6007 matches found
Updated discover package fixes a security vulnerability
Discover fetches the description and related texts of some applications/plugins from store.kde.org. That text is displayed to the user, after turning into a clickable link any part of the text that looks like a link. This is done for any kind of link, be it smb:// nfs:// etc. when in fact it only...
Updated tpm2-tss packages fix a security vulnerability
FAPI PolicyPCR not instatiating correctly CVE-2020-24455. Note that all TPM object created with a PolicyPCR with the currentPcrs and currentPcrsAndBank options have been created with an incorrect policy that omits PCR checks. All such objects have to be recreated. The tpm2-tss package has been...
Updated libupnp packages fix security vulnerability
The updated packages fix a security vulnerability: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in...
Updated libntlm packages fix security vulnerability
Updated libntlm packages fix security vulnerability: It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in...
Updated jbig2dec packages fix security vulnerability
Updated jbig2dec packages fix security vulnerability: jbig2imagecompose in jbig2image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow CVE-2020-12268...
Updated libssh packages fix security vulnerability
Updated libssh packages fix security vulnerability: A malicious client or server could crash the counterpart implemented with libssh AES-CTR ciphers are used and don't get fully initialized. It will crash when it tries to cleanup the AES-CTR ciphers when closing the connection CVE-2020-1730...
Updated flash-player-plugin packages fix security vulnerability
Updated flash-player-plugin package fixes a security vulnerability: Type confusion that leads to arbitrary code execution in the context of the current user. CVE-2020-3757...
Updated libqb packages fix security vulnerability
Insecure treatment of IPC temporary files which could allow a local attacker to overwrite privileged system files CVE-2019-12779...
Updated makepasswd fix insecure default length of password
Updated makepasswd fix insecure default length of password By default, makepasswd generates password with a length between 6 to 8 characters 48 to 64bits. This update raise the default to 16 characters 128 bits. The length can be changed at runtime with the -l option...
Updated cyrus-imapd packages fix security vulnerability
Updated cyrus-imapd packages fix security vulnerability: It was discovered that the lmtpd component of the Cyrus IMAP server created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks CVE-2019-19783...
Updated jss packages fix security vulnerability
Updated jss packages fix security vulnerability: A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be...
Updated libidn2 packages fix security vulnerabilities
Updated libidn2 packages fix security vulnerabilities: It was discovered that Libidn2 incorrectly handled certain inputs. A attacker could possibly use this issue to impersonate domains CVE-2019-12290. It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly u...
Updated xpdf packages fix security vulnerability
The updated packages fix a security vulnerability: Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor. CVE-2019-17064...
Updated spamassassin packages fix security vulnerabilities
The updated packages fix security vulnerabilities: In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that...
Updated qbittorrent packages fix security vulnerability
In qBittorrent before 4.1.7, the function Application::runExternalProgram located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed...
Updated gnutls packages fix security vulnerability
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. CVE-2019-3829...
Updated python-marshmallow packages fix security vulnerability
In the marshmallow library before 2.15.1 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the "only" option, and there...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: '$wgRateLimits' entry for 'user' overrides 'newbie' CVE-2018-0503. When a log event is partially hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information CVE-2018-0504. BotPasswords can bypass CentralAuth's...
Updated mailman packages fix security vulnerability
Updated mailman package fixes security vulnerability: It was discovered that mailman prior to 2.1.29 mishandled URLs in Utils.py:GetPathPieces which allowed attackers to display arbitrary text on trusted sites CVE-2018-13796...
Updated flash-player-plugin packages fix security vulnerabilities
Updated flash-player-plugin packages fix security vulnerabilities: Out-of-bounds read that can lead to Information Disclosure CVE-2018-12824, CVE-2018-12826, CVE-2018-12827 Security bypass that can lead to Security Mitigation Bypass CVE-2018-12825 Use of a component with a known vulnerability can...
Updated flac packages fix security vulnerability
Memory leak in readmetadatavorbiscomment function could lead to denial of service CVE-2017-6888...
Updated freetype2 packages fix security vulnerability
Updated freetype2 packages fix security vulnerability: FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the ttsizereset function in truetype/ttobjs.c CVE-2017-7864...
Updated php-smarty packages fix security vulnerability
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template nameCVE-2017-1000480...
Updated gifsicle package fixes security vulnerability
It was discovered that gifsicle contained a flaw that could lead to arbitrary code execution CVE-2017-1000421...
Updated git packages fix security vulnerability
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service memory consumption via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to...
Updated bchunk package fixes security vulnerabilities
bchunk related to BinChunker 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE .cue file. CVE-2017-15953 bchunk related to BinChunker 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow with a resultant invalid free and crash when...
Updated x11-server packages fix security vulnerabilities & bugs
The upstream 1.19.4 update we pushed as: http://advisories.mageia.org/MGASA-2017-0366.html introduced a regression in PRIME syncronization. Upstream released a 1.19.5 that fixes that and a lot of security fixes: CVE-2017-12176 to CVE-2017-12187 Also added a fix for "XShmGetImage: fix censoring"...
Updated upx package fixes security vulnerability
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack CVE-2017-15056...
Updated samba packages fix security vulnerability
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network servers or perform other attacks CVE-2017-11103. The samba package has been updated...
Updated freeradius packages fix security vulnerabilities
Fuzz testing of freeradius found multiple vulnerabilites that resulted in either the potential for remote code execution or a possible denial of service except for CVE-2017-10988 which was later determined to not actually result in any vulnerability...
Updated smb4k packages fix security vulnerability
Smb4k contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run. This allows calling any other binary as root since the mount helper is typically installed as suid CVE-2017-8849...
Updated audiofile packages fix security vulnerabilities
Several vulnerabilities have been discovered in the audiofile library, which may result in denial of service or the execution of arbitrary code if a malformed audio file is processed CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833,...
Updated flash-player-plugin package fixes security vulnerability
This update fixes the following critical security issues: use-after-free vulnerabilities that could lead to code execution CVE-2017-3058, CVE-2017-3059, CVE-2017-3062, CVE-2017-3063. memory corruption vulnerabilities that could lead to code execution CVE-2017-3060, CVE-2017-3061, CVE-2017-3064...
Updated teeworlds package fixes security vulnerability
A security vulnerability was found in the Teeworlds client logic that could enable remote code execution on the client by malicious servers CVE-2016-9400. This maintenance release fixes it...
Updated openslp packages fix security vulnerability
A memory corruption bug was present in openslp due to lack of bounds checking in SLPFoldWhiteSpace CVE-2016-7567...
Updated squidguard packages fix security vulnerability
The squidGuard.cgi program is vulnerable to a reflected cross site scripting vulnerability in the blocking script squidGuard.cgi. The vulnerability is triggered when a user clicks a link to a blocked site where the url has scripting instructions added CVE-2015-8936. In Mageia's squidguard package...
Updated iperf packages fix security vulnerability
A malicious process can connect to an iperf server and, by sending a malformed message on the control channel, corrupt the server process's heap area. This can lead to a crash and a denial of service, or theoretically a remote code execution as the user running the iperf server. A malicious iperf...
Updated networkmanager packages fix CVE-2016-0764
Updated networkmanager package fixes security vulnerability: NetworkManager before 1.0.12 is vulnerable to a race condition that could lead to a local information leak CVE-2016-0764. The networkmanager package has been updated to version 1.0.12, which fixes this issue and several other bugs. See...
Updated php-ZendFramework2 packages fix CVE-2015-7503
Updated php-ZendFramework2 packages fix security vulnerability: Zend\Crypt\PublicKey\Rsa\PublicKey has a call to opensslpublicencrypt which uses PHP's default $padding argument, which specifies OPENSSLPKCS1PADDING, indicating usage of PKCS1v1.5 padding. This padding has a known vulnerability, the...
Updated dosfstools packages fix security vulnerabilities
Updated dosfstools package fixes security vulnerabilities: In dosfstools before 4.0, if the third to last entry was written on a FAT12 filesystem with an odd number of clusters, the second to last entry would be corrupted. This corruption may also lead to invalid memory accesses when the corrupte...
Updated asterisk packages fix CVE-2016-2316
Updated asterisk packages fix security vulnerability: chansip in Asterisk Open Source 11.x before 11.21.1, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service file descriptor consumption via vectors related to large...
Updated privoxy packages fix security vulnerabilities
This update fixes two denial-of-service vulnerabilities that have been discovered in privoxy 3.0.23: The removechunkedtransfercoding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service invalid read and crash via crafted chunk-encoded content...
Updated chrony packages fix security vulnerability
In chrony before 1.31.2, when used with symmetric key encryption, the client would accept packets encrypted with keys for any configured server, allowing a server to impersonate other servers to clients, thus performing a man-in-the-middle attack CVE-2016-1567...
Updated openafs packages fix security vulnerabilities
Updated openafs packages fix security vulnerabilities: When constructing an Rx acknowledgment ACK packet, Andrew-derived Rx implementations do not initialize three octets of data that are padding in the C language structure and were inadvertently included in the wire protocol CVE-2015-7762...
Updated vlc packages fix security vulnerability
Loren Maggiore of Trail of Bits discovered that the 3GP parser of VLC, a multimedia player and streamer, could dereference an arbitrary pointer due to insufficient restrictions on a writable buffer. This could allow remote attackers to execute arbitrary code via crafted 3GP files CVE-2015-5949...
Updated libunwind package fixes security vulnerability
An invalid DWOPbregXX opcodes can access dwarftounwregnummap one item past the end CVE-2015-3239...
Updated python-tornado package fixes security vulnerability
Security fixes CVE-2014-9720 The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by ...
Updated novnc packages fix CVE-2013-7436
Updated novnc package fixes security vulnerability: noVNC before 0.5.1 allows an attacker to steal insecurely set session token cookies, hijacking active or inactive VNC sessions CVE-2013-7436...
Updated sympa packages fix CVE-2015-1306
Updated sympa packages fix security vulnerability: A vulnerability have been discovered in Sympa web interface that allows access to files on the server filesystem. This breach allows to send to a list or a user any file readable by the Sympa user, located on the server filesystem, using the Symp...
Updated libjpeg packages fix security vulnerability
Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack smashing CVE-2014-9092...