6007 matches found
Updated pdns packages fix security vulnerability
An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while...
Updated apache packages fix security vulnerability
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability f...
Updated kernel-linus packages fix security vulnerabilities
This update is based on the upstream 5.6.14 kernel and fixes at least the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's catego...
Updated microcode packages fix security vulnerabilities
This update provides the Intel 20191112 microcode release that adds the microcode side fixes and mitigations for at least the following security issues: A flaw was found in the implementation of SGX around the access control of protected memory. A local attacker of a system with SGX enabled and a...
Updated python-numpy packages fix security vulnerability
Updated python-numpy packages fix security vulnerability: An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call CVE-2019-6446...
Updated wpa_supplicant and hostapd packages fix security vulnerability
A number of potential side channel attacks were discovered in the SAE implementations used by both hostapd AP and wpasupplicant infrastructure BSS station/mesh station. SAE Simultaneous Authentication of Equals is also known as WPA3-Personal. The discovered side channel attacks may be able to lea...
Updated kernel packages fix security vulnerability
This kernel update provides the upstream 4.14.119 that adds the kernel side mitigations for the Microarchitectural Data Sampling MDS, also called ZombieLoad attack vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. To complete the mitigatio...
Updated thunderbird packages fix security issues & bugs
- Buffer overflow using computed size of canvas element. CVE-2018-12359 - Use-after-free when using focus. CVE-2018-12360 - Integer overflow in SwizzleData. CVE-2018-12361 - Integer overflow in SSSE3 scaler. CVE-2018-12362 - Media recorder segmentation fault when track type is changed during...
Updated microcode packages fix security vulnerabilities
This microcode update provides the Intel 20180807 microcode release that adds the processor microcode side of fixes and mitigations for the now publically known security issue affected Intel processors called L1 Terminal Fault L1TF for most Intel processors since Intel Core gen2: Systems with...
Updated php packages fix security vulnerabilities
- Heap Buffer Overflow READ: 1786 in exifiifaddvalue CVE-2018-10549 - Stream filter convert.iconv leads to infinite loop on invalid sequence CVE-2018-10546 - Malicious LDAP-Server Response causes Crash. CVE-2018-10548 - incomplete PHAR Fix CVE-2018-10547...
Updated virtualbox packages fixes security vulnerabilities
This update provides virtualbox 5.1.18 maintenance release and resolves at least the following security issues: A vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read access to a...
Updated php packages fix security vulnerabilities
Floating-point exception in php-exif when parsing a tag format CVE-2016-10158. Crash in php-phar while loading hostile phar archive CVE-2016-10159. Memory corruption in php-phar when loading hostile phar CVE-2016-10160. Heap out of bounds read on unserialize in finishnesteddata CVE-2016-10161...
Updated kernel and kmod packages fix security vulnerabilities
This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack CVE-2016-8399 A use-after-free vulnerability in the SCSI generic driver allows users with write access ...
Updated libtiff packages fix security vulnerability
A read outside of array in tiffsplit or other utilities using TIFFNumberOfStrips CVE-2016-9273. A potential read outside buffer in TIFFPrintField CVE-2016-9297. Multiple uint32 overflows in writeBufferToSeparateStrips, writeBufferToContigTiles and writeBufferToSeparateTiles that could cause heap...
Updated mariadb packages fix security vulnerabilities
A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user CVE-2016-6663. This update fixes several vulnerabilitie...
Updated glibc and libtirpc packages fixes security vulnerability
A stack-based buffer overflow in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 allows remote servers to cause a denial of service crash or possibly unspecified other impact via a flood of crafted ICMP and UDP packets CVE-2016-4429. A similar issue was fixed ...
Updated imagemagick/ruby-rmagic packages fix security vulnerability
It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities,...
Updated ffmpeg packages fix security vulnerabilities
The updatedimensions function in libavcodec/vp8.c in FFmpeg before 2.4.12, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 4.1.15 longterm kernel and fixes the following security issues: The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to...
Updated flash-player-plugin package fixes security vulnerabilities
Adobe Flash Player 11.2.202.554 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves heap buffer overflow vulnerabilities that could lead to code execution CVE-2015-8438,...
Updated qemu packages fix security vulnerabilities
Updated qemu packages fix security vulnerabilities: Qemu emulator built with the RTL8139 emulation support is vulnerable to an information leakage flaw. It could occur while processing network packets under RTL8139 controller's C+ mode of operation. A guest user could use this flaw to read...
Updated java-1.7.0-openjdk package fixes security vulnerabilities
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733. A flaw was fou...
Updated filezilla package fixes security vulnerability
The filezilla package has been updated to version 3.11.0.2, fixing multiple bugs and one security issue, related to the LOGJAM TLS issue when using FTP...
Updated pam package fixes security vulnerability
If SELinux is enabled, the unixrunhelperbinary function in Linux-PAM 1.1.8 and earlier hangs indefinitely when verifying a password of 65536 characters, which allows attackers to conduct username enumeration and denial of service attacks CVE-2015-3238...
Updated moodle package fixes security vulnerabilities
Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.7, absence of a capability check in AJAX backend script in the LTI module could allow any enrolled user to search the list of registered tools CVE-2015-0211. In Moodle before 2.6.7, the course summary on course request...
Updated avidemux packages fix security vulnerabilities
A heap-based buffer overflow in the encodeslice function in libavcodec/proresenckostya.c in FFmpeg before 1.2.9 can cause a crash, allowing a malicious image file to cause a denial of service CVE-2014-5271. libavcodec/iff.c in FFmpeg before 1.2.9 allows an attacker to have an unspecified impact v...
Updated kernel-rt package fixes security vulnerabilites.
This kernel-rt update provides the upstream 3.4.69 kernel and fixes the following security issues: The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers t...
Updated kernel-linus package fixes multiple security vulnerabilities
This kernel-linus update provides the extended stable 3.8.13.4 kernel and fixes the follwing security issues: The pcibackenablemsi function in the PCI backend driver drivers/xen/pciback/confspacecapabilitymsi.c in Xen for the Linux kernel 2.6.18 and 3.8 allows guest OS users with PCI device acces...
Updated java-1.6.0-openjdk packages fix security vulnerabilities
Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption CVE-2013-2470, CVE-2013-2471, CVE-2013-2472...
Updated kernel, kmod-virtualbox, kmod-xtables-addons & dwarves packages fix security vulnerabilities
Upstream kernel version 6.6.74 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
Updated chromium-browser-stable packages fix security vulnerabilities
The chromium-browser-stable package has been updated to the 125.0.6422.141 release. It includes 11 security fixes. Some of them are: High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim@cassidy6564 on 2024-05-11 High CVE-2024-5494: Use after free in Dawn. Reported by wgslfu...
Updated ghostscript packages fix security vulnerabilities
Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed...
Updated guava packages fix security vulnerabilities
A bug that could allow an attacker with access to the machine to potentially access data in a temporary directory created by the Guava. CVE-2020-8908 Predictable temporary files and directories used in FileBackedOutputStream. CVE-2023-2976...
Updated xen packages fix security vulnerabilities
x86: shadow stack vs exceptions from emulation stubs. CVE-2023-46841 x86: Register File Data Sampling. CVE-2023-28746 GhostRace: Speculative Race Conditions. CVE-2024-2193...
Updated curl packages fix security vulnerabilities
CVE-2024-2004: Usage of disabled protocol If all protocols are disabled at run-time with none being added, curl/libcurl would still allow communication with the default set of allowed protocols, including some that are unencrypted. CVE-2024-2398: HTTP/2 push headers memory-leak A memory leak coul...
Updated grub2 packages fix security vulnerabilities
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a...
Updated gpac packages fix security vulnerabilities
This update fixes two security vulnerabilities, CVE-2023-3012 and CVE-2023-3291, see the References below...
Updated thunderbird packages fix security vulnerabilities
Out of bounds write in ANGLE. CVE-2024-0741 Failure to update user input timestamp. CVE-2024-0742 Crash when listing printers on Linux. CVE-2024-0746 Bypass of Content Security Policy when directive unsafe-inline was set. CVE-2024-0747 Phishing site popup could show local origin in address bar...
Updated nss and firefox packages fix security vulnerabilities
The updated packages fix security vulnerabilities Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver. CVE-2023-6856 Potential exposure of uninitialized data in EncryptingOutputStream. CVE-2023-6865 Symlinks may resolve to smaller than expected buffers...
Updated vim packages fix security vulnerabilities
The updated packages fix security vulnerabilities: NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. CVE-2023-5441 Use After Free in GitHub repository vim/vim prior to v9.0.2010. CVE-2023-5535...
Updated openssl packages fix security vulnerability
AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support...
Updated python-setuptools packages fix security vulnerability
Denial of service via crafted HTML CVE-2022-40897...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was fou...
Updated openssl packages fix security vulnerability
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
Updated couchdb packages fix security vulnerability
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front o...
Updated golang packages fix security vulnerability
Fixed unsanitized NUL in environment variables in syscalls, os/exec go56327 bsc1204941. CVE-2022-41716 runtime: lock count" fatal error when cgo is enabled go56308...
Updated krb5-appl packages fix security vulnerability
NULL pointer dereference in krb5-appl telnetd. CVE-2022-39028...
Updated libxml2 packages fix security vulnerability
It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code CVE-2016-3709...
Updated virtualbox packages fix security vulnerabilities
Updated virtualbox packages fix security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 6.1.34 contains an easily exploitable vulnerability that allows a high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM...