Updated nvidia packages fix security vulnerabilities

Updated nvidia304 and nvidia-current drivers fixes security issues: The NVIDIA Linux Discrete GPU drivers before R304.125, R331.x before R331.113, R340.x before R340.65, R343.x before R343.36, and R346.x before R346.22, Linux for Tegra L4T driver before R21.2, and Chrome OS driver before R40 allo...

Updated python-yaml packages fix security vulnerability

Updated python-yaml packages fix security vulnerability: Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using...

Updated openvas-manager packages fix security vulnerability

Updated openvas-manager packages fixes security vulnerability: It has been identified that OpenVAS Manager before 4.0.6 is vulnerable to sql injections due to a improper handling of the timezone parameter in modifyschedule OMP command. It has been identified that this vulnerability may allow...

Updated libvirt packages fix CVE-2014-8136

Updated libvirt packages fix security vulnerability: The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in qemu/qemudriver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors CVE-2014-8136...

Updated privoxy package fixes security vulnerabilities

Updated privoxy packages fix security issues: A memory leak occurred in privoxy 3.0.21 compiled with IPv6 support when rejecting client connections due to the socket limit being reached. CID 66382 A use-after-free bug was found in privoxy 3.0.21 and two additional potential use-after-free issues...

Updated cxf packages fix security vulnerabilities

Updated cxf packages fix security vulnerabilities: An Apache CXF JAX-RS service can process SAML tokens received in the authorization header of a request via the SamlHeaderInHandler. However it is possible to cause an infinite loop in the parsing of this header by passing certain bad values for t...

Updated xml-security packages fix CVE-2013-4517

Updated xml-security packages fixes security vulnerability: Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service memory consumption via crafted Document Type Definitions DTDs, related to signatures CVE-2013-4517...

Updated couchdb packages fix CVE-2010-5312

Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...

Updated unzip package fixes security vulnerabilities

Updated unzip package fix security vulnerabilities: The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in arbitrary code...

Updated castor packages fix CVE-2014-3004

Updated castor packages fix security vulnerability: The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted XML document CVE-2014-3004...

Updated plasma-nm packages add openvpn certificate verification

Updated plasma-applet-nm packages add OpenVPN option for server certificate verification Plasma-nm does not tell OpenVPN to perform server certificate verification. Consequently, anyone with the preshared key is able to perform a MITM attack by impersonating the server. This update add option to...

Updated sox packages fix CVE-2014-8145

Updated sox packages fix security vulnerability: The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions startread and AdpcmReadBlock. A specially crafted wav file can be used to trigger the vulnerabilities CVE-2014-8145...

Updated resteasy package fix CVE-2014-3490

Updated resteasy packages fixes security vulnerability: It was found that the fix for CVE-2012-0818 was incomplete: external parameter entities were not disabled when the resteasy.document.expand.entity.references parameter was set to false. A remote attacker able to send XML requests to a RESTEa...

Updated axis packages fix CVE-2014-3596

Updated axis packages fixes security vulnerability: It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject's Common Name CN field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate...

Updated not-yet-commons-ssl packages fix CVE-2014-3604

Updated not-yet-commons-ssl packages fixes security vulnerability: It was discovered that the implementation used by the Not Yet Commons SSL project to check that the server hostname matches the domain name in the subject's CN field was flawed. This can be exploited by a Man-in-the-middle MITM...

Updated wss4j packages fix CVE-2014-3623

Updated wss4j packages fixes security vulnerability: Apache WSS4J before 1.6.17, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors CVE-2014-3623...

Updated xlockmore packages fix a security vulnerability

Updated xlockmore packages fix security vulnerability xlockmore before 5.45 contains a security flaw related to a bad value of fnt for pyro2 which could cause an X error. This update backports the fix for version 5.43...

Updated smack packages fix security vulnerabilities

Updated smack packages fix security vulnerabilities: The ServerTrustManager component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify basicConstraints and nameConstraints in X.509 certificate chains from SSL servers, which allows man-in-the-middle attackers to spoof servers...

Updated apache-poi packages fix security vulnerabilities

Updated apache-poi packages fix security vulnerabilities: It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server,...

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.8, thumb.php outputs wikitext message as raw HTML, which could lead to cross-site scripting. Permission to edit MediaWiki namespace is required to exploit this. In MediaWiki before 1.23.8, a malicious site can bypas...

Updated erlang packages fix security vulnerabilities

Updated erlang packages fixes security vulnerability: An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP command...

Updated subversion packages fix security vulnerabilities

A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn CVE-2014-3580. A NULL pointer dereference flaw was found in the way moddavsvn handled URIs for virtual transaction names...

Updated git packages fix security vulnerability

It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the .git/config file when the client performed a "git pull". Because git permitted committing .Git/config or any case variation, on the pull this would replace the user's .git/config. If...

Updated libjpeg packages fix security vulnerability

Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack smashing CVE-2014-9092...

Updated znc package fixes CVE-2014-9403

Updated znc packages fix security vulnerability: Adding an already existing channel to a user/network via web admin in ZNC causes a crash if the channel name isn't prefixed with '' CVE-2014-9403...

Updated php packages fix CVE-2014-8142

Updated php packages fix security vulnerability: A use-after-free flaw was found in PHP unserialize. An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize CVE-2014-8142. PHP has been updated to version 5.5.20, which fixes the...

Updated ntp packages fix security vulnerabilities

Updated ntp packages fix security vulnerabilities: If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated CVE-2014-9293. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys...

Updated docuwiki package fixes CVE-2014-9253

Updated dokuwiki package fix a security vulnerability: Our current dokuwiki-20140929-1.1.mga4 package uses dokuwiki-2014-09-29a source which allows swf application/x-shockwave-flash uploads by default. This may be used for Cross-site scripting XSS attack which enables attackers to inject...

Updated pcre packages fix security vulnerability

A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application linked against PCRE to crash while parsing malicious regular expressions CVE-2014-8964...

Updated pwgen package fixes security vulnerabilities

Updated pwgen package fixes security vulnerabilities: Pwgen was found to generate weak non-tty passwords by default, which could be brute-forced with a commendable success rate, which could raise security concerns CVE-2013-4440. Pwgen was found to silently falling back to use standard pseudo...

Updated krb5 packages fix CVE-2014-5353

Updated krb5 packages fix security vulnerability: In MIT krb5, when kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause a NULL dereference by attempting to use a named ticket policy object as a password policy for a principal. The attacker needs to b...

Updated file packages fix security vulnerabilities

Updated file packages fix security vulnerabilities: Thomas Jarosch of Intra2net AG reported that using the file command on a specially-crafted ELF binary could lead to a denial of service due to uncontrolled resource consumption CVE-2014-8116. Thomas Jarosch of Intra2net AG reported that using th...

Updated jasper packages fix security vulnerabilities

Updated jasper packages fix security vulnerabilities: A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code CVE-2014-8137. A heap-based buffe...

Updated c-icap packages fix security vulnerabilities

Several vulnerabilities were found in c-icap, which could allow a remote attacker to cause c-icap to crash, or have other, unspecified impacts CVE-2013-7401, CVE-2013-7402...

Updated claws-mail packages fix security vulnerability

Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service crash via a crafted TNEF file, which triggers a buffer overflow CVE-2010-5109. The claws-mail package contains an embedded copf of libytnef, which has been...

Updated unrtf package fixes security vulnerabilities

Updated unrtf package fixes security vulnerabilities: Michal Zalewski reported an out-of-bounds memory access vulnerability in unrtf. Processing a malformed RTF file could lead to a segfault while accessing a pointer that may be under the attacker's control. This would lead to a denial of service...

Updated nail package fixes security vulnerabilities

Updated nail package fixes security vulnerabilities: A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command...

Updated x11-server packages fix security vulnerabilities

Ilja van Sprundel of IOActive discovered several security issues in the X.org X server, which may lead to privilege escalation or denial of service CVE-2014-8091, CVE-2014-8092, CVE-2014-8093, CVE-2014-8094, CVE-2014-8095, CVE-2014-8096, CVE-2014-8097, CVE-2014-8098, CVE-2014-8099, CVE-2014-8100,...

Updated cpio package fixes security vulnerability

Heap-based buffer overflow in the processcopyin function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive CVE-2014-9112. Additionally, a null pointer dereference in the copyinlink function which could cause a denial of service has als...

Updated rpm packages fix security vulnerabilities

It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and...

Updated apache packages fix security vulnerabilities

Updated apache packages fix security vulnerabilities: A NULL pointer dereference flaw was found in the way the modcache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server...

Updated freetype2 packages fix security vulnerability

Updated freetype2 packages fix security vulnerability: It was reported that Freetype before 2.5.4 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow. This is due to an incomplete fix for CVE-2014-2240...

Updated qemu packages fix security vulnerabilities

Updated qemu packages fix security vulnerabilities: During migration, the values read from migration stream during ram load are not validated. Especially offset in hostfromstreamoffset and also the length of the writes in the callers of the said function. A user able to alter the savevm data eith...

Updated bind packages fix CVE-2014-8500

Updated bind packages fix security vulnerability: By making use of maliciously-constructed zones or a rogue server, an attacker can exploit an oversight in the code BIND 9 uses to follow delegations in the Domain Name Service, causing BIND to issue unlimited queries in an attempt to follow the...

Updated firebird packages fix a remote denial of service vulnerability

These update fix the recently discovered security vulnerability CORE-4630 that may be used for a remote DoS attack performed by unauthorized users...

Updated pdns-recursor packages fix CVE-2014-8601

Updated pdns-recursor package fixes security vulnerability: PowerDNS Recursor before version 3.6.2, could be negatively impacted by specially configured, hard to resolve domain names. A remote attacker, by sending a query for such a domain name, could cause severe performance degradation in...

Updated nodejs package fixes security vulnerabilities

Updated nodejs package fixes security vulnerabilities: A memory corruption vulnerability, which results in a denial-of-service, was identified in the versions of V8 that ship with Node.js 0.8 and 0.10. In certain circumstances, a particularly deep recursive workload that may trigger a GC and...

Updated iceape package fixes security vulnerabilities

When the oxygen-gtk was active and iceape tried to draw a menu for example after a mouse down event on the menu bar, a segmentation fault was triggered causing iceape to crash. The oxygen-gtk theme engine contains a solution for this problem, this is now enabled for iceape. MGA 12978 Mozilla...

Updated php-pear-HTML_AJAX package fixes security vulnerability

Updated php-pear-HTMLAJAX package fixes security vulnerability: The HTMLAJAX pear module before version 0.5.7 is vulnerable to a bug that can allow for remote code execution through unspecified vectors...

Updated util-linux packages fix CVE-2014-9114

Updated util-linux packages fix security vulnerability: Sebastian Krahmer reported a command injection flaw in blkid. This could possibly result in command execution with root privileges CVE-2014-9114. The util-linux package has been updated to version 2.24.2 and patched to fix this issue and oth...