6007 matches found
Updated xerces-c packages fix CVE-2017-12627
Updated xerces-c packages fix security vulnerability: The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processi...
Updated ghostscript packages fix security vulnerability
The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document CVE-2016-10317...
Updated postgresql packages fix security vulnerability
In postgresql 9.4.x before 9.4.16 and 9.6.x before 9.6.7, pgupgrade creates file in current working directory containing the output of pgdumpall -g under umask which was in effect when the user invoked pgupgrade, and not under 0077 which is normally used for other temporary files. This can allow ...
Updated apache-commons-email packages fix security vulnerability
Apache Commons-Email, from version 1.0 to 1.4 inclusive, does not properly validate bounce addresses. If a user of Commons-Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients,...
Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096,...
Updated awstats packages fix security vulnerability
The cPanel Security Team discovered two path traversal flaws in awstats in the "config" and "migrate" parameters that could be leveraged for unauthenticated remote code execution CVE-2017-1000501...
Updated samba packages fix security vulnerability
Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote...
Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability
Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...
Updated gdk-pixbuf2.0 packages fix security vulnerability
JPEG gdkpixbufjpegimageloadincrement Code Execution Vulnerability CVE-2017-2862. tiffimageparse Code Execution Vulnerability CVE-2017-2870. Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system were tricked...
Updated glibc packages fix security vulnerabilities
The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.CVE-2017-12132, CVE-2017-12133. The GNU C Library aka...
Updated ffmpeg packages fix security vulnerability
This update provides ffmpeg version 3.3.5, which fixes several security vulnerabilities and other bugs which were corrected upstream...
Updated postgresql packages fix security vulnerabilities
The startup log file for the postmaster in newer releases, "postgres" process was opened while the process was still owned by root. With this setup, the database owner could specify a file that they did not have access to and cause the file to be corrupted with logged data CVE-2017-12172. Crash d...
Updated krb5 packages fix security vulnerabilities
An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances CVE-2017-7562...
Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-7826, CVE-2017-7828, CVE-2017-7830...
Updated irssi packages fix security vulnerabilities
While waiting for the channel synchronization, Irssi may incorrectly fail to remove destroyed channels from the query list, resulting in use after free conditions when updating the state later on CVE-2017-15227. When installing themes with unterminated color formatting sequences, Irssi may access...
Updated openvpn packages fix security vulnerability
The bounds check in readkey was performed after using the value, instead of before. If 'key-method 1' is used, this allowed an attacker to send a malformed packet to trigger a stack buffer overflow. Note that 'key-method 1' has been replaced by 'key method 2' as the default in OpenVPN 2.0...
Updated libraw packages fix security vulnerabilities
There is a floating point exception in the kodakradcloadraw function in dcrawcommon.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. CVE-2017-13735 A Stack-based Buffer Overflow was discovered in xtransinterpolate in internal/dcrawcommon.cpp in LibRaw before 0.18.3. It cou...
Updated libsndfile packages fix security vulnerability
It was discovered that a Heap-based Buffer Overflow in the psfbinheaderwritef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...
Updated poppler packages fix security vulnerabilities
Jiaqi Peng discovered that the poppler pdfunite tool incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to crash, resulting in a denial of service CVE-2017-7511. It was discovered that the...
Updated qpdf packages fix security vulnerabilities
This snapshot of the upstream development branch 6.0 of qpdf fixes several infinite loop vulnerabilities: CVE-2017-9208, CVE-2017-9209, CVE-2017-9210, CVE-2017-11624, CVE-2017-11625, CVE-2017-11626, CVE-2017-11627. For Mageia 5, the cups-filters package was also rebuilt against this new major...
Updated jbig2dec packages fix security vulnerability
Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened CVE-2016-9601. Artifex jbig2dec has a heap-based buffer over-read leading to...
Updated jitsi packages fix security vulnerability
An incorrect implementation of XEP-0280: Message Carbons in Jitsi and other XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks CVE-2017-5603...
Updated hdf5 packages fix security vulnerabilities
In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution CVE-2016-4330. When decoding data out of a dataset...
Updated c-ares packages fix security vulnerability
In c-ares before 1.12.0, When a string is passed in to 'arescreatequery' or 'aresmkquery' and uses an escaped trailing dot, like "hello\.", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte. The wrongly written byte is the least...
Updated gnupg/libgcrypt packages fix security vulnerability
Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output CVE-2016-6313. The gnupg package has been...
Updated python-django packages fix security vulnerability
It was discovered that Django is prone to a cross-site scripting vulnerability in the admin's add/change related popup CVE-2016-6186...
Updated harfbuzz packages fix security vulnerability
Two memory access issues, including a heap-based buffer overflow CVE-2015-8947 and incorrect table length check CVE-2016-2052 could lead to a denial of service when rendering a crafted OpenType font...
Updated phpmyadmin packages fix security vulnerability
In phpMyAdmin before 4.4.15.7, a vulnerability was discovered that allows a BBCode injection to setup script in case it's not accessed on https CVE-2016-5701. In phpMyAdmin before 4.4.15.7, a vulnerability was discovered that allows an SQL injection attack to run arbitrary commands as the control...
Updated cacti packages fix security vulnerabilities
Updated cacti package fixes security vulnerability: SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parentid parameter in an itemedit action CVE-2016-3172. SQL injection vulnerability in graphview.php ...
Updated putty packages fix CVE-2016-2563
Updated putty package fixes security vulnerability: Many versions of PSCP in PuTTY prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction i.e. downloading from server to client of the old-style SCP protocol. In order for this vulnerability to be exploited,...
Updated nodejs packages fix security vulnerability
A request smuggling vulnerability was found in Node.js that can be exploited under certain unspecified circumstances CVE-2016-2086. It was reported that HTTP header parsing in Node.js is vulnerable to response splitting attacks. While Node.js has been protecting against response splitting attacks...
Updated python-pillow packages fix security vulnerability
A buffer overflow in TiffDecode.c causing an arbitrary amount of memory to be overwritten when opening a specially crafted invalid TIFF file CVE-2016-0740. A buffer overflow in FliDecode.c causing a segfault when opening FLI files CVE-2016-0775. A buffer overflow in PcdDecode.c causing a segfault...
Updated krb5 packages fix security vulnerability
In all versions of MIT krb5, an authenticated attacker can cause kadmind to read beyond the end of allocated memory by sending a string without a terminating zero byte. Information leakage may be possible for an attacker with permission to modify the database CVE-2015-8629. In MIT krb5 1.12 and...
Updated dhcpcd packages fix security vulnerability
Possible heap overflow in dhcpcd before 6.10.0 caused by malformed dhcp responses due to incorrect option length values CVE-2016-1503. Possible invalid read in dhcpcd before 6.10.0 caused by malformed dhcp responses can lead to a crash CVE-2016-1504. The dhcpcd package has been updated to version...
Updated dhcp packages fix security vulnerability
A badly formed packet with an invalid IPv4 UDP length field can cause an ISC DHCP server, client, or relay program to terminate abnormally CVE-2015-8605. The dhcp package has been updated to version 4.3.3-P1, which fixes this issue and several other bugs. Also, the package has also been enhanced ...
Updated bugzilla packages fix security vulnerability
Login names usually an email address longer than 127 characters are silently truncated in MySQL which could cause the domain name of the email address to be corrupted. An attacker could use this vulnerability to create an account with an email address different from the one originally requested...
Updated bouncycastle packages fix security vulnerability
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack" CVE-2015-7940...
Updated uglify-js packages fix security vulnerability
The UglifyJS node module has a problem where the combination of De Morgan's Law and non-boolean values can lead to a case where code is incorrectly minified, which can lead to possibly malicious minified JS code...
Updated latex2rtf packages fix security vulnerability
A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...
Updated libreoffice packages fix security vulnerability
Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files CVE-2015-4551. It was discovered that...
Updated sddm packages fixes security vulnerability
Pavel Avgustinov discovered that SDDM does not disable the KDE crash handler, and certain themes would allow shell access to the sddm user as a result in case of a crash CVE-2015-0856. Only SDDM users using the Breeze theme from plasma-workspace are affected...
Updated virtualbox packages fix security vulnerabilities
A vulnerability in the Oracle VM VirtualBox component prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32 and 5.0.8. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash...
Updated flash-player-plugin packages fixes security vulnerabilities
Adobe Flash Player 11.2.202.535 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to...
Updated gdk-pixbuf2.0 packages fix security vulnerabilities
Updated gdk-pixbuf packages fix security vulnerabilities: Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf before 2.32.0. This issue is triggered by the scaling of a malformed tga format image and results in a potentially exploitable crash CVE-2015-7673. Security research...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 11.2.202.521 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution CVE-2015-5573. This...
Updated openldap package fixes security vulnerability
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call in the bergetnext method in a/libraries/liblber/io.c that is hit when decoding tampered BER data CVE-2015-6908...
Updated cups-filters package fixes security vulnerability
A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filters processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to crash texttopdf or, possibly, execute arbitrary code with the privileges of...
Updated libwmf package fixes security vulnerability
It was discovered that libwmf did not correctly process certain WMF Windows Metafiles containing BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges ...
Updated redis package fixes security vulnerability
It was discovered that redis, a persistent key-value database, could execute insecure Lua bytecode by way of the EVAL command. This could allow remote attackers to break out of the Lua sandbox and execute arbitrary code CVE-2015-4335...
Updated libssh packages fix CVE-2015-3146
Updated libssh packages fix security vulnerability: libssh versions 0.5.1 and above, but before 0.6.5, have a logical error in the handling of a SSHMSGNEWKEYS and SSHMSGKEXDHREPLY package. A detected error did not set the session into the error state correctly and further processed the packet whi...