2024-2607 Integer overflow could have led to out of bounds write. CVE-2024-2608 Improve handling of out-of-memory conditions in ICU. CVE-2024-2616 NSS susceptible to timing attack against RSA decryptio...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to...
Updated python-future packages fix security vulnerability
Excessive CPU usage via a crafted Set-Cookie header CVE-2022-40899...
Updated python-django packages fix security vulnerability
Internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression. CVE-2022-41323 Potential denial-of-service via Accept-Language headers CVE-2023-23969...
Updated java/timezone packages fix security vulnerability
Improper restrictions in CORBA deserialization. CVE-2023-21830 Handshake DoS attack against DTLS connections. CVE-2023-21835 Soundbank URL remote loading. CVE-2023-21843...
Updated gerbv packages fix security vulnerability
An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev commit b5f1eacd, and the forked version of Gerbv commit 71493260. CVE-2021-40391 An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling...
Updated firefox/thunderbird packages fix security vulnerability
Prototype pollution in Top-Level Await implementation. CVE-2022-1802 Untrusted input used in JavaScript object indexing, leading to prototype pollution. CVE-2022-1529...
Updated openssl packages fix security vulnerability
The crehash script allows command injection. CVE-2022-1292...
Updated nodejs packages fix security vulnerability
Improper handling of URI Subject Alternative Names Medium. Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often n...
Updated rsh packages fix security vulnerability
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. CVE-2019-7282 An issu...
Updated rust packages fix security vulnerability
Updated rust packages fix security vulnerability This update mitigates a security concern in the Unicode standard, affecting source code containing "bidirectional override" Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being different than the...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.62 and fixes at least the following security issues: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over...
Updated glibc packages fix security vulnerability
An integer overflow flaw was found in glibc that may result in reading of arbitrary memory when wordexp is used with a specially crafted untrusted regular expression input CVE-2021-35942...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.27 and fixes at least the following security issues: The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain...
Updated thunderbird packages fix security vulnerability
Potential leak of redirect targets when loading scripts in a worker. CVE-2020-15652 WebRTC data channel leaks internal address to peer. CVE-2020-6514 Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture. CVE-2020-6463 Memory safety bugs fixed in Thunderbird 68.11. CVE-2020-15659...
Updated webkit2 packages fix security vulnerability
Updated webkit2 packages fix security vulnerabilities: The webkit2 package has been updated to version 2.28.3, fixing several security issues and other bugs...
Updated dojo packages fix security vulnerability
Updated dojo package fixes security vulnerability: dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them CVE-2019-10785...
Updated libsass packages fix security vulnerabilities
Use-after-free vulnerability in sasscontext.cpp:handleerror CVE-2018-11499. Null pointer dereference in Sass::SelectorList::populateextends CVE-2018-19797. Use-after-free vulnerability exists in the SharedPtr class CVE-2018-19827. Stack overflow in Eval::operator CVE-2018-19837. Stack-overflow at...
Updated opensc packages fix security vulnerability
Updated opensc packages fix security vulnerabilities: sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv CVE-2019-6502. OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c...
Updated thunderbird packages fix security vulnerability
Sandbox escape via installation of malicious language pack. CVE-2019-9811 Script injection within domain through inner window reuse. CVE-2019-11711 Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects. CVE-2019-11712 Use-after-free with HTTP/2 cached stream...
Updated kernel-tmb packages fixes security vulnerabilities
This kernel update provides the upstream 4.14.119 that adds the kernel side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. To complete the mitigatio...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on the upstream 4.14.100 and fixes at least the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors STIBP support. Note that STIBP also requires the functionality be supported by the...
Updated mariadb packages fix security vulnerabilities
Updated mariadb packages fix security vulnerabilities: Vulnerability in the MariaDB Server component of MariaDB subcomponent: MyISAM. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this...
Updated php packages fix CVE-2018-7584
Updated php packages fix security vulnerability: Update to php 5.6.34 fixes a stack-buffer-overflow while parsing HTTP response. CVE-2018-7584...
Updated jasper packages fix security vulnerabilities
The jasper package has been updated and patched to fix several security issues...
Updated kernel packages fixes security and other bugs
This kernel update is based on upstream 4.9.43 and fixes at least the following security issues: The curseg-segno call in f2fs driver can be malformed so that it will have a value that triggers an out of boundary write that could cause memory corruption on the affected devices, leading to code...
Updated kernel-tmb package fixes security issues
This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the...
Updated chromium-browser-stable packages fix security vulnerabilities
Updated chromium-browser-stable packages fix security vulnerabilities: Type confusion in extensions CVE-2015-6788. Use-after-free in Blink CVE-2015-6789. Escaping issue in saved pages CVE-2015-6790. Various fixes from internal audits, fuzzing and other initiatives CVE-2015-6791...