6009 matches found
Updated radare2 packages fix security vulnerability
An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the bfdiv function. CVE-2024-48241...
Updated kanboard packages fix security vulnerability
In versions prior to 1.2.31 an authenticated user is able to perform a SQL injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations the code improperly uses the PicoDB library to update/insert new information...
Updated thunderbird packages fix security vulnerability
Potential disclosure of plaintext in OpenPGP encrypted message. CVE-2024-11159...
Updated libarchive packages fix security vulnerability
A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. CVE-2024-20696...
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk & java-latest-openjdk packages fix security vulnerabilities
giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function. CVE-2023-48161 Array indexing integer overflow. CVE-2024-21210 HTTP client improper handling of maxHeaderSize. CVE-2024-21208 Unbounded allocation leads to out-of-memory error. CVE-2024-21217 Integer conversion error lea...
Updated curl packages fix security vulnerability
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...
Updated expat packages fix security vulnerability
An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an unstarted parser. CVE-2024-50602...
Updated php-tcpdf packages fix security vulnerability
TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641...
Updated mpg123 packages fix security vulnerability
An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this fla...
Updated qbittorrent packages fix security vulnerabilities
qBittorrent, on all platforms, did not verify any SSL certificates in its DownloadManager class from 2010 until October 2024. If it failed to verify a cert, it simply logged an error and proceeded...
Updated x11-server, x11-server-xwayland & tigervnc packages fix security vulnerability
Due to an improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially-crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges...
Updated openssl packages fix security vulnerability
Low-level invalid GF2^m parameters lead to OOB memory accesses. CVE-2024-9143...
Updated networkmanager-libreswan packages fix security vulnerability
A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading t...
Updated htmldoc packages fix security vulnerabilities
HTMLDOC before 1.9.19 has an out-of-bounds write in parseparagraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. CVE-2024-45508 HTMLDOC v1.9.18 contains a buffer overflow in parsepre function,ps-pdf.cxx:5681. CVE-2024-46478...
Updated python-werkzeug packages fix security vulnerability
Werkzeug is a Web Server Gateway Interface web application library. Applications using werkzeug.formparser.MultiPartParser corresponding to a version of Werkzeug prior to 3.0.6 to parsing multipart/form-data requests e.g. all flask applications are vulnerable to a relatively simple but effective...
Updated thunderbird packages fix security vulnerabilities
Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...
Updated nspr, nss, firefox & rust packages fix security vulnerabilities
Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...
Updated libheif packages fix security vulnerability
In Libheif, insufficient checks in ImageOverlay::parse while decoding a HEIF file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. CVE-2024-41311...
Updated quictls packages fix security vulnerability
Invalid low-level GF2^m parameters can lead to an OOB memory access. CVE-2024-9143...
Updated python-urllib3 packages fix security vulnerability
When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it...
Updated ruby-webrick packages fix security vulnerability
An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. CVE-2024-47220...
Updated libarchive packages fix security vulnerabilities
executefilteraudio in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. CVE-2024-48957 executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a...
Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Updated kernel, kmod-xtables-addons. kmod-virtualbox, kernel-firmware & kernel-firmware-nonfree radeon-firmware packages fix security vulnerabilities
Upstream kernel version 6.6.58 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links...
Updated bind packages fix security vulnerabilities
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. CVE-2024-0760 Resolver caches and authoritative zone databases that...
Updated buildah, podman, skopeo packages fix security vulnerabilities
A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...
Updated chromium-browser-stable packages fix security vulnerabilities
Integer overflow in Layout. CVE-2024-7025 Insufficient data validation in Mojo. CVE-2024-9369 Inappropriate implementation in V8. CVE-2024-9370 Type Confusion in V8. CVE-2024-9602 Type Confusion in V8. CVE-2024-9603...
Updated thunderbird packages fix security vulnerabilities
The updated packages provide Thunderbird 128 for all mandatory arches of Mageia x8664, i586 and aarch64 and fix several bugs, including a security vulnerability:...
Updated libgsf packages fix security vulnerabilities
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-boun...
Updated cpanminus packages fix security vulnerability
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers. CVE-2024-45321...
Updated mozjs78 packages fix security vulnerabilities
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...
Updated redis packages fix security vulnerabilities
An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. CVE-2024-31227 Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported...
Updated oath-toolkit packages fix security vulnerability
pamoath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink. CVE-2024-47191...
Updated firefox packages fix security vulnerabilities
The updated package provides Firefox 128 for all mandatory arches of Mageia x8664, i586 and aarch64, fixing several bugs, including security vulnerabilities, for i586 and aarch64: Fullscreen notification dialog can be obscured by document content. CVE-2024-7518 Out of bounds memory access in...
Updated unbound packages fix security vulnerabilities
NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...
Updated thunderbird packages fix security vulnerabilities
The current version has reached EOL and several security vulnerabilities were fixed by Mozilla. We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...
Updated firefox firefox-l10n packages fix security vulnerabilities
The updated packages fix a security vulnerability: Use-after-free in Animation timeline. CVE-2024-9680 We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...
Updated quictls packages fix security vulnerabilities
The updated packages fix security vulnerabilities...
Updated vim packages fix security vulnerability
Use-after-free when closing buffers in Vim v9.1.0764. CVE-2024-47814...
Updated php packages fix security vulnerabilities
HTTPREDIRECTSTATUS might be controlled via user request FPM log output might be modified by an attacker HTTP POST can be modified by an attacker For other bug fixes consult references...
Updated cups & cups-filters packages fix security vulnerabilities
The cfGetPrinterAttributes5 function in libcupsfilters does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. CVE-2024-47076 Th...
Updated rootcerts nss firefox firefox-l10n packages fix security vulnerabilities
The current versions have reached EOL and several security vulnerabilities were fixed by Mozilla. We are having some issues that are delaying the build for some architectures, so for the moment we are releasing this update just for x8664...
Updated ghostscript packages fix security vulnerabilities
Amongst other general bug fixes, this release addresses: CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46954 CVE-2024-46955 CVE-2024-46956...
Updated chromium-browser-stable packages fix security vulnerabilities
Use after free in Downloads. CVE-2024-6988 Use after free in Loader. CVE-2024-6989 Use after free in Dawn. CVE-2024-6991 Heap buffer overflow in Layout. CVE-2024-6994 Inappropriate implementation in Fullscreen. CVE-2024-6995 Race in Frames. CVE-2024-6996 Use after free in Tabs. CVE-2024-6997 Use...
Updated openjpeg2 packages fix security vulnerability
Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal. CVE-2023-39327...
Updated cjson packages fix security vulnerability
cJSON was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c. CVE-2024-31755...
Updated hostapd & wpa_supplicant packages fix security vulnerability
The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive th...
Updated libreoffice package fixes security vulnerability
The Certificate Validation user interface in LibreOffice allows a potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the mac...
Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, & java-latest-openjdk packages fix security vulnerabilities
Potential UTF8 size overflow. CVE-2024-21131 Excessive symbol length can lead to infinite loop. CVE-2024-21138 Range Check Elimination RCE pre-loop limit overflow. CVE-2024-21140 Pack200 increase loading time due to improper header validation. CVE-2024-21144 Out-of-bounds access in 2D image...
Updated gnome-shell packages fix security vulnerability
In GNOME Shell through 45.7, a portal helper can be launched automatically without user confirmation based on network responses provided by an adversary e.g., an adversary who controls the local Wi-Fi network, and subsequently loads untrusted JavaScript code, which may lead to resource consumptio...