Updated openssl packages fix a security vulnerability

The updated packages fix a security vulnerability: Incorrect cipher key & IV length processing. CVE-2023-5363...

Updated libsndfile packages fix a security vulnerability

Add upstream patch to fix CVE-2022-33065...

Updated nss and firefox packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

Updated x11-server packages fix security vulnerabilities

The updated packages fix security vulnerabilities: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. CVE-2023-5367 Use-after-free bug in DestroyWindow. CVE-2023-5380 Use-after-free bug in DamageDestroy. CVE-2023-5574...

Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Queued up rendering could have allowed websites to clickjack. CVE-2023-5721 Address bar spoofing via bidirectional characters. CVE-2023-5732 Large WebGL draw could have led to a crash. CVE-2023-5724 WebExtensions could open arbitrary URLs...

Updated chromium-browser-stable packages fix bugs including security vulnerabilities

The chromium-browser-stable package has been updated to the 118.0.5993.117 release, fixing bugs and 3 vulnerabilities, together with 118.0.5993.88; some of them are listed below: High CVE-2023-5472: Use after free in Profiles...

Updated vim packages fix security vulnerabilities

The updated packages fix security vulnerabilities: NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. CVE-2023-5441 Use After Free in GitHub repository vim/vim prior to v9.0.2010. CVE-2023-5535...

Updated bind packages fix security vulnerabilities

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...

Updated apache packages fix security vulnerabilities

Apache has been updated to version 2.4.58 to fix several security issues. CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST cve.mitre.org When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were n...

Updated python-nltk package fixes a security vulnerability

python-nltk 3.6.6 update resolves ReDoS opportunity by fixing incorrectly specified regex...

Updated redis package fixes a security vulnerability

Redis upstream published a fix for CVE-2023-45145. CVE-2023-45145: The wrong order of listen2 and chmod2 calls creates a race condition that can be used by another process to bypass desired Unix socket permissions on startup...

Updated libcue packages fix a security vulnerability

Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to /Downloads, it is then automatically scanned by tracker-miners. And because it has a .c...

Updated libxml2 packages fix a security vulnerability

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. CVE-2023-45322...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be...

Updated nodejs packages fix security vulnerabilities

This is a security release. The following CVEs are fixed in this release: CVE-2023-44487: nghttp2 Security Release High CVE-2023-45143: undici Security Release High CVE-2023-38552: Integrity checks according to policies can be circumvented Medium CVE-2023-39333: Code injection via WebAssembly...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often...

Updated cadence packages fix security vulnerabilities

Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/.cadence-aloop-daemon.x Temporary File. The file is used even if it has been created by a local adversary before Cadence started. The adversary can then delete the file, disrupting Cadence. CVE-2023-43782 Cadence through 0.9.2 2023-08-21 uses...

Updated shadow-utils packages fix a security vulnerability

The updated packages fix a security vulnerability: Potential password leak. CVE-2023-4641...

Updated libxpm packages fix security vulnerabilities

A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local to trigger an out-of-bounds read error and read the contents of memory on the system. CVE-2023-43788 Out of bounds read on XPM with corrupted colormap...

Updated ruby-RedCloth packages fix a security vulnerability

A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload. CVE-2023-31606...

Updated chromium-browser-stable packages fix bugs and vulnerabilities

The chromium-browser-stable package has been updated to the 118.0.5993.70 release, fixing 20 bugs and vulnerabilities. Some of the security fixes are: Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18 on 2023-09-27 Medium CVE-2023-5487: Inappropriate implementation in...

Updated ghostscript packages fix security vulnerability

The updated packages fix a security vulnerability: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated...

Updated libX11 packages fix security vulnerabilities

A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system. CVE-2023-43785 A vulnerability was found in libX11 due to an infinite loop within...

Updated the curl packages to fix two security vulnerabilities

curl/libcurl is vulnerable to a heap buffer overflow in its SOCKS5 support that could be exploited by a remote web server when curl is configured to use a SOCKS5 proxy with remote hostname resolution. libcurl is vulnerable to a cookie injection attack where a local attacker can inject cookies int...

Updated glibc packages fix a security vulnerability

The updated packages fix a security vulnerability: A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when...

Updated cups packages fix security vulnerabilities

The updated packages fix security vulnerabilities: It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents. CVE-2023-32360 Due to failure in validating the length provided by an...

Updated Firefox and Thunderbird packages fix security vulnerabilities

Updated Firefox and Thunderbird packages fix security vulnerabilities: Out-of-bounds write in PathOps. CVE-2023-5169 Use-after-free in Ion Compiler. CVE-2023-5171 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. CVE-2023-5176 Heap buffer overflow in libvpx...

Updated glibc packages fix a security vulnerability

The updated packages fix a security vulnerability: A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. CVE-2023-5156...

Updated chromium-browser-stable package fixes bugs and vulnerabilities

The chromium-browser-stable package has been updated to the 117.0.5938.92 release, fixing bugs and 31 vulnerabilities, together with 117.0.5938.92, 117.0.5938.88, 117.0.5938.62, 116.0.5845.187 and 116.0.5845.179. Google is aware that an exploit for CVE-2023-5217 exists in the wild. High...

Updated libwebp packages fix a security vulnerability

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Updated libvpx packages fix security vulnerability

Heap buffer overflow in vp8 encoding in libvpx allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Updated iperf packages fix security vulnerability

It was discovered that iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field CVE-2023-38403...

Updated giflib packages fix security vulnerability

The updated packages fix a security vulnerability: giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. CVE-2023-39742...

Updated xrdp packages fix security vulnerability

In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in session restrictions such as max concurrent sessions per user by PAM ex...

Updated wireshark packages fix security vulnerabilities

The updated wireshark packages fix security vulnerabilities: Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. CVE-2023-2906 BT SDP dissector...

Updated indent package fixes security vulnerabilities

GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 GNU indent 2.2.13 has a heap overread in lexi...

Updated flac packages fix security vulnerability

The updated packages fix a security vulnerability: Buffer Overflow vulnerability in function bitwritergrow in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. CVE-2020-22219...

Updated java packages fix security vulnerabilities

The updated packages fix security vulnerabilities and a file conflict : Improper connection handling during TLS handshake. CVE-2023-21930 Incorrect enqueue of references in garbage collector. CVE-2023-21954 Certificate validation issue in TLS session negotiation. CVE-2023-21967 Swing HTML parsing...

Updated quictls packages fix security vulnerabilities

The updated packages fix security vulnerabilities: AES-SIV implementation ignores empty associated data entries. CVE-2023-2975 Excessive time spent checking DH keys and parameters. CVE-2023-3446 Excessive time spent checking DH q parameter value. CVE-2023-3817...

Updated libxml2 packages fix a security vulnerability

The updated packages fix a security vulnerability: Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. CVE-2023-39615...

Updated glibc packages fix security and other bugs

getaddrinfo: Fix use after free in getcanonname CVE-2023-4806 Stack read overflow with large TCP responses in no-aaaa mode CVE-2023-4527 elf: Introduce to dlcallfini elf: Do not run constructors for proxy objects elf: Always call destructors in reverse constructor order BZ 30785 elf: Remove unuse...

Updated vim packages fix security vulnerability

Use After Free in GitHub repository vim/vim prior to 9.0.1840. CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 Use After Free in GitHub repository vim/vim prior to 9.0.1858. CVE-2023-4752...

Updated ghostpcl packages fix security vulnerability

An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. CVE-2023-38560...

Updated file packages fix security vulnerability

File before 5.43 has a stack-based buffer over-read in filecopystr in funcs.c. CVE-2022-48554...

Updated firefox/thunderbird packages fix security vulnerability

Use-after-free in workers. CVE-2023-3600 File Extension Spoofing using the Text Direction Override Character. CVE-2023-3417 Offscreen Canvas could have bypassed cross-origin restrictions. CVE-2023-4045 Incorrect value used during WASM compilation. CVE-2023-4046 Potential permissions request bypas...

Updated curl packages fix security vulnerability

TELNET option IAC injection. CVE-2023-27533 SFTP path resolving discrepancy. CVE-2023-27534 FTP too eager connection reuse. CVE-2023-27535 GSS delegation too eager connection re-use. CVE-2023-27536 HSTS double free. CVE-2023-27537 SSH connection too eager reuse still. CVE-2023-27538 UAF in SSH...

Updated nodejs packages fix security vulnerability

This is a security release. As well, it fixes v8 headers detection mga28809 The following CVEs are fixed in this release: CVE-2023-32002: Policies can be bypassed via Module.load High CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire Medium CVE-2023-32559: Policies can ...

Updated libtommath packages fix security vulnerability

libtomath is vulnerable to an Integer Overflow vulnerability that could allow attackers to execute arbitrary code and cause a denial of service DoS. CVE-2023-36328...

Updated unrar packages fix security vulnerability

Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. CVE-2023-40477...

Updated poppler packages fix security vulnerability

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service DoS via crafted .pdf file to FoFiType1C::cvtGlyph function. CVE-2020-36023 An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial...