6007 matches found
Updated poppler packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an...
Updated ghostscript packages fix security vulnerability
Updated ghostscript packages fix security vulnerability: It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass -dSAFER restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate...
Updated tomcat-native packages fix security vulnerability
When using an OCSP responder did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual TLS CVE-2018-8019. Did not properly check OCSP...
Updated ansible packages fix security vulnerability
The user module leaked parameters passed to ssh-keygen to the process environment CVE-2018-16837. The fetch module was susceptible to path traversal CVE-2019-3828...
Updated wavpack packages fix security vulnerabilities
Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...
Updated nss packages fix security vulnerability
Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys CVE-2018-0495...
Updated spice-vdagent package fixes security vulnerability
Improperly escaped save directory that is passed to the shell allows local attacker with access to the session the agent runs to inject arbitrary commands to be executed CVE-2017-15108...
Updated live, ffmpeg, mplayer, and vlc packages fix security vulnerabilities
A bug in the server implementation of RTSP-over-HTTP in live could allow a denial-of-service attack. A bug in the server implementation of RTSP-over-HTTP could allow a buffer overflow, which could result in the execution of arbitrary code when parsing a malformed RTSP stream CVE-2018-4013. The...
Updated python-lxml packages fix security vulnerability
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer CVE-2018-19787...
Updated nss packages fix security vulnerability
Cache side-channel variant of the Bleichenbacher attack.CVE-2018-12404...
Updated spamassassin packages fix security vulnerabilities
Updated spamassassin package fixes security vulnerabilities: A reliance on "." in @INC in one configuration script CVE-2016-1238. A denial of service vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts CVE-2017-15705. A...
Updated quazip packages fix security vulnerability
Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar,x...
Updated wpa_supplicant packages fix security vulnerability
Updated wpasupplicant packages fix security vulnerability: An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and clie...
Updated libsndfile packages fix security vulnerabilities
Updated libsndfile package fixes security vulnerabilities: The function d2alawarray in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack CVE-2017-17456. The function d2ulawarray in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack CVE-2017-17457. A stack-based buffer...
Updated flash-player-plugin packages fix security vulnerabilities
Updated flash-player-plugin packages fix security vulnerabilities: A type confusion vulnerability that could lead to arbitrary code execution CVE-2018-5007. An out of bounds read that could lead to information disclosure CVE-2018-5008...
Updated jasper packages fix security vulnerabilities
Updated japser packages fix security vulnerabilities: An assertion failure was possible to trigger in JPCNOMINALGAIN CVE-2016-9396. Denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c could lead to denial of service CVE-2018-9055...
Updated python3 packages fix security vulnerabilities
Updated python3 packages fix security vulnerabilities: A flaw was found in the way catastrophic backtracking was implemented in Python's pop3lib's apop method. An attacker could use this flaw to cause denial of service CVE-2018-1060. A flaw was found in the way catastrophic backtracking was...
Updated libtiff packages fix security vulnerabilities
The TIFFWriteDirectorySec function in tifdirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service assertion failure and application crash via a crafted file, a different vulnerability than CVE-2017-13726. CVE-2018-10963 In LibTIFF 4.0.9, a heap-based buffer overflo...
Updated systemd packages fix security vulnerability
Updated systemd packages fix security vulnerability: Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez independently discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop...
Updated elfutils packages fix security vulnerabilities
The elfutils package has been updated to version 0.169 to fix several bugs that can lead to memory allocation failures or heap overflows CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613...
Updated icu packages fix security vulnerability
Integer overflow in ICU in the Persian calendar CVE-2017-15422...
Updated apr packages fix security vulnerability
An out-of-bounds array dereference was found in aprtimeexpget. An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak CVE-2017-12613...
Updated jq packages fix security vulnerabilities
A heap-based buffer overflow flaw was found in jq's tokenadd function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system CVE-2015-8863. Stack exhaustion could affect...
Updated flash-player-plugin packages fixes security vulnerabilities
Adobe Flash Player 27.0.0.187 addresses critical vulnerabilities that could lead to code execution. The update fixes out-of-bounds reads CVE-2017-3112, CVE-2017-3114, CVE-2017-11213 and use-after-free issues CVE-2017-11215, CVE-2017-11225...
Updated libxdmcp packages fix security vulnerability
XDM uses weak entropy to generate the session keys on non BSD systems. On multi user systems it might possible to check the PID of the process and how long it is running to get an estimate of these values, which could allow an attacker to attach to the session of a different user CVE-2017-2625...
Updated kernel-linus packages fixes security and other bugs
This kernel-linus update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
Updated kernel-linus packages fixes security and other bugs
This kernel-linus update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
Updated libtiff packages fix security vulnerabilities
Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code CVE-2017-9936, CVE-2017-10688...
Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7751,...
Updated wireshark packages fix security vulnerability
The wireshark package has been updated to version 2.0.12, which fixes multiple security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...
Updated openjpeg2 packages fix security vulnerabilities
Floating Point Exception aka FPE or divide by zero in opjpinextcprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2. CVE-2016-9112 There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image-comps0.data is not assigned a value after initializationNULL...
Updated phpmyadmin packages fix security vulnerabilities
Multiple vulnerabilities in setup script CVE-2016-6621 / PMASA-2016-44. Open redirect PMASA-2017-1. php-gettext code execution CVE-2015-8980 / PMASA-2017-2. DOS vulnerability in table editing PMASA-2017-3. CSS injection in themes PMASA-2017-4. SSRF in replication PMASA-2017-6. DOS in replication...
Updated bash packages fix security vulnerability
In Bash, the popd command can be tricked to free a user supplied address, which could be used to bypass restricted shells rsh on some environments to cause use-after-free CVE-2016-9401...
Updated mcabber packages fix security vulnerability
It was discovered that there was a "roster push attack" vulnerability in mcabber, a console-based Jabber XMPP client. A remote attacker can modify the roster and intercept messages via a crafted roster-push IQ stanza CVE-2016-9928...
Updated libgd packages fixe security vulnerabilities
Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed Tiff images. If a user or automated system were tricked into processing a specially crafted Tiff image, an attacker could cause a denial of service CVE-2016-6911. Emmanuel Law discovered that the GD library...
Updated python-django packages fix security vulnerabilities
User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...
Updated 389-ds-base packages fix security vulnerability
A vulnerability in 389-ds-base was found that allows to bypass limitations for compare and read operations specified by Access Control Instructions. When having LDAP sub-tree with some existing objects and having BIND DN which have no privileges over objects inside the sub-tree, unprivileged user...
Updated golang package fixes security vulnerability
Updated golang packages fix security vulnerability: Go: sets environmental variable based on user supplied Proxy request header CVE-2016-5386...
Updated curl packages fix security vulnerability
The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked and due to arithmetic in...
Updated sqlite3 packages fix security vulnerability
It was discovered that sqlite3 would reject a temporary directory e.g., as specified by the TMPDIR environment variable to which the executing user did not have read permissions. This could result in information leakage as less secure global temporary directories e.g., /var/tmp or /tmp would be...
Updated postgresql packages fix security vulnerabilities
Updated postgresql packages fix security vulnerabilities: A vulnerability in PostgreSQL 9.3.x before 9.3.12 and 9.4.x before 9.4.7 leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed und...
Updated java packages fix CVE-2016-0636
Updated java-1.8.0-openjdk packages fix security vulnerability: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions CVE-2016-0636. Also, the icedtea-web package has been updated to...
Updated kernel packages fix security vulnerability
Perception Point Research Team found a reference leak in keyring in joinsessionkeyring that can be exploited to successfully escalate privileges from a local user to root CVE-2016-0728. Other fixes in this kernel update: - netfilter: nfnatredirect: add missing NULL pointer check...
Updated ruby packages fix security vulnerability
There is an unsafe tainted string vulnerability in Fiddle and DL. This issue was originally reported and fixed with CVE-2009-5147 in DL, but reappeared after DL was reimplemented using Fiddle and libffi CVE-2015-7551...
Updated libpng packages fix security vulnerabilities
Updated libpng and libpng12 packages fix security vulnerability: The fix for CVE-2015-8126 was incomplete. While it defended against the potential overrun while reading PNG files, it did not detect a potential overrun by applications using pngsetPLTE directly CVE-2015-8472...
Updated libraw packages fix security vulnerabilities
Updated libraw packages fix security vulnerabilities: It was found that smaldecodesegment function do not handle index carefully, which may cause index overflow CVE-2015-8366. It was found that phaseonecorrect function does not handle memory object's initialization correctly, which may have...
Updated postgresql packages fix security vulnerabilities
Josh Kupershmidt discovered the pgCrypto extension could expose several bytes of server memory if the crypt function was provided a too-short salt. An attacker could use this flaw to read private data. CVE-2015-5288 Oskari Saarenmaa discovered that the json and jsonb handlers could exhaust...
Updated moodle packages fix security vulnerabilities
Updated moodle package fixes security vulnerabilities: In Moodle before 2.8.8, completed and graded lesson activity was not protected against making new attempts to answer some questions, so students could re-attempt answering questions in the lesson CVE-2015-5264. In Moodle before 2.8.8, users...
Updated php-ZendFramework packages fix CVE-2015-5161
Updated php-ZendFramework and php-ZendFramework2 packages fix security vulnerability: Dawid Golunski discovered that when running under PHP-FPM in a threaded environment, Zend Framework, a PHP framework, did not properly handle XML data in multibyte encoding. This could be used by remote attacker...
Updated cgit package fixes security vulnerability
cgit in Mageia 4/5 bundles an old git that is being subject to a minor security issue CVE-2014-9390. The cgit package was updated to its latest upstream release, and updates the bundled git to the non-vulnerable version 2.5.0, which contains various bug fixes...