Updated tor package fixes security vulnerability

Tor before 0.2.4.23 maintains a circuit after an inbound RELAYEARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAYEARLY cells as a means of communicating information about hidden service name...

Updated phpmyadmin package fixes security vulnerabilities

In phpMyAdmin before 4.1.14.2, when navigating into the database triggers page, it is possible to trigger an XSS with a crafted trigger name CVE-2014-4955. In phpMyAdmin before 4.1.14.2, with a crafted column name it is possible to trigger an XSS when dropping the column in table structure page...

Updated glibc packages fix security issues

Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with ".." components in the LC and LANG variables. Together with typical OpenSSH configurations with suitable AcceptEnv settings in sshdconfig, this could conceivably be used to...

Updated ocsinventory packages fix security vulnerability

Multiple cross-site scripting XSS vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors CVE-2014-4722. Also, the web interface has been fixed to work with Apache HTTPD 2.4...

Updated moodle package fixes security vulnerabilities

In Moodle before 2.6.4, serialised data passed by repositories could potentially contain objects defined by add-ons that could include executable code CVE-2014-3541. In Moodle before 2.6.4, it was possible for manipulated XML files passed from LTI servers to be interpreted by Moodle to allow acce...

Updated kernel packages fix security vulnerabilities

This kernel update provides the upstream 3.12.25 longterm kernel and fixes the following security issues: Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...

Updated file packages fix security vulnerability

file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption via a crafted file that triggers backtracking during processing of an awk rule, due to an incomplete fix for CVE-2013-7345...

Updated php-ZendFramework packages fix security vulnerability

The implementation of the ORDER BY SQL statement in ZendDbSelect of Zend Framework 1 contains a potential SQL injection when the query string passed contains parentheses CVE-2014-4914...

Updated mediawiki packages fix security vulnerabilities

MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash CVE-2014-5241, XSS in mediawiki.page.image.pagination.js CVE-2014-5242, and clickjacking between OutputPage and ParserOutput CVE-2014-5243. This update provides MediaWiki 1.23.2, fixing these and other issues...

Updated polarssl packages fix security vulnerability

A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute...

Updated gcc packages fix security vulnerability and other bugs

Updated gcc packages fix the following security issue: Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code. CVE-2014-5044 They also fix...

Updated apache package fixes security vulnerabilities

A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a specially crafted request that would cause the httpd chi...

Updated apache package fixes security vulnerabilities

A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a specially crafted request that would cause the httpd chi...

Updated ruby-actionpack packages fix security issues

Updated ruby-actionpack and ruby-activerecord packages fix security vulnerabilities: Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 4.0.5, when certain route globbing configurations are enabled, allows...

Updated cacti package fixes security vulnerabilities

Multiple security issues cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising have been found in Cacti CVE-2014-2326, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002...

Updated owncloud packages fix an unspecified security vulnerability

Updated owncloud package fixes security vulnerability: Owncloud versions 5.0.17 and 6.0.4 fix an unspecified security vulnerability, as well as many other bugs. See the upstream Changelog for more information...

Updated asterisk packages fix security vulnerabilities

Updated asterisk packages fix security vulnerabilities: Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action CVE-2014-4046. Asterisk Open...

Updated mariadb package fixes security vulnerabilities

This update provides MariaDB 5.5.38, which fixes several security issues and other bugs...

Updated transmission package fixes security vulnerability

Ben Hawkes discovered that Transmission incorrectly handled certain peer messages. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code CVE-2014-4909...

Updated avidemux packages fix security issues in the bundles ffmpeg

Updated avidemux packages fix security vulnerabilities: Avidemux built with a bundled set of FFmpeg libraries. The bundled FFmpeg versions have been updated to 0.9.4 in Mageia 3 and 1.2.7 in Mageia 4 to fix several security issues and other bugs fixed upstream in FFmpeg. For the Mageia 3 update,...

Updated live555, vlc & mplayer packages fix several issues

Updated live, mplayer, and vlc packages fix security vulnerabilities: The live555 RTSP streaming server and client libraries before 2013.11.29 are vulnerable to buffer overflows in RTSP command parsing that potentially allow for arbitrary code execution when connected to a malicious client or...

Updated pidgin packages fix CVE-2014-3775

Updated pidgin packages fix security vulnerability: It was discovered that libgadu incorrectly handled certain messages from file relay servers. A malicious remote server or a man in the middle could use this issue to cause applications using libgadu to crash, resulting in a denial of service, or...

Updated dbus packages fix multiple vulnerabilities

Updated dbus packages fix security vulnerabilities: A flaw was reported in D-Bus's file descriptor passing feature. A local attacker could use this flaw to cause a service or application to disconnect from the bus, typically resulting in that service or application exiting CVE-2014-3532. A flaw w...

Updated nss, firefox and thunderbird packages fix security vulnerabilities

A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application CVE-2014-1544. Several flaws were found in the processing ...

Updated java-1.7.0-openjdk packages fix multiple vulnerabilities

Updated java-1.7.0-openjdk packages fix security vulnerabilities: It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions CVE-2014-4216...

Updated flash-player-plugin packages fix multiple vulnerabilities

Adobe Flash Player 11.2.202.394 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update includes additional validation checks to ensure that Flash Player rejects malicious content fr...

Updated liblzo packages fix CVE-2014-4607

Updated liblzo packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications performing LZO decompression on a compressed payload from the attacker CVE-2014-4607...

Updated dpkg packages fixes security vulnerabilities

Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package, leading to the creation of files outside the directory of the source being unpacked CVE-2014-0471. Multiple vulnerabilities were discovered in dpkg...

Updated gd and libgd packages fix security vulnerability

The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file CVE-2014-2497...

Updated freerdp packages fix two vulnerabilities

Updated freerdp packages fix security vulnerabilities: Integer overflows in memory allocations in client/X11/xfgraphics.c in FreeRDP through 1.0.2 allows remote RDP servers to have an unspecified impact through unspecified vectors CVE-2014-0250. Integer overflow in the licensereadscopelist functi...

Updated python-simplejson package fixes security vulnerability

Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used as an array index, causing the scanstring function to...

Updated python & python3 packages fix two vulnerabilities

Updated python and python3 packages fix security vulnerabilities: Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...

Updated php packages fix multiple vulnerabilities

Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...

Updated php packages fix multiple vulnerabilities

Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...

Updated file packages fix security vulnerabilities

A flaw was found in the way file parsed property information from Composite Document Files CDF files, where the mconvert function did not correctly compute the truncated pascal string size CVE-2014-3478. Multiple flaws were found in the way file parsed property information from Composite Document...

Updated ffmpeg packages fix security vulnerabilities

A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service CVE-2012-5150. The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 1.1.9 does not properly validate a certain bits-per-sample...

Updated ffmpeg packages fix security vulnerabilities

The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.0.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...

Updated samba packages fix multiple vulnerabilities

Updated samba packages fix security vulnerabilities: Information leak vulnerability in the VFS code, allowing an authenticated user to retrieve eight bytes of uninitialized memory when shadow copy is enabled CVE-2014-0178. Samba versions before 3.6.24, 4.0.19, and 4.1.9 are vulnerable to a denial...

Updated libxfont packages fix security vulnerabilities

Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges CVE-2014-0209. Ilja van Sprundel discovered that libXfont incorrectly handled...

Updated iodine packages fix CVE-2014-4168

Updated iodine packages fix security vulnerability: Oscar Reparaz discovered an authentication bypass vulnerability in iodine, a tool for tunneling IPv4 data through a DNS server. A remote attacker could provoke a server to accept the rest of the setup or also network traffic by exploiting this...

Updated gnupg & gnupg2 packages fixes CVE-2014-4617

Updated gnupg and gnupg2 packages fix security vulnerability: GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial of service which can be caused by garbled compressed data packets which may put gpg into an infinite loop CVE-2014-4617...

Updated phpmyadmin packages fix CVE-2014-4349

Updated phpmyadmin packages fix security vulnerability: In phpMyAdmin before 4.1.14, it is possible to trigger an XSS when hiding or unhiding a crafted table name in the navigation, due to unescaped HTML output in the navigation items hiding feature. Note that this vulnerability can only be...

Updated ctdb package fixes CVE-2013-4159

Updated ctdb packages fix security vulnerability: ctdb before 2.5 is vulnerable to symlink attacks to due the use of predictable filenames in /tmp, such as /tmp/ctdb.socket CVE-2013-4159...

Updated kernel packages fixes security vulnerabilities

The kernel has been updated to the upstream 3.10.44 longterm kernel, and fixes the following security issues: The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to...

Updated pdns & pdns-recursor packages fix a denial of service vulnerability

Updated pdns and pdns-recursor packages fix security vulnerability: PowerDNS recursor is vulnerable to a denial of service due to a bug that causes it to exhaust the maximum number of file descriptors that are available to a process. The pdns and pdns-recursor packages have been patched to fix th...

Updated smb4k packages fix CVE-2014-2581

Updated smb4k packages fix security vulnerability: Smb4k before 1.1.1 allows the cruid CIFS mount option to be specified by the user CVE-2014-2581. The smb4k package has been updated to version 1.1.2, which fixes this issue and also contains several other bug fixes and additions...

Updated sendmail packages fix CVE-2014-3956

Updated sendmail packages fix security vulnerability: Sendmail before 8.14.9 does not properly closing file descriptors before executing programs. This bug could enable local users to interfere with an open SMTP connection if they can execute their own program for mail delivery e.g., via procmail...

Updated ansible package provides minor security fixes

Ansible has been patched with minor security fixes to safeeval and aptrepository that were fixed upstream in version 1.5.5...

Updated tomcat and tomcat6 packages fix security vulnerabilities

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40 and 7.x before 7.0.53 allows remote attackers to cause a denial of service resource consumption via a malformed chunk size in chunked transfer coding o...

Updated cups-filter packages fix security vulnerabilities

In cups-filters before 1.0.53, out-of-bounds accesses in the processbrowsedata function when reading the packet variable could leading to a crash, thus resulting in a denial of service CVE-2014-4337. In cups-filters before 1.0.53, if there was only a single BrowseAllow line in cups-browsed.conf a...