6007 matches found
Updated pdns-recursor packages fix security vulnerability
Florian Heinz and Martin Kluge reported that pdns-recursor parses all records present in a query regardless of whether they are needed or even legitimate, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the pdns server, resulting in a partial denial of service i...
Updated pdns packages fix security vulnerabilities
Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advantage of this flaw to crash server by inserting a specially crafted record in a zone under their control and then sending a DNS query for that record CVE-2016-2120. Florian Heinz and...
Updated unrtf package fixes security vulnerability
A Stack-based buffer overflow has been found in unrtf 0.21.9, which affects functions including cmdexpand, cmdemboss and cmdengrave CVE-2016-10091...
Updated drupal packages fix security vulnerability
Inconsistent name for term access query; information on taxonomy terms might have been disclosed to unprivileged users CVE-2016-9449. Confirmation forms allow external URLs to be injected CVE-2016-9451...
Updated bind packages fix security vulnerability
Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...
Updated pdns packages fix security vulnerability
PowerDNS Authoritative Server accepts queries with a qname's length larger than 255 bytes CVE-2016-5426. PowerDNS Authoritative Server does not properly handle dot inside labels CVE-2016-5427. These issues allow a remote, unauthenticated attacker to cause an abnormal load on the PowerDNS backend ...
Updated firefox/rootcerts/nss packages fix security vulnerability
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-5257, CVE-2016-5278, CVE-2016-5270, CVE-2016-5272,...
Updated nettle/nettle2.7 packages fix security vulnerability
The cryptographic library nettle had a potential information leak problem reported. RSA code is vulnerable to cache sharing related attacks CVE-2016-6489...
Updated wireshark packages fix security vulnerability
The wireshark package has been updated to version 2.0.5, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...
Updated libgd packages fix security vulnerability
Updated libgd packages fix security vulnerabilities: A read out-of-bounds was found in the parsing of TGA files when the header reports an incorrect size CVE-2016-6132 or invalid bpp CVE-2016-6214 or RLE value upstream issue 248. Integer overflow error within gdContributionsAlloc CVE-2016-6207. A...
Updated libarchive packages fix security vulnerability
An out of bounds read in the rar parser: invalid read in function copyfromlzsswindow when unpacking malformed rar CVE-2015-8934. An exploitable heap overflow vulnerability exists in the 7zip readSubStreamsInfo functionality of libarchive. A specially crafted 7zip file can cause a integer overflow...
Updated squid packages fix CVE-2016-4051
Updated squid packages fix security vulnerability: Due to incorrect buffer management Squid cachemgr.cgi tool is vulnerable to a buffer overflow when processing remotely supplied inputs relayed to it from Squid. This problem allows any client to seed the Squid manager reports with data that will...
Updated chromium-browser-stable packages fix security vulnerabilities
Chromium-browser-stable 50.0.2661.75 fixes security issues: Cross-site scripting XSS vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/modulesystem.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary we...
Updated optipng packages fix security vulnerabilities
An updated optipng package fixes a number of bugs and security vulnerabilities. CVE-2015-7802 - Buffer over-read issue CVE-2016-2191 - An invalid write and segmentation fault may occur while processing bitmap images...
Updated filezilla packages fix security vulnerability
Many versions of PSCP in PuTTY prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction i.e. downloading from server to client of the old-style SCP protocol. In order for this vulnerability to be exploited, the user must connect to a malicious server and...
Updated gnome-photos packages fix CVE-2013-7447
Updated gnome-photos package fixes security vulnerabilities: Due to a logic error, an attempt to allocate a large block of memory fails in createsurfacefrompixbuf, leading to a crash of gnome-photos CVE-2013-7447. A similar potential issue in viewhelperdraw in src/gegl-gtk-view-helper.c has also...
Updated jasper packages fix CVE-2016-1867
Updated jasper packages fix security vulnerabilities: The jpcpinextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG 2000 image CVE-2016-1867...
Updated firefox packages fix security vulnerability
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-1930, CVE-2016-1935...
Updated chromium-browser-stable packages fix security vulnerability
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact vi...
Updated kernel-tmb packages fix security vulnerability
Perception Point Research Team found a reference leak in keyring in joinsessionkeyring that can be exploited to successfully escalate privileges from a local user to root CVE-2016-0728. Other fixes in this kernel update: - netfilter: nfnatredirect: add missing NULL pointer check...
Updated moodle packages fix security vulnerability
In Moodle before 2.8.10, web services coreenrolgetcourseenrolmentmethods and enrolselfgetinstanceinfo did not check user permission to access hidden courses CVE-2016-0724. In Moodle before 2.8.10, search string in course management interface was not escaped when being output creating potential fo...
Updated keepassx packages fix CVE-2015-8378
Updated keepassx package fixes security vulnerability: Cancelling an export operation creates clear text copy of all of the user's KeePassX password database entries. CVE-2015-8378...
Updated libpng/libpng12 packages fix security vulnerability
Multiple buffer overflows in the pngsetPLTE and pnggetPLTE functions in libpng before 1.6.19 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small bit-depth value in an IHDR aka image header chunk in a PNG image CVE-2015-8126...
Updated libtorrent-rasterbar packages fixes security vulnerability
The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing." Note while this CVE was reported against BitTorrent DHT Bootstrapt server, the same vulnerable code is available in...
Updated nvidia driver packages fix security vulnerability
A vulnerability has been found in the nvidia proprietary driver that could be used to allow a local, non-privileged user to corrupt kernel memory. This could be used to gain local root privileges. A local user can issue a specially crafted IOCTL to write a 32-bit integer value stored in the kerne...
Updated openldap package fixes security vulnerability
By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert call in the bergetnext method in a/libraries/liblber/io.c that is hit when decoding tampered BER data CVE-2015-6908...
Updated firefox package fixes security vulnerability
Updated firefox packages fix security vulnerabilities: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2015-4497. A flaw wa...
Updated gnutls packages fix security vulnerabilities
It was reported that GnuTLS does not check whether the two signature algorithms match on certificate import CVE-2015-0294. Kurt Roeckx discovered that decoding a specific certificate with very long DistinguishedName DN entries leads to double free. A remote attacker can take advantage of this fla...
Updated moodle package fixes security vulnerabilities
In Moodle before 2.8.7, phishing is possible when redirecting to external site using referer headers in error messages CVE-2015-3272. In Moodle before 2.8.7, several web services returning user information did not clean text in text custom profile fields, leading to possible XSS CVE-2015-3274. In...
Updated springframework package fixes security vulnerability
In Spring Framework before 3.2.14, if DTD is not entirely disabled, inline DTD declarations can be used to perform denial of service attacks known as XML bombs. Such declarations are both well-formed and valid according to XML schema rules but when parsed can cause out of memory errors. To protec...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.9, one could circumvent the SVG MIME blacklist for embedded resources. This allowed an attacker to embed JavaScript in the SVG CVE-2015-2931. In MediaWiki before 1.23.9, the SVG filter to prevent injecting JavaScrip...
Updated chromium-browser-stable packages fix security vulnerabilities
Updated chromium-browser-stable packages fix security vulnerabilities: Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors CVE-2015-1233. Race condition ...
Updated 389-ds-base packages fix security vulnerabilities
An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive...
Updated vlc package fixes security vulnerability
Updated vlc packages 2.1.6 are an upgrade with some fixes. Some of the problems fixed upstream were already fixed by a previous Mageia update to VLC see the link to MGASA-2015-0053. VLC versions before 2.1.5 contain a vulnerability in the transcode module that may allow a corrupted stream to...
Updated cpio package fixes security vulnerability
In GNU Cpio 2.11, the --no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries...
Updated firefox and thunderbird packages fixes security vulnerabilities
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running it CVE-2014-8634. It was found that the Beacon interface...
Updated gcab packages fix CVE-2015-0552
Updated gcab packages fix security vulnerability: Jakub Wilk reported a directory traversal vulnerability due to gcab not filtering leading slashes from paths in CAB files CVE-2015-0552...
Updated libsndfile packages fix CVE-2014-9496
Updated libsndfile packages fix security vulnerabilities: libsndfile contains multiple buffer-overflow vulnerabilities in src/sd2.c because it fails to properly bounds-check user supplied input, which may allow an attacker to execute arbitrary code or cause a denial of service CVE-2014-9496...
Updated tcpdump package fixes security vulnerability
It was discovered that tcpdump incorrectly handled printing PPP packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2014-9140...
Updated phpmyadmin packages fix security vulnerabilities
Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.7, with a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page, with a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoo...
Updated flash-player-plugin packages fix CVE-2014-8439
Adobe Flash Player 11.2.202.424 contains additional hardening against a vulnerability in the handling of a dereferenced memory pointer that could lead to code execution CVE-2014-8439. A mitigation was previously introduced for this issue in a previous update MGASA-2014-0448...
Updated cacti package fixes multiple security vulnerabilities
Updated cacti package fixes security vulnerabilities: Multiple security issues cross-site scripting, missing input sanitising and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems CVE-2014-5025, CVE-2014-5026, CVE-2014-5261, CVE-2014-5262...
Updated curl packages fix security vulnerabilities
Updated curl packages fix security vulnerabilities: In cURL before 7.38.0, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. For this problem to trigger, the client application must use the numerical IP address in the URL to...
Updated italc package fixes security vulnerability
An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. The italc package is built with a bundled copy of minilzo, which is a part...
Updated cups packages fix security vulnerability
In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd CVE-2014-3537. It was discovered that the web interface in CUPS incorrectly validated permissions on rss files and directory index...
Updated libtasn1 packages fix CVE-2014-3467-9
Updated libtasn1 packages fix security vulnerabilities: Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash CVE-2014-3467. It was...
Updated postgresql packages fix multiple vulnerabilities
Updated postgresql packages fix security vulnerabilities: Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role memb...
Updated wireshark packages fix multiple vulnerabilies
The NFS dissector could crash CVE-2014-2281. The M3UA dissector could crash CVE-2014-2282. The RLC dissector could crash CVE-2014-2283. The MPEG file parser could overflow a buffer CVE-2014-2299...
Updated subversion packages fix CVE-2014-0032
Updated subversion packages fix security vulnerability: The moddavsvn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service crash via an OPTIONS request CVE-2014-0032. The package has been updated to version 1.8.8, which...
Updated denyhosts package fixes security vulnerability
Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited by a malicious user ...