6009 matches found
Updated openjpeg packages fix security vulnerability
Updated openjpeg packages fix security vulnerability: A heap-based buffer overflow was found in the way openjpeg parsed certain image files from a JPEG2000 image. If a specially-crafted image were opened by an application linked against OpenJPEG, it could cause the application to crash or,...
Updated cups-filters packages fix security vulnerability
Updated cups-filters packages fix security vulnerability: Sebastian Krahmer discovered it was possible to use malicious broadcast packets to execute arbitrary commands on a server running the cups- browsed daemon CVE-2014-2707. Note that only systems that have enabled the affected feature by usin...
Updated apache-mod_security packages fix security vulnerability
Updated apache-modsecurity packages fix security vulnerability: Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing content that should...
Updated php packages fix security vulnerability
Updated php packages fix security vulnerability: The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a...
Updated elfutils package fixes CVE-2014-0172
Updated elfutils packages fix security vulnerability: The libdw library provides support for accessing DWARF debugging information inside ELF files. An integer overflow flaw in checksection, leading to a heap-based buffer overflow, was found in the libdw library. A malicious ELF file could cause ...
Updated fail2ban packages fix security issues
An update to fail2ban 0.8.13 has been released to fix security issues, amongst other bugfixes. fail2ban versions prior to 0.8.11 would allow a remote unauthenticated attacker to cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services...
Updated json-c packages fix security vulnerabilities
Updated json-c packages fix security vulnerabilities: Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures. These functions need to be changed to using sizet if possible for sizes, or to be...
Updated jbigkit packages fix CVE-2013-6369
Updated jbigkit packages fix security vulnerability: Florian Weimer found a stack-based buffer overflow flaw in the libjbig library part of jbigkit. A specially-crafted image file read by libjbig could be used to cause a program linked to libjbig to crash or, potentially, to execute arbitrary cod...
Updated tigervnc packages fix CVE-2014-0011
Updated tigervnc packages fix security vulnerability: A heap-based buffer overflow was found in the way vncviewer rendered certain screen images from a vnc server. If a user could be tricked into connecting to a malicious vnc server, it may cause the vncviewer to crash, or could possibly execute...
Updated asterisk packages fix security vulnerabilities
Updated asterisk packages fix security vulnerabilities: In Asterisk before 11.8.1, sending a HTTP request that is handled by Asterisk with a large number of Cookie headers could overflow the stack. You could even exhaust memory if you sent an unlimited number of headers in the request...
Updated asterisk packages fix security vulnerabilities
Updated asterisk packages fix security vulnerabilities: In Asterisk before 11.6.1, a 16 bit SMS message that contains an odd message length value will cause the message decoding loop to run forever. The message buffer is not on the stack but will be overflowed resulting in corrupted memory and an...
Updated cups-filters packages fix security vulnerabilities
Updated cups-filters packages fix security vulnerabilities: Florian Weimer discovered that cups-filters incorrectly handled memory in the urftopdf filter. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user CVE-2013-6473. Florian Weimer discovere...
Updated flash-player-plugin package fixes multiple vulnerabilities
Adobe Flash Player 11.2.202.350 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to remotely take control of the affected system. This update resolves a use-after-free vulnerability that could result in...
Updated squid packages fix CVE-2014-0128
Updated squid packages fix security vulnerability: Due to incorrect state management, Squid before 3.3.12 is vulnerable to a denial of service attack when processing certain HTTPS requests if the SSL-Bump feature is enabled CVE-2014-0128...
Updated perl-Authen-Captcha package uses randomly generated filenames
An issue in previous versions of perl-Authen-Captcha is that the generated public string file name of the picture for the captcha is merely a checksum of the secret string. It is trivial to break such short strings even using google instead of a rainbow table. This new version of...
Updated openssh packages fix CVE-2014-2653
Updated openssh packages fix security vulnerability: Matthew Vernon reported that if a SSH server offers a HostCertificate that the ssh client doesn't accept, then the client doesn't check the DNS for SSHFP records. As a consequence a malicious server can disable SSHFP-checking by presenting a...
Updated openssl package fix two security vulnerabilities
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Updated libzip package fixes crashes using php-zip
The libzip library has been updated to version 0.11.2, which fixes crashes that affected php-zip and possibly other users of the library...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: It was discovered that the file utility contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. A flaw was foun...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: It was discovered that the file utility contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. A flaw was foun...
Updated a2ps packages fix CVE-2014-0466
Updated a2ps packages fix security vulnerability: Brian M. Carlson reported that a2ps's fixps script does not invoke gs with the -dSAFER option. Consequently executing fixps on a malicious PostScript file could result in files being deleted or arbitrary commands being executed with the privileges...
Updated moodle packages fix multiple security vulnerabilities
Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.9, question strings were not being filtered correctly possibly allowing cross site scripting, as quizquestiontostring can cause invalid HTML CVE-2014-2571. Feedback Availability dates not honored in complete.php in Moodle...
Updated python-pillow packages fix insecure use of temporary files
Updated python-imaging packages fix security vulnerabilities: Jakub Wilk discovered that temporary files were insecurely created via mktemp in the IptcImagePlugin.py, Image.py, JpegImagePlugin.py, and EpsImagePlugin.py files of Python Imaging Library. A local attacker could use this flaw to perfo...
Updated python-imaging package fixes insecure use of temporary files
Updated python-imaging packages fix security vulnerabilities: Jakub Wilk discovered that temporary files were insecurely created via mktemp in the IptcImagePlugin.py, Image.py, JpegImagePlugin.py, and EpsImagePlugin.py files of Python Imaging Library. A local attacker could use this flaw to perfo...
Updated mediawiki packages fix CVE-2014-2665
Updated mediawiki packages fix security vulnerability: Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the user's activity CVE-2014-2665. MediaWiki has been...
Updated ruby-rack-ssl packages fix CVE-2014-2538
Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters su...
Updated springframework packages fix multiple vulnerabilities
Updated springframework packages fix security vulnerabilities: Jaxb2RootElementHttpMessageConverter in Spring MVC processes external XML entities CVE-2014-0054. Spring MVC introduces a cross-site scripting vulnerability if the action on a Spring form is not specified CVE-2014-1904...
Updated perl-YAML-LibYAML package fixes security vulnerabilies
Updated perl-YAML-LibYAML packages fix security vulnerabilities: Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag...
Updated curl packages fix multiple vulnerabilities
Updated curl packages fix security vulnerabilities: Paras Sethia discovered that libcurl would sometimes mix up multiple HTTP and HTTPS connections with NTLM authentication to the same server, sending requests for one user over the connection authenticated as a different user CVE-2014-0015. libcu...
Updated xalan-j2 packages fix CVE-2014-0107
Updated xalan-j2 packages fix security vulnerability: Nicolas Gregoire discovered several vulnerabilities in libxalan2-java. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution CVE-2014-0107...
Updated php-ZendFramework packages fix multiple vulnerabilities
Updated php-ZendFramework packages fix security vulnerabilities: XML eXternal Entity XXE and XML Entity Expansion XEE flaws were discovered in the Zend Framework. An attacker could use these flaws to cause a denial of service, access files accessible to the server process, or possibly perform oth...
Updated libyaml package fixes security vulnerability
Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application t...
Updated tomcat package fixes security vulnerabilities
Apache Tomcat 7.x before 7.0.47, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via 1 multiple...
Updated tomcat package fixes security vulnerabilities
Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling 1 a large total amount of chunked data or 2 whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data CVE-2013-4322...
Updated perltidy package fixes security vulnerability
perltidy's maketemporaryfilename function insecurely created temporary files via the use of the tmpnam function. A local attacker could use this flaw to perform a symbolic link attack CVE-2014-2277...
Updated iceape packages fix multiple vulnerabilities
Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service memory corruption and...
Updated 389-ds-base package fixes security vulnerability
It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This...
Updated stunnel package fixes security vulnerability
A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset...
Updated openssh packages fix CVE-2014-2532
Updated openssh packages fix security vulnerability: sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshdconfig, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character CVE-2014-2532...
Updated file packages fix security vulnerabilities
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a large amount of...
Updated mutt package fixes security vulnerability
A heap-based buffer overflow flaw was found in the way mutt processed certain email headers. A remote attacker could use this flaw to send an email with specially crafted headers that, when processed, could cause mutt to crash or, potentially, execute arbitrary code with the permissions of the us...
Updated python3 package fixes security vulnerabilities
ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips CVE-2013-7338...
Updated python package fixes security vulnerabilities
Denial of service flaws due to unbound readline calls in the imaplib, poplib, and smtplib modules CVE-2013-1752. A gzip bomb and unbound read denial of service flaw in python XMLRPC library CVE-2013-1753...
Updated samba packages fix security vulnerability
In Samba before 3.6.23, the SAMR server neglects to ensure that attempted password changes will update the bad password count, and does not set the lockout flags. This would allow a user unlimited attempts against the password by simply calling ChangePasswordUser2 repeatedly. This is available...
Updated nss, firefox and thunderbird packages fix security vulnerabilities
In the NSS library before version 3.16, in a wildcard certificate, the wildcard character was embedded within the U-label of an internationalized domain name, which is not in accordance with RFC 6125 CVE-2014-1492. Several flaws were found in the processing of malformed web content. A web page...
Updated nginx package fixes security vulnerability
A bug in the experimental SPDY implementation in nginx was found, which might allow an attacker to cause a heap memory buffer overflow in a worker process by using a specially crafted request, potentially resulting in arbitrary code execution CVE-2014-0133...
Updated apache packages fix security vulnerabilities
Apache HTTPD before 2.4.9 was vulnerable to a denial of service in moddav when handling DAVWRITE requests CVE-2013-6438. Apache HTTPD before 2.4.9 was vulnerable to a denial of service when logging cookies CVE-2014-0098...
Updated chromium-browser-stable packages fix security vulnerabilities
Use-after-free in speech CVE-2014-1700. UXSS in events CVE-2014-1701. Use-after-free in web database CVE-2014-1702. Potential sandbox escape due to a use-after-free in web sockets CVE-2014-1703. Multiple vulnerabilities in V8 fixed in version 3.23.17.18 CVE-2014-1704. Memory corruption in V8...
Updated lighttpd package fixes security vulnerabilities
SQL injection vulnerability in lighttpd before 1.4.35 when modmysqlvhost is in use, due to insufficient validation of hostnames in HTTP requests CVE-2014-2323. Possible path traversal vulnerabilities in lighttpd before 1.4.35 when either modevhost or modsimplevhost are in use, due to insufficient...
Updated webmin package fixes security vulnerabilities
Webmin has been updated to version 1.680, which fixes some security issues in the PHP Configuration and Webalizer modules, as well as several other bugs...