6007 matches found
Updated vorbis-tools package fixes security vulnerability
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file CVE-2014-9640...
Updated elfutils packages fix CVE-2014-9447
Updated elfutils packages fix security vulnerability: Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
Updated gnome-shell and gnome-settings-daemon packages fix security vulnerability
The lock screen in gnome-shell does not disable taking screenshots via the Print Screen key, and several consecutive screenshot requests can trigger an out-of-memory situation, causing the lock screen to be killed, thus allowing it to be bypassed CVE-2014-7300...
Updated geary package fixes security vulnerability
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate CVE-2014-5444...
Updated graphicsmagick packages fix CVE-2014-1947
Updated graphicsmagick packages fix security vulnerability: A buffer overflow flaw was found in the way GraphicsMagick writes PSD images when the input data has a large number of layers. Due to the compilation options used in Mageia, the buffer overflow is reduced to a crash, making this a denial...
Updated samba packages fix multiple vulnerabilities
Updated samba packages fix security vulnerabilities: Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial...
Updated mediawiki packages fix security vulnerability
XSS vulnerability in MediaWiki before 1.22.7, due to usernames on Special:PasswordReset being parsed as wikitext. The username on Special:PasswordReset can be supplied by anyone and will be parsed with wgRawHtml enabled. Since Special:PasswordReset is whitelisted by default on private wikis, this...
Updated cifs-utils packages fix CVE-2014-2830
Updated cifs-utils packages fix security vulnerability: Sebastian Krahmer discovered a stack-based buffer overflow flaw in cifscreds.c CVE-2014-2830...
Updated mediawiki packages fix security vulnerability
Updated mediawiki packages fix security vulnerability: XSS vulnerability in MediaWiki before 1.22.6, where if the default sort key is set to a string containing a script, the script will be executed when the page is viewed using the info action CVE-2014-2853...
Updated 389-ds-base package fixes security vulnerability
It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This...
Updated stunnel package fixes security vulnerability
A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset...
Updated imapsync packages fix an information disclosure
Updated imapsync package fixes security vulnerability: Imapsync, by default, runs a "release check" when executed, which causes imapsync to connect to http://imapsync.lamiral.info and send information about the version of imapsync, the operating system and perl CVE-2013-4279. The imapsync package...
Updated socat package fixes security vulnerability
Due to a missing check in socat before 2.0.0-b7 during assembly of the HTTP request line, a long target server name in the documentation in the PROXY-CONNECT address can cause a stack buffer overrun. Exploitation requires that the attacker is able to provide the target server name to the...
Updated libxfont packages fix security vulnerability
Updated libxfont packages fix security vulnerability: It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts BDF could result in the execution of arbitrary code CVE-2013-6462...
Updated wireshark packages fix multiple vulnerabilities
Updated wireshark packages fix security vulnerabilities: The IEEE 802.15.4 dissector could crash CVE-2013-6336. The NBAP dissector could crash CVE-2013-6337. The SIP dissector could crash CVE-2013-6338. The OpenWire dissector could go into a large loop CVE-2013-6339. The TCP dissector could crash...
Updated chromium-browser-stable packages fix multiple vulnerabilities
Updated chromium-browser-stable packages fix security vulnerabilities: Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP request implementation CVE-2013-2925. cloudfuzzer discovered a use-after-free issue in the list indenting implementation CVE-2013-2926. cloudfuzzer...
Updated python-oauth2 packages fix CVE-2013-4347
It was found that in python-oauth2, an application for authorization flows for web applications, the nonce value generated isn't sufficiently random. While doing bulk operations the nonce might be repeated, so there is a chance of predictability. This could allow MITM attackers to conduct replay...
Updated torque packages fix CVE-2013-4319
Updated torque package fixes security vulnerability: A non-priviledged user who was able to run jobs or login to a node which ran pbsserver or pbsmom, could submit arbitrary jobs to a pbsmom daemon to queue and run the job, which would run as root CVE-2013-4319...
Updated libraw packages fix security vulnerabilities
Updated libraw packages fix security vulnerabilities: It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of servi...
Updated subversion package fixes security vulnerability.
svnserve takes a --pid-file option which creates a file containing the process id it is running as. It does not take steps to ensure that the file it has been directed at is not a symlink. If the pid file is in a directory writeable by unprivileged users, the destination could be replaced by a...
Updated sssd packages fix security vulnerability
A TOCTOU time-of-check time-of-use race condition was found in the way SSSD, System Security Services Daemon, performed copying and removal of user directory trees.A local attacker, with permissions to write into directory of the victim, being actively / currently copied / removed via the sssd...
Updated libraw packages fix security vulnerability
A double-free error exits when handling damaged full-color within Foveon and sRAW files in libraw before 0.15.2 CVE-2013-2126...
Updated apache packages fix security vulnerabilities
HTTP response splitting. CVE-2024-42516 SSRF with modheaders setting Content-Type header. CVE-2024-43204 modssl error log variable escaping. CVE-2024-47252 modproxyhttp2 denial of service. CVE-2025-49630 modssl access control bypass with session resumption. CVE-2025-23048 modssl TLS upgrade attac...
Updated ruby packages fix security vulnerabilities
Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it...
Updated dropbear packages fix security vulnerability
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used...
Updated thunderbird packages fix security vulnerabilities
Process isolation bypass using "javascript:" URI links in cross-origin frames. CVE-2025-4083 Unsafe attribute access during XPath parsing. CVE-2025-4087 Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. CVE-2025-4091 Memory safety bug fixed in...
Updated chromium-browser-stable packages fix security vulnerability
Use after free in Lens. CVE-2025-2476...
Updated opensc packages fix security vulnerabilities
Heap buffer overflow in openpgp driver when generating key. CVE-2024-8443 Usage of uninitialized values in libopensc and pkcs15init. CVE-2024-45615 Uninitialized values after incorrect check or usage of apdu response values in libopensc. CVE-2024-45616 Uninitialized values after incorrect or...
Updated ffmpeg packages fix security vulnerability
FFmpeg n7.0 is affected by a Double Free via the rkmppretrieveframe function within libavcodec/rkmppdec.c. CVE-2024-35368...
Updated socat packages fix security vulnerability
CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory in socat readline.sh...
Updated firefox firefox-l10n packages fix security vulnerabilities
The updated packages fix a security vulnerability: Use-after-free in Animation timeline. CVE-2024-9680 We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...
Updated tcpreplay package fix security vulnerability
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclose...
Updated expat packages fix security vulnerabilities
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
Updated tomcat packages fix security vulnerability
Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of...
Updated znc packages fix security vulnerability
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. CVE-2024-39844...
Updated erofs-utils packages fix security vulnerabilities
Heap Buffer Overflow in the erofsfsckdirentiter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image...
Updated postgresql15 & postgresql13 packages fix security vulnerability
Restrict visibility of pgstatsext and pgstatsextexprs entries to the table owner. CVE-2024-4317...
Updated screen packages fix security vulnerability
The updated package fixes a security vulnerability: socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the...
Updated connman packages fix security vulnerability
client.c in gdhcp in ConnMan could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process. CVE-2023-28488...
Updated freeimage packages fix security vulnerability
Buffer Overflow vulnerability leading to denial of service via a crafted JXR file. CVE-2021-33367...
Updated rootcerts packages fix security vulnerability
Set CKANSSSERVERDISTRUSTAFTER and CKANSSEMAILDISTRUSTAFTER for 3 TrustCor Root Certificates. r=KathleenWilson...
Updated gimp packages fix security vulnerability
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS. CVE-2022-32990...
Updated osmo packages fix security vulnerability
Phishing website URL removed from package spec file and replaced with new official site link...
Updated python-django-registration packages fix security vulnerability
Sensitive data could be included in error reports CVE-2021-21416...
Updated sphinx packages fix security vulnerability
It was found that sphinx could allow arbitrary files to be read by abusing a configuration option. CVE-2020-29050...
Updated thunderbird packages fix security vulnerability
Crafted email could trigger an out-of-bounds write. CVE-2022-0566...
Updated toxcore packages fix security vulnerability
stack-based buffer overflow in handlerequest in DHT.c CVE-2021-44847...
Updated hivex packages fix security vulnerability
Fixes limit recursion in ri-records. CVE-2021-3622...
Updated fail2ban packages fix security vulnerability
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...
Updated libgd packages fix security vulnerability
The updated packages fix a security vulnerability: The GD Graphics Library aka LibGD through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks CVE-2021-40812...