Updated znc packages fix security vulnerability

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. CVE-2024-39844...

Updated openvpn packages fix security vulnerability

Control channel: refuse control channel messages with nonprintable characters in them. CVE-2024-5594...

Updated chromium-browser-stable packages fix security vulnerabilities

Use after free in Dawn. CVE-2024-6290, CVE-2024-6292, CVE-2024-6293 Use after free in Swiftshader. CVE-2024-6291...

Updated openssh packages fix security vulnerability

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems. CVE-2024-6387...

Updated libcdio packages fix security vulnerability

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file. CVE-2024-36600...

Updated krb5 packages fix security vulnerabilities

Before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. CVE-2024-37370 Before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending...

Updated dcmtk packages fix security vulnerabilities

Multiple vulnerabilities have been fixed in DCMTK, a collection of libraries and applications implementing large parts the DICOM standard for medical images. CVE-2024-28130 Segmentation faults due to incorrect typecast CVE-2024-34508 Segmentation fault via invalid DIMSE message CVE-2024-34509...

Updated espeak-ng packages fix security vulnerabilities

It was discovered that eSpeak NG did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

Updated openssl packages fix security vulnerability

SSLselectnextproto buffer overread. CVE-2024-5535...

Updated gdb packages fix security vulnerabilities

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. CVE-2022-4285 A potential heap based buffer overflow was found in...

Updated ffmpeg packages fix security vulnerabilities

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the setencoderid function in /fftools/ffmpegenc.c component. CVE-2023-50010 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary...

Updated python-idna packages fix security vulnerability

mingw-python-idna: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode...

Updated python-imageio packages fix security vulnerability

imageio can attempt to download shared freeimage libraries from https://github.com/imageio/imageio-binaries/tree/master/freeimage. The code fetches straight from master and provides no way of verifying whether the correct file was fetched. As a result, if the repository is attacked in the future,...

Updated libopenmpt packages fix security vulnerabilities

Possible out-of-bounds read or write when reading malformed MED files. r19389. Null-pointer write 32bit platforms or excessive memory allocation 64bit platforms when reading close to 4GiB of data from unseekable files r20336, r20338. Write buffer overflow when reading unseekable files close to 4G...

Updated erofs-utils packages fix security vulnerabilities

Heap Buffer Overflow in the erofsfsckdirentiter function in fsck/main.c in erofs-utils v1.6 allows remote attackers to execute arbitrary code via a crafted erofs filesystem image...

Updated libheif packages fix security vulnerabilities

Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464...

Updated wget packages fix security vulnerability

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. CVE-2024-38428...

Updated emacs packages fix security vulnerability

Arbitrary shell command evaluation in Org mode GNU Emacs...

Updated python-ansible-core packages fix security vulnerability

ansible-core: possible information leak in tasks that ignore ANSIBLENOLOG configuration CVE-2024-0690...

Updated python-authlib packages fix security vulnerability

Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. This is similar to CVE-2022-29217 and CVE-2024-33663...

Updated python-werkzeug packages fix security vulnerability

Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, an...

Updated chromium-browser-stable packages fix security vulnerabilities

High CVE-2024-6100: Type Confusion in V8. Reported by Seunghyun Lee @0x10n participating in SSD Secure Disclosure's TyphoonPWN 2024 on 2024-06-04 High CVE-2024-6101: Inappropriate implementation in WebAssembly. Reported by @ginggilBesel on 2024-05-31 High CVE-2024-6102: Out of bounds memory acces...

Updated python-gunicorn packages fix security vulnerability

Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling HRS vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's handli...

Updated python-aiohttp packages fix security vulnerability

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server e.g. nginx for serving static files. Users following th...

Updated virtualbox & kmod-virtualbox packages fix security vulnerabilities

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

Updated thunderbird packages fix security vulnerabilities

Use-after-free in networking. CVE-2024-5702 Use-after-free in JavaScript object transplant. CVE-2024-5688 External protocol handlers leaked by timing attack. CVE-2024-5690 Sandboxed iframes were able to bypass sandbox restrictions to open a new window. CVE-2024-5691 Cross-Origin Image leak via...

Updated chromium-browser-stable packages fix security vulnerabilities

The chromium-browser-stable package has been updated to the 126.0.6478.61 release. It includes 21 security fixes. Some of them are: High CVE-2024-5830: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2024-05-24 High CVE-2024-5831: Use after free in Dawn. Reported by wgslfuz...

Updated flatpak packages fix security vulnerability

A malicious or compromised Flatpak app could execute arbitrary code outside its sandbox...

Updated python-scikit-learn packages fix security vulnerability

A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. The vulnerability arises from the unexpected storage of all tokens present in the training data within the stopwords...

Updated cups packages fix security vulnerability

When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target...

Updated libndp packages fix security vulnerabilities

A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information...

Updated iperf packages fix security vulnerability

iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of message...

Updated atril packages fix security vulnerability

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the use...

Updated nano packages fix security vulnerability

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

Updated nss & firefox packages fix security vulnerabilities

Use-after-free in networking. CVE-2024-5702 Use-after-free in JavaScript object transplant. CVE-2024-5688 External protocol handlers leaked by timing attack. CVE-2024-5690 Sandboxed iframes were able to bypass sandbox restrictions to open a new window. CVE-2024-5691 Cross-Origin Image leak via...

Updated libvpx packages fix security vulnerabilities

There exists integer overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...

Updated aom packages fix security vulnerability

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...

Updated vte packages fix security vulnerability

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476. CVE-2024-37535...

Updated poppler packages fix security vulnerability

Out-of-bounds array write. CVE-2024-4141...

Updated golang packages fix security vulnerabilities

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...

Updated strongswan packages fix security vulnerability

Fixes CVE-2023-41913 buffer overflow and possible RCE, various IKEv2 improvements...

Updated 0-plugins-base packages fix security vulnerability

GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Updated plasma-workspace packages fix security vulnerability

KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager. A well crafted client could use the session restore feature to execute arbitrary code...

Updated libtiff packages fix security vulnerability

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. CVE-2023-3164...

Updated libxml2 packages fix security vulnerability

The updated packages fix a security vulnerability: An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. CVE-2024-34459...

Updated amavisd-new packages fix security vulnerability

Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an Interpretation Conflict relative to some mail user agents when there are multiple boundary parameters in a MIME email message. Consequently, there can be an incorrect check for banned files or malware...

Updated libreoffice packages fix security vulnerability

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted...

Updated microcode packages fix security vulnerabilities

The updated package fixes security vulnerabilities: Hardware logic contains race conditions in some IntelR Processors may allow an authenticated user to potentially enable partial information disclosure via local access. CVE-2023-45733 Sequence of processor instructions leads to unexpected behavi...

Updated git packages fix security vulnerabilities

Updated Git to version 2.41.1 to fix CVE-2024-32002 CVE-2024-32004 CVE-2024-32020 CVE-2024-32021 CVE-2024-32465...

Updated wireshark packages fix security vulnerabilities

Memory handling issue in editcap could cause denial of service via crafted capture file. CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file. CVE-2024-485...