6007 matches found
Updated jasper packages fix security vulnerability
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability CVE-2020-27828...
Updated postgresql packages fix security vulnerabilities
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportuni...
Updated sleuthkit packages fix security vulnerability
Updated sleuthkit packages fix security vulnerabilities: An issue was discovered in The Sleuth Kit TSK 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table CVE-2019-14532. In version 4.8.0 and earlier of The Sleuth Kit TSK, there ...
Updated nodejs-set-value packages fix security vulnerability
Updated nodejs-set-value package fixes security vulnerability: A vulnerability was found in NOdejs set-value, where set-value is vulnerable to prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a...
Updated pdns-recursor packages fix security vulnerabilities
Updated pdns-recursor packages fix security vulnerabilities: An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server to amplify the...
Updated squid packages fix security vulnerability
Updated squid packages fix security vulnerability: Due to an integer overflow bug Squid is vulnerable to credential replay and remote code execution attacks against HTTP Digest Authentication tokens. When memory pooling is used this problem allows a remote client to replay a sniffed Digest...
Updated webkit2 packages fix security vulnerability
Updated webkit2 packages fix security vulnerability: WebKitGTK through 2.26.4 contains a memory corruption issue use-after-free that may lead to arbitrary code execution CVE-2020-10018...
Updated roundcubemail packages fix security vulnerability
The updated package fixes a security vulnerability: Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. CVE-2019-15237...
Updated rsyslog packages fix security vulnerabilities
Updated rsyslog packages fix security vulnerabilities: Heap overflow in the parser for AIX log messages CVE-2019-17041. Heap overflow in the parser for Cisco log messages CVE-2019-17042...
Updated sdl2_image packages fix security vulnerabilities
Updated sdl2image packages fix security vulnerabilities: An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially...
Updated python-sqlalchemy packages fix security vulnerabilities
Updated python-sqlalchemy packages fix security vulnerabilities: SQL Injection via the orderby parameter CVE-2019-7164. SQL Injection via the groupby parameter CVE-2019-7548...
Updated phpmyadmin packages fix security vulnerabilities
Updated phpmyadmin packages fix security vulnerabilities: A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. CVE-2019-11768, PMASA-2019-3 A vulnerability was found that allows an attacker to trigger a...
Updated keepalived package fixes security vulnerabilities
keepalived before version 2.0.9 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data ...
Updated nginx package fixes security vulnerabilities
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption CVE-2018-16843. nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage...
Updated libtiff packages fix security vulnerabilities
Heap-based buffer overflow in tifpackbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file CVE-2016-5319. In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tifpackbits.c CVE-2017-17942. TIFFWriteScanlin...
Updated thunderbird packages fix security vulnerabilities
The updated packages fix several bugs and some security issues: Buffer overflow using computed size of canvas element. CVE-2018-12359 Use-after-free when using focus. CVE-2018-12360 S/MIME and PGP decryption oracles can be built with HTML emails. CVE-2018-12372 S/MIME plaintext can be leaked...
Updated krb5 packages fix security vulnerabilities
Updated krb5 packages fix security vulnerabilities: An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the Key Distribution Center KDC, which allows...
Updated gcc packages fix security vulnerability
This update provides and update to 5.5.0 maintenance release and adds support for retpoline, a mitigation technique for CVE-2017-5715 branch target injection aka 'Spectre Variant 2' that is needed at least for the kernels...
Updated nonfree firmwares fixes security issues and adds new hw support
Updated nonfree firmwares fixes at least the following security issues: Broadcom firmware fixes: - dropping BRCM proprietary packets received over the air CVE-2016-0801 - adding length checks for TDLS action frames CVE-2017-0561 - adding length checks for WME IE CVE-2017-9417 Iwlwifi firmware...
Updated nagios packages fix security vulnerability
It was found that nagios daemon creates its PID file after dropping privileges, which allows to change its content by non-root user with PID of any other process, resulting into denial-of-service when daemon is stopped CVE-2017-12847. Note that the nagios package on Mageia 5 is no longer supporte...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 4.9.56 and fixes at least the following security issues: A flaw was found in the way the Linux KVM module processed the trap flagTF bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exceptionDB being raised in the guest stack...
Updated sqlite3 packages fix security vulnerability
Pointer disclosure in SQLite CVE-2017-7000. The getNodeSize function in ext/rtree/rtree.c in SQLite mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact CVE-2017-10989. Note: the CVE-2017-10989 issue only affected...
Updated java-1.8.0-openjdk packages fix security vulnerability
An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges CVE-2017-3511. It was found that the JAXP component of...
Updated thunderbird packages fix security vulnerability
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. CVE-2017-5400 A crash triggerable by web content in which an ErrorResult references unassigned memory due to a logic error. The resulting crash may...
Updated python-pycrypto packages fix security vulnerabilities
This is a security fix for a possible Buffer overflow. AES.new with invalid parameter crashes python. The IV parameter is currently ignored when initializing a cipher in ECB or CTR mode. There was a bug in pycrypto which could be exploited to get a shell...
Updated php packages fix security vulnerability
NULL Pointer Dereference in WDDX Packet Deserialization with PDORow in PHP before 5.6.28 CVE-2016-9934. Invalid read when wddx decodes empty boolean element in PHP before 5.6.29 CVE-2016-9935...
Updated openjpeg2 packages fix security vulnerabilities
A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in opjtcdfreetile CVE-2016-3181. A specially crafted JPEG2000 image file can force Heap Corruption in opjfree CVE-2016-3182. A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in sycc422torgb CVE-2016-3183...
Updated graphicsmagick packages fix security vulnerability
The updated packages fix security vulnerabilities: Stack-based buffer overflow in ReadSCTImage CVE-2016-8682. Memory allocation failure in ReadPCXImage CVE-2016-8683. Memory allocation failure in MagickMalloc CVE-2016-8684...
Updated tomcat packages fix security vulnerability
Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP...
Updated openssh packages fix security vulnerability
Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth1 CVE-2016-3115...
Updated tomcat packages fix security vulnerabilities
Updated tomcat packages fix security vulnerabilities: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 7.x before 7.0.65 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in a pathname used b...
Updated bind packages fix security vulnerability
In ISC BIND before 9.10.3-P3, a buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c CVE-2015-8704. In ISC BIND before 9.10.3-P3, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the...
Updated nodejs packages fix security vulnerabilities
Updated nodejs package fixes security vulnerability: It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges CVE-2015-0278. The libuv library is bundled with nodejs, and a fixed version of libuv is included wi...
Updated java-1.7.0-openjdk packages fix security vulnerabilities
Updated java-1.7.0 packages fix security vulnerabilities: An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrust...
Updated owasp-esapi-java packages fix CVE-2013-5679
Updated owasp-esapi-java packages fix security vulnerability: The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier f...
Updated vlc packages fix security vulnerabilities
Updated vlc packages fix security vulnerabilities: On 32 bit builds, parsing of update status files with a size of 4294967295 or more lead to an integer truncation caused by a cast to sizet in a call to malloc and a subsequent buffer overflow. This happened prior to checking the files' signature...
Updated resteasy package fix CVE-2014-3490
Updated resteasy packages fixes security vulnerability: It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEa...
Updated gd and libgd packages fix security vulnerability
The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file CVE-2014-2497...
Updated kernel-vserver packages fix multiple vulnerabilities
Updated kernel-vserver provides upstream 3.10.40 kernel and fixes the following security issues: The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: It was discovered that the file utility contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. A flaw was foun...
Updated chromium-browser-stable package fixes security vulnerabilities
Use-after-free in svg images CVE-2013-6663. Use-after-free in speech recognition CVE-2013-6664. Heap buffer overflow in software rendering CVE-2013-6665. Chrome allows requests in flash header request CVE-2013-6666. Various fixes from internal audits, fuzzing and other initiatives CVE-2013-6667...
Updated xstream packages fix CVE-2013-7285
Updated xstream packages fix security vulnerability: It was found that XStream would deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code executio...
Updated libpng and libpng12 packages fix security vulnerability
The pngdoexpandpalette function in libpng before 1.6.8 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c CVE-2013-6954...
Updated krb5 package fixes security vulnerabilities
An authenticated remote client can cause a KDC to crash by making a valid TGS-REQ to a KDC serving a realm with a single-component name. The processtgsreq function dereferences a null pointer because an unusual failure condition causes a helper function to return success CVE-2013-1417. If a KDC...
Updated libjpeg packages fix vulnerabilities in libjpeg-turbo
Updated libjpeg packages fix security vulnerabilities: libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component Y in presence of valid chroma data Cr, Cb CVE-2013-6629. libjpeg-turbo will use uninitialized memory when handli...
Updated java-1.6.0-openjdk package fixes multiple vulnerabilities
Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the...
Updated clutter packages fix CVE-2013-2190
Updated clutter packages fix security vulnerability: A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances when underlying device disappeared, causing...
Updated giflib packages fix security vulnerability
The giflib open-source component has a buffer overflow vulnerability. CVE-2025-31344...
Updated kernel, kmod-xtables-addons, kmod-virtualbox & bluez packages fix security vulnerabilities
Upstream kernel version 6.6.61 fixes bugs and vulnerabilities. The bluez, kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
Updated python-gunicorn packages fix security vulnerability
Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling HRS vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's handli...