6011 matches found
Updated perl-Email-MIME and perl-Email-MIME-ContentType packages fix security vulnerability
Messages with too many tiny nested MIME parts can lead to memory exhaustion on split, resulting in denial of service rhbz1835353 This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts...
Updated db53 packages fix a security vulnerability
Vulnerability in the Data Store component of Oracle Berkeley DB. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks of this vulnerability can result in...
Updated nvidia-current packages fix security vulnerabilities
NVIDIA GPU Display Driver Linux contains a vulnerability in the kernel mode layer nvidia.ko IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure CVE‑2021‑1052. NVIDIA GPU Display Driver for...
Updated mbedtls packages fix security vulnerabilities
This update provides security bug fixes and minor enhancements. Limit the size of calculations performed by mbedtlsmpiexpmod to MBEDTLSMPIMAXSIZE to prevent a potential denial of service when generating Diffie-Hellman key pairs. A failure of the random generator was ignored in mbedtlsmpifillrando...
Updated ark packages fix security vulnerability
A maliciously crafted TAR archive containing symlink entries would install files anywhere in the user's home directory upon extraction CVE-2020-24654...
Updated viewvc packages fix security vulnerability
Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted...
Updated wireshark packages fix security vulnerability
Updated wireshark packages fix security vulnerability: ASN.1 BER and related dissectors crash CVE-2019-13619...
Updated tcpdump package fixes security vulnerability
Fixed a stack-based buffer over-read in the printprefix function CVE-2018-19519...
Updated soundtouch packages fix security vulnerabilities
Assertion failure in BPMDetect class in BPMDetect.cpp CVE-2018-17096. Out-of-bounds heap write in WavOutFile::write CVE-2018-17097. Heap corruption in WavFileBase class in WavFile.cpp CVE-2018-17098...
Updated librelp packages fix security vulnerability
librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending ...
Updated graphite2 packages fix security vulnerability
NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...
Updated freeplane packages fix security vulnerability
Wojciech Regula discovered an XML External Entity vulnerability in the XML Parser of the mindmap loader in freeplane, a Java program for working with mind maps, resulting in potential information disclosure if a malicious mind map file is opened CVE-2018-1000069...
Updated libplist packages fix security vulnerability
The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data CVE-2017-5209. The main function in plistutil.c in libimobiledevice libplist allowed attackers to...
Updated heimdal packages fix security vulnerability
Michael Eder and Thomas Kittel discovered that Heimdal did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service crash of the KDC daemon by sending maliciously crafted packets CVE-2017-17439...
Updated evince packages fix security vulnerability
It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code CVE-2017-1000159...
Updated flightgear packages fix security vulnerability
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. Mageia provides 2017.3.1 version as a security and bugfix update, allowing to connect to latest multiplayer serve...
Updated libgcrypt packages fix security vulnerability
It was discovered that libgcrypt is prone to a local side-channel attack against the ECDH encryption with Curve25519, allowing recovery of the private key...
Updated R-base packages fix security vulnerability
Cory Duplantis discovered a buffer overflow in the R programming language. A malformed encoding file may lead to the execution of arbitrary code during PDF generation CVE-2016-8714...
Updated sudo packages fix security vulnerability
A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367...
Updated libsndfile packages fix security vulnerability
In libsndfile, an error in the "aiffreadchanmap" function aiff.c can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file CVE-2017-6892...
Updated pcmanfm packages fix security vulnerability
PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability. CVE-2017-8934...
Updated lxterminal package fixes security vulnerability
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service preventing terminal launch, or possibly have other impact bypassing terminal access control. CVE-2016-10369...
Updated 389-ds-base packages fix security vulnerability
An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. CVE-2017-2668...
Updated potrace packages fix security vulnerability
The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service invalid memory access and crash via a crafted BMP image. CVE-2016-8685 The bmnew function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image,...
Updated calibre packages fix security vulnerability
Newer devices like Kobo Aura HD requires newer versions of calibre for their new firmwares. Current calibre package does not support them. Also, our current calibre packages in both core and backports repositories have a security issue CVE-2016-10187. Newer versions of calibre 2.75.0 + fixes this...
Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
Updated libcryptopp packages fix security vulnerability
When Crypto++ library parses an ASN.1 data value, the library allocates for the content octets based on the length octets. Later, if there's too few or too little content octets, the library throws a BERDecodeErr exception. The memory for the content octets will be zeroized even if unused, which...
Updated monit packages fix security vulnerability
The forms in Monit's Service Manager are vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host, disable/enable monitoring for a specific service CVE-2016-7067...
Updated python-twisted-web packages fix a security vulnerability
It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...
Updated libidn packages fix security vulnerability
Out-of-bounds stack read in libidn before 1.33 in idnatoascii4i CVE-2016-6261. Out-of-bounds-read in libidn when reading one zero byte as input CVE-2015-8948, CVE-2016-6262. In libidn before 1.33, stringpreputf8nfkcnormalize would crash when presented with invalid UTF-8 CVE-2016-6263...
Updated libimobiledevice packages fix CVE-2016-5104
Updated libimobiledevice and usbmuxd package fixes security vulnerability: The libimobiledevice and libusbmuxd libraries open a socket that listens on all available network interfaces, rather than just the loopback interface as was intended CVE-2016-5104...
Updated vlc/mad packages fix security vulnerability
A vulnerability was found in processing QuickTime IMA files. VLC does not check that the number of channels in the input stream is less than or equal to the size of the buffer, resulting in an out-of-bounds write potential for remote code execution via a malicious media file CVE-2016-5108. The vl...
Updated libcryptopp packages fix CVE-2016-3995
Updated libcryptopp packages fix security vulnerability: In libcryptopp, for both Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock there is some code to avoid timing attacks, however it is removed by the compiler due to optimizations, making the binary vulnerable to timing...
Updated openafs packages fix security vulnerability
In OpenAFS before 1.6.17, users from foreign Kerberos realms can create groups as if they were administrators CVE-2016-2860. In OpenAFS before 1.6.17, information leakage over the network due to uninitialized memory CVE-2016-4536...
Updated claws-mail packages fix CVE-2015-8708
Updated claws-mail fix security vulnerabilities A stack-based buffer overflow has been found in conveuctojis after applying incomplete patch for CVE-2015-8614. In conveuctojis the comparison is with outlen - 3, but each pass through the loop uses up to 5 bytes and the rest of the function may add...
Updated python-rsa packages fix security vulnerability
A signature forgery vulnerability in python-rsa allows an attacker to fake signatures for arbitrary messages for any key with a low exponent "e", such as the common value of 3 CVE-2016-1494...
Updated perl-HTML-Scrubber packages fix CVE-2015-5667
Updated perl-HTML-Scrubber package fixes security vulnerability: Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...
Updated python-curl packages fix security vulnerability
A use-after-free vulnerability was found in Curl object's HTTPPOST setopt when a Unicode value is passed as a value with a FORMBUFFERPTR. The str object created from the passed in unicode object would have its buffer used but the unicode object would be stored instead of the str object rhbz127748...
Updated libvdpau packages fix security vulnerabilities
Updated libvdpau packages fix security vulnerabilities: libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files CVE-2015-5198...
Updated screen packages fix CVE-2015-6806
Updated screen package fixes security vulnerability: A vulnerability was found in screen causing a stack overflow which results in crashing the screen server process, resulting in denial of service CVE-2015-6806...
Updated maradns packages fix a security vulnerability
maradns versions prior to 1.4.16 are vulnerable to a DoS-vulnerability through which a malicious authorative DNS-server can cause an infinite chain of referrals. For further details on the vulnerability, see references...
Updated vorbis-tools packages fix security vulnerabilities
Updated vorbis-tools package fixes security vulnerabilities: oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero CVE-2014-9638. Integer overflow in oggenc in vorbis-tools 1.4.0 allo...
Updated coreutils packages fix CVE-2014-9471
Updated coreutils packages fix security vulnerability: Bertrand Jacquin and Fiedler Roman discovered date and touch incorrectly handled user-supplied input. An attacker could possibly use this to cause a denial of service or potentially execute code CVE-2014-9471...
Updated pwgen package fixes security vulnerabilities
Updated pwgen package fixes security vulnerabilities: Pwgen was found to generate weak non-tty passwords by default, which could be brute-forced with a commendable success rate, which could raise security concerns CVE-2013-4440. Pwgen was found to silently falling back to use standard pseudo...
Updated getmail package fixes security vulnerabilities
The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate CVE-2014-7273. The IMAP-over-SSL implementation in getmai...
Updated quassel packages fix security vulnerability
Due to and out-of-bounds read issue in Quassel core in The ECB Blowfish decryption function, a malicious client can cause either denial of service or disclosure of information from process memory by using an improperly formed message CVE-2014-8483...
Updated php-pear-CAS packages fix CVE-2014-4172
Updated php-pear-CAS packages fix security vulnerabilities: A flaw in php-pear-CAS before 1.3.3, utilized by Moodle, has been found which could potentially allow unauthorised access and privilege escalation CVE-2014-4172...
Updated firefox & thunderbird packages fix security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
Updated tor package fixes security vulnerability
Tor before 0.2.4.23 maintains a circuit after an inbound RELAYEARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAYEARLY cells as a means of communicating information about hidden service name...
Updated couchdb packages fix CVE-2014-2668
Updated couchdb packages fix security vulnerability: Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via the count parameter to /uuids CVE-2014-2668...