6007 matches found
Updated libexif packages fix a security vulnerability
In exifentrygetvalue of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for...
Updated packagekit packages fix a security vulnerability
It was discovered that packagekit was subject to a vulnerability where the InstallFiles, GetFilesLocal and GetDetailsLocal methods of the DBus interface to PackageKit accesses given files before checking for authorization. This allows non-privileged users to learn the MIME type of any file on the...
Updated firefox and thunderbird packages fix a security vulnerability
Write side effects in MCallGetProperty opcode not accounted for. In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. CVE-2020-26950 Also some bugfix for Thunderbird have been added. See upstream release...
Updated mariadb packages fix security vulnerability
This update fixes CVE-2020-15180...
Updated python-ipaddress package fixes security vulnerability
Hash collisions in IPv4Interface and IPv6Interface could lead to DOS CVE-2020-14422...
Updated libssh packages fix security vulnerability
The code in src/sftpserver.c did not verify the validity of certain pointers and expected them to be valid. A NULL pointer dereference could have been occurred that typically causes a crash and thus a denial-of-service CVE-2020-16135...
Updated docker packages fix security vulnerability
Updated docker packages fix security vulnerability: A flaw was found in Docker when it creates network bridges that accept IPv6 router advertisements by default. This flaw allows an attacker who can execute code in a container to possibly spoof rogue IPv6 router advertisements to perform a...
Updated tor packages fix security vulnerabilities
Updated tor package fixes security vulnerabilities: Tor before 0.3.5.10 allows remote attackers to cause a Denial of Service CPU consumption CVE-2020-10592. Tor before 0.3.5.10 allows remote attackers to cause a Denial of Service memory leak. This occurs in circpadsetupmachineoncirc because a...
Updated weechat packages fix security vulnerabilities
Updated weechat packages fix security vulnerabilities: An issue was discovered in WeeChat before 2.7.1 0.4.0 to 2.7 are affected. A malformed message 352 who can cause a NULL pointer dereference in the callback function, resulting in a crash CVE-2020-9759. An issue was discovered in WeeChat befor...
Updated sleuthkit packages fix security vulnerability
Updated sleuthkit packages fix security vulnerability: In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c CVE-2020-10232...
Updated glib2.0 packages fix security vulnerability
The updated packages fix a security vulnerability: GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is timing-dependent and may...
Updated ruby-rake packages fix security vulnerability
Updated ruby-rake package fixes security vulnerability: There is an OS command injection vulnerability in Rake 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character CVE-2020-8130...
Updated fontforge packages fix security vulnerabilities
FontForge 20190801 has a use-after-free in SFDGetFontMetaData in sfd.c CVE-2020-5395 FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines function in splinesave.c CVE-2020-5496...
Updated hunspell packages fix security vulnerability
Updated hunspell packages fix security vulnerability: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx CVE-2019-16707...
Updated libmirage packages fix security vulnerabilities
Updated libmirage packages fix security vulnerabilities: The CSO filter in libMirage in CDemu did not validate the part size, triggering a heap-based buffer overflow that could lead to root access by a local user CVE-2019-15540. NULL pointer dereference in the NRG parser CVE-2019-15757...
Updated sysstat packages fix security vulnerability
Updated sysstat package fixes security vulnerability: Memory corruption due to an integer overflow CVE-2019-16167...
Updated QT stack fix security vulnerability
This update provides the 5.12.6 QT stack maintenance release and fixes the following security issue: An out-of-bounds memory access in the generateDirectionalRuns function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an...
Updated libjpeg packages fix security vulnerability
The updated packages fix a security vulnerability: Several integer overflow issues and subsequent segfaults occur in libjpeg-turbo when attempting to compress or decompress gigapixel images. CVE-2019-2201...
Updated zeromq packages fix security vulnerability
A security vulnerability has been reported in libzmq/zeromq. a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer...
Updated chromium-browser-stable packages fix security vulnerabilities
Chromium-browser 77.0.3865.120 fixes security issues: Four use-after-free bugs were found in Chromium 77.0.3865.90: one in the IndexedDB component CVE-2019-13693, one in the WebRTC component CVE-2019-13694, one in the audio component CVE-2019-13695, and one in the V8 component CVE-2019-13696. A...
Updated e2fsprogs packages fix security vulnerability
Updated e2fsprogs packages fix security vulnerability: Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code CVE-2019-5094. The...
Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: A combination of parameters and permissions in smb.conf can allow user to escape from the share path definition CVE-2019-10197. An authenticated user can crash the Samba AD DC's RPC server process via a NULL pointer dereference CVE-2019-12435 A...
Updated kconfig packages fix security vulnerability
Updated kconfig packages fix security vulnerability: Dominik Penner discovered that KConfig supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file e.g. if it's embedded into a downloaded archive and it gets opened in a file...
Updated wavpack packages fix security vulnerabilities
Updated wavpack packages fixes security vulnerabilities: It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service CVE-2019-11498. Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An...
Updated microcode package fixes security vulnerability
Secure Encrypted Virtualization SEV on Advanced Micro DevicesAMD Platform Security Processor PSP; aka AMD Secure Processor or AMD-SP 0.17 build 11 and earlier has an insecure cryptographic implementation. This update provides Amd SEV Firmware to 0.17 build 22 CVE-2019-9836. It also updates the...
Updated thunderbird packages fix security vulnerabilities
The updated thunderbird packages fix some bugs and security vulnerabilities: Heap buffer overflow in icalparser.c. CVE-2019-11703 Heap buffer overflow in icalvalue.c. CVE-2019-11704 Stack buffer overflow in icalrecur.c. CVE-2019-11705 Type confusion in icalproperty.c. CVE-2019-11706...
Updated dovecot packages fix security vulnerability
CVE-2019-7524: Missing input buffer size validation leads into arbitrary buffer overflow when reading fts or pop3 uidl header from Dovecot index. Exploiting this requires direct write access to the index files...
Updated ming packages fix security vulnerability
The printDefineFont2 function util/listfdb.c in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file. CVE-2018-6358 There is a heap-based buffer overflow in the getString...
Updated pdns packages fix security vulnerability
Updated pdns packages fix security vulnerability: An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode without post=1 set, allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured...
Updated python-gnupg packages fix security vulnerability
When symmetric encryption is used, data can be injected through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt methods. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on th...
Updated flash-player-plugin packages fix security vulnerability
Information disclosure in the context of the current user. CVE-2019-7090...
Updated gitolite packages fixes security vulnerability
In commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P CVE-2018-20683...
Updated python-django packages fix security vulnerability
An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...
Updated krb5 packages fix security vulnerability
An authenticated user who can obtain a TGT using an older encryption type DES, DES3, or RC4 can cause an assertion failure in the KDC by sending an S4U2Self request CVE-2018-20217...
Updated dcraw packages fix security vulnerability
A NULL pointer dereference flaw was found in the way dcraw processed images. An attacker could potentially use this flaw to crash dcraw by tricking it into processing crafted images CVE-2018-5801...
Updated ldb, talloc, and samba packages fix security vulnerabilities
Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service CVE-2018-14629. Alex MacCuish discovered that a user with a valid certificate or smart card can crash the Samba AD DC's KDC when configured to accept smart-card...
Updated audiofile packages fix security vulnerabilities
A NULL pointer dereference in modules/ModuleState.cpp:ModuleState::setup allows for denial of service via crafted file CVE-2018-13440. A Heap-based buffer overflow was found in Expand3To4Module::run when running sfconvert CVE-2018-17095...
Updated clamav packages fix security vulnerability
The updated clamav packages fix a security vulnerability: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition on an affected device CVE-2018-15378...
Updated ansible packages fix security vulnerability
Ansible prior to 2.4.5 does not honor the nolog task flag for failed tasks. When the nolog flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user...
Updated corosync packages fix security vulnerability
An integer overflow leading to an out-of-bound read was found in authenticatenss23 in Corosync. An attacker could craft a malicious packet that would lead to a denial of service CVE-2018-1084...
Updated golang packages fix security vulnerability
A flaw was found in Go Lang. The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path get/vcs.go only checks for "://" anywhere in the string, which allows remote attackers to execute arbitrary OS commands via a crafted web site...
Updated perl packages fix security vulnerabilities
Brian Carpenter reported that a crafted regular expression could cause a heap buffer write overflow, with control over the bytes written CVE-2018-6797. Nguyen Duc Manh reported that matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially...
Updated python-pycrypto packages fix security vulnerability
The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes ...
Updated 389-ds-base packages fix CVE-2018-1054
389-ds-base has been updated to fix a security issue. A flaw was found in 389 Directory Server that affects all versions. An improper handling of the search feature with an extended filter, when read access on is enabled, in SetUnicodeStringFromUTF8 function in collate.c, can lead to out-of-bound...
Updated dovecot packages fix security vulnerability
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to...
Updated irssi packages fix security vulnerabilities
Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or opening malformed files, an attacker could use this issue to cause Irssi to crash, resulting in a denial of service CVE-2018-5205. Joseph Bisch discovered that...
Updated gdm packages fix security vulnerability
Updated gdm packages fix security vulnerability: A flaw was discovered in the gdm where gdm greeter was no longer setting the ranonce boolean during autologin. If autologin was enable for a victim, an attacker could simply select 'login as another user' to unlock their screen CVE-2017-12164...
Updated connman packages fix security vulnerability
Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service...
Updated mad packages fix security vulnerability
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file CVE-2017-8373. The madbitskip function in bit.c in Underbit...
Updated memcached packages fix security vulnerability
The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read CVE-2017-9951...