6011 matches found
Updated quassel packages fix CVE-2015-3427
Updated quassel packages fix security vulnerability: Quassel is vulnerable to SQL injection through its use of Qt's postgres driver. If the PostgreSQL server is restarted or the connection is lost at any point, other IRC users may be able to trick the Quassel core into executing SQL queries upon...
Updated kernel-linus package fixes security vulnerabilities
This kernel-linus update is based on upstream -longterm 3.14.39 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with acce...
Updated kernel package fixes security vulnerabilities
This kernel update is based on upstream -longterm 3.14.39 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access to ...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: Buffer Over-read in unserialize when parsing Phar CVE-2015-2783. Buffer Overflow when parsing tar/zip/phar in pharsetinode CVE-2015-3329. Potential remote code execution with apache 2.4 apache2handler CVE-2015-3330. PHP has been updated to versio...
Updated wordpress packages fix security vulnerabilities
Updated wordpress packages fixes security vulnerabilities: The wordpress package has been updated to version 3.9.4, which fixes several security issues, including a cross-site scripting issue which can be exploited by remote unauthenticated users...
Updated chrony packages fix security vulnerabilities
Updated chrony package fixes security vulnerabilities: Using particular address/subnet pairs when configuring access control would cause an invalid memory write. This could allow attackers to cause a denial of service crash or execute arbitrary code CVE-2015-1821. When allocating memory to save...
Updated lftp packages fix CVE-2014-0139
Updated lftp packages fix security vulnerability: lftp incorrectly validates wildcard SSL certificates containing literal IP addresses, so under certain conditions, it would allow and use a wildcard match specified in the CN field, allowing a malicious server to participate in a MITM attack or ju...
Updated ntop packages fix CVE-2014-4165
Updated ntop package fixes security vulnerability: Lack of filtering in the title parameter of links to rrdPlugin allowed cross-site-scripting XSS attacks against users of the web interface CVE-2014-4165...
Updated chromium-browser-stable packages fix security vulnerabilities
Chromium-browser 42.0.2311.90 fixes several security issues, among others a cross-origin-bypass in HTML parser CVE-2015-1235, a cross-origin-bypass in Blink CVE-2015-1236, a use-after-free in IPC CVE-2015-1237, an out-of-bounds write in Skia CVE-2015-1238, an out-of-bounds read in WebGL...
Updated setup packages fix security vulnerabilities
Updated setup package fixes security issue An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes this issue by enforcing that...
Updated t1utils packages fix security vulnerabilities
Updated t1utils package fixes security vulnerabilities: The t1utils package has been updated to version 1.39, which fixes a buffer overrun, infinite loop, and stack overflow in t1disasm...
Updated libksba packages fix security vulnerabilities
The libksba package has been updated to version 1.3.3, which fixes an integer overflow in the DN decoder and a couple of other minor bugs...
Updated potrace packages fix CVE-2013-7437
Updated potrace packages fix security vulnerability: Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow CVE-2013-7437...
Updated perl-Module-Signature packages fix security vulnerabilities
Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey: Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying t...
Updated perl-DBD-Firebird packages fix CVE-2015-2788
Updated perl-DBD-Firebird packages fix security vulnerability: Stefan Roas discovered a way to cause a buffer overflow in DBD::FireBird in certain error conditions, due to the use of the sprintf function to write to a fixed-size memory buffer CVE-2015-2788...
Updated java-1.7.0-openjdk packages fix security vulnerabilities
Updated java-1.7.0 packages fix security vulnerabilities: An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrust...
Updated python-dulwich packages fix security vulnerabilities
Updated python-dulwich package fixes security vulnerabilities: It was discovered that Dulwich allows writing to files under .git/ when checking out working trees. This could lead to the execution of arbitrary code with the privileges of the user running an application based on Dulwich...
Updated mono packages fix security vulnerabilities
A TLS impersonation attack was discovered in Mono's TLS stack by researchers at Inria CVE-2015-2318. During checks on the TLS stack, they have discovered two further issues which have been fixed, a vulnerability to a protocol downgrade attack CVE-2015-2319 and SSLv2 support still being available...
Updated socat packages fix CVE-2015-1379
Updated socat package fixes security vulnerability: In socat before 2.0.0-b8, signal handler implementations are not async-signal-safe and can cause crash or freeze of socat processes. Mostly this issue occurs when socat is in listening mode with fork option and a couple of child processes...
Updated librsync packages fix security vulnerabilities
Updated librsync packages fix security vulnerability: librsync before 1.0.0 used a truncated MD4 "strong" check sum to match blocks. However, MD4 is not cryptographically strong. It's possible that an attacker who can control the contents of one part of a file could use it to control other region...
Updated shibboleth-sp packages fix CVE-2015-2684
Updated shibboleth-sp package fixes security vulnerability: A denial of service vulnerability was found in the Shibboleth Service Provider. When processing certain malformed SAML message generated by an authenticated attacker, the daemon could crash CVE-2015-2684...
Updated tor packages fix security vulnerabilities
"disgleirio" discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible CVE-2015-2928. "DonnchaC" discovered that Tor clients would crash with an assertion failure upon parsing specially crafted hidde...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 11.2.202.457 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution...
Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerabilities: The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting th...
Updated glusterfs packages fix security vulnerabilities
Updated glusterfs packages fix security vulnerability: glusterfs was vulnerable to a fragment header infinite loop denial of service attack CVE-2014-3619. Also, the glusterfsd SysV init script was failing to properly start the service. This was fixed by replacing it with systemd unit files for th...
Updated quassel packages fix security vulnerabilities
Updated quassel packages fix security vulnerabilities: Quassel could crash when receiving an overlength CTCP query containing only multibyte characters CVE-2015-2778. Quassel could incorrectly split a message in the middle of a multibyte character, leading to a denial of service CVE-2015-2779...
Updated asterisk packages fix CVE-2015-3008
Updated asterisk packages fix security vulnerability: When Asterisk registers to a SIP TLS device and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null byte...
Updated wesnoth packages fix CVE-2015-0844
Updated wesnoth packages fix security vulnerability A severe security vulnerability in Battle of Wesnoth's game client was found which could allow a malicious user to obtain personal files and information from other players in networked multiplayer games using the built-in WML/Lua API on any...
Updated arj packages fix security vulnerabilities
Updated arj package fixes security vulnerabilities: ARJ follows symlinks when unpacking stuff, even the symlinks that were created during the same unpack process, making it vulnerable to a directory traversal CVE-2015-0556. To protect from directory traversals, ARJ strips leading slash from the...
Updated qemu packages fix security vulnerabilities
Updated qemu packages fix security vulnerabilities: A denial of service flaw was found in the way QEMU handled malformed Physical Region Descriptor Table PRDT data sent to the host's IDE and/or AHCI controller emulation. A privileged guest user could use this flaw to crash the system rhbz1204919...
Updated openldap packages fix CVE-2015-1545
Updated openldap packages fix security vulnerability: The deref overlay in slapd 2.4.13 through 2.4.40 dereferences a NULL pointer when a search request includes the Deref control with an empty list of attributes to return missing input validation. This allows a remote unauthenticated client to...
Updated suricata packages fix security vulnerabilities
Updated suricata packages fix security vulnerability: It was reported that libhtp handling of streams in error state could lead to NULL pointer dereference, leading to caller crash. Suricata Intrusion Detection System embeds libhtp, and is one of the affected components...
Updated batik packages fix security vulnerabilities
Updated batik packages fix security vulnerability: Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary fil...
Updated chromium-browser-stable packages fix security vulnerabilities
Updated chromium-browser-stable packages fix security vulnerabilities: Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors CVE-2015-1233. Race condition ...
Updated jakarta-taglibs-standard packages fix CVE-2015-0254
Updated jakarta-taglibs-standard packages fix security vulnerability: David Jorm discovered that the Apache Standard Taglibs incorrectly handled external XML entities. A remote attacker could possibly use this issue to execute arbitrary code or perform other external XML entity attacks...
Updated less packages fix CVE-2014-9488
Updated less package fixes security vulnerability: Malformed UTF-8 data could have caused an out of bounds read in the UTF-8 decoding routines, causing an invalid read access CVE-2014-9488...
Updated xerces-c packages fix security vulnerabilities
Updated xerces-c packages fix security vulnerability: Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c. The parser mishandles certain kinds of malformed input documents, resulting in a...
Updated qt-creator packages fix security vulnerabilities
Updated qt-creator packages fix security vulnerability: Qt Creator does not verify SSH host keys when using the built-in SSH client...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.9, one could circumvent the SVG MIME blacklist for embedded resources. This allowed an attacker to embed JavaScript in the SVG CVE-2015-2931. In MediaWiki before 1.23.9, the SVG filter to prevent injecting JavaScrip...
Updated php and libzip packages fix security vulnerabilities
Heap overflow vulnerability in regcomp.c in the ereg extension in PHP before 5.5.23 on 32-bit systems CVE-2015-2305. Integer overflow in zip extension in PHP before 5.5.23 leads to writing past heap boundary CVE-2015-2331. Use after free vulnerability in unserialize in PHP before 5.5.23...
Updated cups-filters packages fix CVE-2015-2265
Updated cups-filters package fixes security vulnerability: cups-browsed in cups-filters before 1.0.66 contained a bug in the removebadchars function, where it failed to reliably filter out illegal characters if there were two or more subsequent illegal characters, allowing execution of arbitrary...
Updated novnc packages fix CVE-2013-7436
Updated novnc package fixes security vulnerability: noVNC before 0.5.1 allows an attacker to steal insecurely set session token cookies, hijacking active or inactive VNC sessions CVE-2013-7436...
Updated firefox & thunderbird packages fix security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
Updated python-django packages fix security vulnerabilities
Updated python-django and python-django14 packages fix security vulnerabilities: The ModelAdmin.readonlyfields attribute in the Django admin allows displaying model fields and model attributes. While the former were correctly escaped, the latter were not. Thus untrusted content could be injected...
Updated mercurial packages fix CVE-2014-9462
Updated mercurial packages fix security vulnerability: The mercurial source code management system suffers from a code-injection flaw due to insufficient shell quoting in sshpeer.validaterepo CVE-2014-9462...
Updated libtasn1 packages fix CVE-2015-2806
Updated libtasn1 packages fix security vulnerability: The libtasn1 library before version 4.4 is vulnerable to a two-byte stack overflow in asn1derdecoding CVE-2015-2806...
Updated mongodb packages fix security vulnerabilities
Updated mongodb packages fix security vulnerability: It was found that the mongod server did not correctly validate certain malformed BSON requests. A remote, unauthenticated attacker could use a specially crafted BSON message to crash a mongod server CVE-2015-1609...
Updated iceape packages fix security vulnerabilities
Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors. CVE-2015-0835...
Updated python-rope packages fix security vulnerabilities
The python-rope utility has been caught passing remotely supplied data to pickle.load, enabling possible code-execution attacks. This can happen when the 'performdoa' dynamic object analysis option is enabled, which it previously had been by default. This update changes the default configuration ...
Updated chromium-browser-stable packages fix security vulnerabilities
Updated chromium-browser packages fix security vulnerabilities: The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other...