6007 matches found
Updated leptonica packages fix security vulnerabilities
Package leptonica has been updated to the current stable version 1.75.3 which fixes: CVE-2018-7186 - multiple stack-based buffer overflows in gplotRead and ptaReadStream CVE-2018-7247 - a buffer overflow in src/viewfiles.c with unsanitized input rootname...
Updated leptonica packages fix a security vulnerability
Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...
Updated flash-player-plugin package fixes security vulnerability
Adobe Flash Player 28.0.0.137 addresses an important out-of-bounds read vulnerability that could lead to information exposure CVE-2018-4871...
Updated gnome-shell packages fix security vulnerability
gnome-shell through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications but not interact with them, see information from the extensions e.g., what applications you have open...
Updated rsync package fixes security vulnerability
The receivexattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact by sendi...
Updated libwmf packages fix security vulnerability
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. CVE-2017-6362...
Updated mpg123 packages fix security vulnerabilities
mpg123 version 1.25.6 fix two buffer overflows, and several other non-security bugs...
Updated libgxps packages fix security vulnerability
There is a NULL pointer dereference in the caselesshash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a denial of service attack CVE-2017-11590...
Updated perl-SOAP-Lite packages fix security vulnerability
It was discovered that there was a "Billion Laughs" 0 XML expansion vulnerability in SOAP::Lite CVE-2015-8978...
Updated libtasn1 packages fix security vulnerability
Jakub Jirasek of Secunia Research discovered that libtasn1 did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into processing a maliciously crafted assignments file CVE-2017-6891...
Updated wget packages fix security vulnerability
Wget up untill version 1.19.1 does not ensure control characters are not used in the hostname part of a url. This security update rejects control characters in host part of a url...
Updated putty packages fix security vulnerability
In PuTTY before 0.68, if SSH agent forwarding is enabled, local attackers that are also able to connect to the UNIX domain socket could have overwritten heap data CVE-2017-6542...
Updated mbedtls packages fix security vulnerability
In mbedTLS before 1.3.19, if a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an attacker can cause the server or client to attempt to free block of memory held on stack. Depending on the platform, this could result in a Denial of Service client crash or...
Updated tnef packages fix security vulnerability
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker. CVE-2017-6307 An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can le...
Updated php-tcpdf packages fix security vulnerability
A local file inclusion vulnerability in TCPDF allows to upload files from the server generating PDF files to an external FTP server CVE-2017-6100. The updated php-tcpdf-6.0.098-1.1.mga5 package fixes this issue by setting KTCPDFCALLSINHTML configuration parameter to false by default...
Updated python-bottle packages fix security vulnerability
redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call. CVE-2016-9964...
Updated libpng and libpng12 packages fix security vulnerability
This security update fixes a NULL pointer dereference bug in libpng and libpng12 CVE-2016-10087...
Applications using libtorrent-rasterbar are vulnerable to denial of service
Applications using libtorrent-rasterbar are vulnerable to denial of service. An attacker-controlled torrent tracker can crash victim torrent clients by sending malformed GZIP responses CVE-2016-7164...
Updated redis packages fix security vulnerability
It was discovered that redis did not properly protect redis-cli history files; they were created by default with world-readable permissions CVE-2013-7458...
Updated mupdf packages fix security vulnerability
Use-after-free issue in mupdf in pdfloadxref can cause a denial of service CVE-2016-6265...
Updated libvirt packages fix security vulnerabilities
Updated libvirt packages fix security vulnerability: Vivian Zhang and Christoph Anton Mitterer discovered that setting an empty VNC password does not work as documented in Libvirt, a virtualisation abstraction library. When the password on a VNC server is set to the empty string, authentication o...
Updated gimp packages fix security vulnerability
It was discovered that there was a use-after-free vulnerability in the channel and layer properties parsing process in GIMP CVE-2016-4994...
Updated openslp packages fix security vulnerability
A null pointer dereference vulnerability was found in function xrealloc in xlspxmalloc.c in OpenSLP. A remote attacker could potentially crash the server when large number of packets are sent CVE-2016-4912...
Updated botan packages fix security vulnerabilities
Updated botan packages fix security vulnerabilities: During RSA decryption, how long decoding of PKCS 1 v1.5 padding took was input dependent. If these differences could be measured by an attacker, it could be used to mount a Bleichenbacher million-message attack CVE-2015-7827. ECDSA and DSA...
Updated quagga packages fix security vulnerability
A vulnerability was found in a way VPNv4 NLRI parser copied packet data to the stack. Memcpy to stack data structure based on length field from packet data whose length field upper-bound was not properly checked CVE-2016-2342...
Updated thunar packages fix CVE-2013-7447
Updated thunar packages fix security vulnerability: Due to a logic error, an attempt to allocate a large block of memory fails in thunargdkcairosetsurface, leading to a crash of thunar CVE-2013-7447...
Updated radicale packages fix CVE-2015-8748
Updated radicale package fixes security vulnerabilities: If an attacker is able to authenticate with a user name like .', he can bypass read/write limitations imposed by regex-based rules, including the built-in rules ownerwrite' read for everybody, write for the calendar owner and owneronly' rea...
Updated cgit packages fix security vulnerability
Reflected Cross Site Scripting and Header Injection in Mimetype Query String in cgit before 0.12 CVE-2016-1899. Stored Cross Site Scripting and Header Injection in Filename Parameter in cgit before 0.12 CVE-2016-1900. Integer Overflow resulting in Buffer Overflow in cgit before 0.12 CVE-2016-1901...
Updated claws-mail packages fix security vulnerability
no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...
Updated gnupg packages fix security vulnerabilities
Updated gnupg and gnupg2 packages fix security vulnerabilities: Hanno Böck discovered that GnuPG incorrectly handled certain malformed keyrings. If a user or automated system were tricked into opening a malformed keyring, a remote attacker could use this issue to cause GnuPG to crash, resulting i...
Updated squid packages fix CVE-2015-5400
Updated squid packages fix security vulnerability: Alex Rousskov discovered that Squid configured with cachepeer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients to bypass security in an explicit...
Updated jsoup package fixes security vulnerability
Jsoup before 1.8.3 was vulnerable to a possible XSS issue in the validator, related to how it handled tags without a closing '' when reaching EOF CVE-2015-6748...
Updated libuser package fixes security vulnerabilities
Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...
Updated p7zip package fixes security vulnerability
Alexander Cherepanov discovered that p7zip is susceptible to a directory traversal vulnerability. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries. This can be exploited by a rogue archive to write files outside the current...
Updated xbmc packages fix CVE-2015-3885
Updated xbmc package fixes security vulnerability: The dcraw tool suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A maliciously crafted raw ima...
Updated perl-DBD-Firebird packages fix CVE-2015-2788
Updated perl-DBD-Firebird packages fix security vulnerability: Stefan Roas discovered a way to cause a buffer overflow in DBD::FireBird in certain error conditions, due to the use of the sprintf function to write to a fixed-size memory buffer CVE-2015-2788...
Updated shibboleth-sp packages fix CVE-2015-2684
Updated shibboleth-sp package fixes security vulnerability: A denial of service vulnerability was found in the Shibboleth Service Provider. When processing certain malformed SAML message generated by an authenticated attacker, the daemon could crash CVE-2015-2684...
Updated xerces-c packages fix security vulnerabilities
Updated xerces-c packages fix security vulnerability: Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c. The parser mishandles certain kinds of malformed input documents, resulting in a...
Updated libtasn1 packages fix CVE-2015-2806
Updated libtasn1 packages fix security vulnerability: The libtasn1 library before version 4.4 is vulnerable to a two-byte stack overflow in asn1derdecoding CVE-2015-2806...
Updated e2fsprogs packages fix CVE-2015-1572
Updated e2fsprogs packages fix security vulnerability: The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to...
Updated tomcat packages fix CVE-2014-0227
Updated tomcat packages fix security vulnerability: In Apache Tomcat 7.x before 7.0.55, it was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request CVE-2014-0227...
Updated vorbis-tools package fixes security vulnerability
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file CVE-2014-9640...
Updated elfutils packages fix CVE-2014-9447
Updated elfutils packages fix security vulnerability: Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
Updated gnome-shell and gnome-settings-daemon packages fix security vulnerability
The lock screen in gnome-shell does not disable taking screenshots via the Print Screen key, and several consecutive screenshot requests can trigger an out-of-memory situation, causing the lock screen to be killed, thus allowing it to be bypassed CVE-2014-7300...
Updated geary package fixes security vulnerability
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate CVE-2014-5444...
Updated graphicsmagick packages fix CVE-2014-1947
Updated graphicsmagick packages fix security vulnerability: A buffer overflow flaw was found in the way GraphicsMagick writes PSD images when the input data has a large number of layers. Due to the compilation options used in Mageia, the buffer overflow is reduced to a crash, making this a denial...
Updated readline packages fix security vulnerability
Steve Kemp discovered the rltropen function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks CVE-2014-2524. Also, upstream patches have been added to fix an infinite loop in vi input mode, and to fix an issue with slowness when...
Updated samba packages fix multiple vulnerabilities
Updated samba packages fix security vulnerabilities: Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial...
Updated mediawiki packages fix security vulnerability
XSS vulnerability in MediaWiki before 1.22.7, due to usernames on Special:PasswordReset being parsed as wikitext. The username on Special:PasswordReset can be supplied by anyone and will be parsed with wgRawHtml enabled. Since Special:PasswordReset is whitelisted by default on private wikis, this...
Updated cifs-utils packages fix CVE-2014-2830
Updated cifs-utils packages fix security vulnerability: Sebastian Krahmer discovered a stack-based buffer overflow flaw in cifscreds.c CVE-2014-2830...