Updated tinyproxy packages fix security vulnerabilities

Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in processrequest function.. CVE-2022-40468 A use-after-free vulnerability exists in the HTTP Connection Headers...

Updated opencontainers-runc packages fix security vulnerability

runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files, existing...

Updated ruby packages fix security vulnerabilities

The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . CVE-2024-39908 The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . CVE-2024-41123 The REXML gem...

Updated virtualbox & kmod-virtualbox packages fix security vulnerabilities

Vulnerabilities were found in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are prior to 7.0.22 and prior to 7.1.2. A difficult to exploit vulnerability allows a high privileged attacker with logon to the infrastructure where Oracl...

Updated emacs packages fix security vulnerability

In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user choose...

Updated tomcat packages fix security vulnerabilities

RCE due to TOCTOU issue in JSP compilation. CVE-2024-50379 DoS in examples web application. CVE-2024-54677...

Updated thunderbird packages fix security vulnerability

Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. CVE-2024-50336...

Updated mozjs78 packages fix security vulnerability

An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an unstarted parser. CVE-2024-50602...

Updated kernel, kmod-xtables-addons, kmod-virtualbox & dwarves packages fix security vulnerabilities

Upstream kernel version 6.6.65 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...

Updated kernel-linus packages fix security vulnerabilities

Vanilla upstream kernel version 6.6.65 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...

Updated socat packages fix security vulnerability

CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory in socat readline.sh...

Updated curl packages fix security vulnerability

When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but...

Updated kubernetes packages fix security vulnerabilities

A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures...

Updated python-aiohttp packages fix security vulnerabilities

When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'followsymlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'followsymlinks' is set to True,...

Updated qemu packages fix security vulnerabilities

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

Updated glib2.0 packages fix security vulnerability

Buffer overflow in socks proxy code in glib 2.82.1. CVE-2024-52533...

Updated rootcerts, nss & firefox packages fix security vulnerabilities

Select list elements could be shown over another site. CVE-2024-11692 CSP Bypass and XSS Exposure via Web Compatibility Shims. CVE-2024-11694 URL Bar Spoofing via Manipulated Punycode and Whitespace Characters. CVE-2024-11695 Unhandled Exception in Add-on Signature Verification. CVE-2024-11696...

Updated krb5 packages fix security vulnerability

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. CVE-2024-3596...

Updated thunderbird packages fix security vulnerabilities

Select list elements could be shown over another site. CVE-2024-11692 CSP Bypass and XSS Exposure via Web Compatibility Shims. CVE-2024-11694 URL Bar Spoofing via Manipulated Punycode and Whitespace Characters. CVE-2024-11695 Unhandled Exception in Add-on Signature Verification. CVE-2024-11696...

Updated libsoup3 & libsoup packages fix security vulnerabilities

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header. CVE-2024-52530 GNOME libsoup before 3.6.1...

Updated microcode packages fix security vulnerabilities

Improper Finite State Machines FSMs in the Hardware logic in some 4th and 5th Generation Intel® Xeon® Processors may allow an authorized user to potentially enable denial of service via local access. CVE-2024-21853 Improper conditions check in some Intel® Xeon® processor memory controller...

Updated postgresql15 & postgresql13 packages fix security vulnerabilities

PostgreSQL row security below e.g. subqueries disregards user ID changes. CVE-2024-10976 PostgreSQL libpq retains an error message from man-in-the-middle. CVE-2024-10977 PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID. CVE-2024-10978 PostgreSQL PL/Perl environment variable...

Updated zbar packages fix security vulnerabilities

A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...

Updated wget packages fix security vulnerability

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host. CVE-2024-10524...

Updated tomcat packages fix security vulnerabilities

Authentication bypass when using Jakarta Authentication API. CVE-2024-52316 Incorrect JSP tag recycling leads to XSS. CVE-2024-52318...

Updated dcmtk packages fix security vulnerability

A buffer overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method component. CVE-2024-27628...

Updated rapidjson packages fix security vulnerability

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the intege...

Updated libsndfile packages fix security vulnerability

libsndfile suffers from an out-of-bounds read in oggvorbis.c vorbisanalysiswrote...

Updated golang packages fix security vulnerabilities

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Calling Parse o...

Updated iptraf-ng packages fix security vulnerability

The updated package fixes a security vulnerability: CVE-2024-52949...

Updated php packages fix security vulnerabilities

Some heap errors, segmentation faults and security vulnerabilities have been found and corrected. It is advised to install this update...

Updated opendmarc packages fix security vulnerability

Fix null pointer dereference in opendmarcpolicy.c. CVE-2024-25768...

Updated kernel, kmod-xtables-addons, kmod-virtualbox & bluez packages fix security vulnerabilities

Upstream kernel version 6.6.61 fixes bugs and vulnerabilities. The bluez, kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...

Updated kanboard packages fix security vulnerability

In versions prior to 1.2.31 an authenticated user is able to perform a SQL injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations the code improperly uses the PicoDB library to update/insert new information...

Updated radare2 packages fix security vulnerability

An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the bfdiv function. CVE-2024-48241...

Updated kernel-linus packages fix security vulnerabilities

Vanilla upstream kernel version 6.6.61 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...

Updated thunderbird packages fix security vulnerability

Potential disclosure of plaintext in OpenPGP encrypted message. CVE-2024-11159...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk & java-latest-openjdk packages fix security vulnerabilities

giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function. CVE-2023-48161 Array indexing integer overflow. CVE-2024-21210 HTTP client improper handling of maxHeaderSize. CVE-2024-21208 Unbounded allocation leads to out-of-memory error. CVE-2024-21217 Integer conversion error lea...

Updated libarchive packages fix security vulnerability

A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. CVE-2024-20696...

Updated networkmanager-libreswan packages fix security vulnerability

A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading t...

Updated php-tcpdf packages fix security vulnerability

TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641...

Updated expat packages fix security vulnerability

An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an unstarted parser. CVE-2024-50602...

Updated openssl packages fix security vulnerability

Low-level invalid GF2^m parameters lead to OOB memory accesses. CVE-2024-9143...

Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerability

Due to an improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially-crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges...

Updated mpg123 packages fix security vulnerability

An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this fla...

Updated qbittorrent packages fix security vulnerabilities

qBittorrent, on all platforms, did not verify any SSL certificates in its DownloadManager class from 2010 until October 2024. If it failed to verify a cert, it simply logged an error and proceeded...

Updated curl packages fix security vulnerability

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

Updated libheif packages fix security vulnerability

In Libheif, insufficient checks in ImageOverlay::parse while decoding a HEIF file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. CVE-2024-41311...

Updated nspr, nss, firefox & rust packages fix security vulnerabilities

Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...

Updated quictls packages fix security vulnerability

Invalid low-level GF2^m parameters can lead to an OOB memory access. CVE-2024-9143...