Updated python-requests packages fix security vulnerability

Forwarding proxy credentials to the destination server unintentionally CVE-2023-32681...

Updated libcap packages fix security vulnerability

A vulnerability was found in the pthreadcreate function in libcap. This issue may allow a malicious actor to use cause realpthreadcreate to return an error, which can exhaust the process memory. CVE-2023-2602 A vulnerability was found in libcap. This issue occurs in the libcapstrdup function and...

Updated mediawiki packages fix security vulnerability

Bundled PapaParse copy in VisualEditor has known ReDos CVE-2020-36649. An issue was discovered in MediaWiki before 1.35.9. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These fil...

Updated sofia-sip packages fix security vulnerability

The OOB read and integer-overflow made by attacker may lead to crash, high consumption of memory or even other more serious consequences. CVE-2023-32307...

Updated sqlite packages fix security vulnerability

osunix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service application crash, or have unspecified other impact by leveraging use of the current working directory for...

Updated xonotic packages fix security vulnerability

A bug was discovered in versions older than 0.8.6 that is believed to be exploitable by malicious server admins to crash clients or, if they defeat mitigations, execute arbitrary code. No working exploit code is known to exist at this time, See referenced release notes for other changes...

Updated python-tornado packages fix security vulnerability

Remote unauthenticated attacker may redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was fou...

Updated sysstat packages fix security vulnerability

Multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. CVE-2023-33204...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.117 and fixes atleast the following security issues: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs CVE-2022-48425. An out-of-bounds memory access flaw was found in...

Updated thunderbird packages fix security vulnerability

Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Memory safety bugs fixed in Thunderbird 102.12 CVE-2023-34416...

Updated cups packages fix security vulnerability

A heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function 'formatlogline' could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when...

Updated httpie packages fix security vulnerability

Cookie exposure to third parties CVE-2022-24737...

Updated firefox/nss packages fix security vulnerability

Click-jacking certificate exceptions through rendering lag. CVE-2023-34414 Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12. CVE-2023-34416...

Updated webkit2 packages fix security vulnerability

Out-of-bounds read CVE-2023-28204 Use-after-free issue CVE-2023-32373...

Updated libreoffice packages fix security vulnerability

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...

Updated python-flask packages fix security vulnerability

Client 'session' cookie sent to other clients CVE-2023-30861...

Updated openssl packages fix security vulnerability

Possible DoS translating ASN.1 object identifiers. CVE-2023-2650...

Updated postgresql packages fix security vulnerability

CREATE SCHEMA ... schemaelement defeats protective searchpath changes. CVE-2023-2454 Row security policies disregard user ID changes after inlining. CVE-2023-2455...

Updated tomcat packages fix security vulnerability

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted...

Updated cups-filters packages fix security vulnerability

Possible command injection in the Backend Error Handler CVE-2023-24805...

Updated qtbase5 packages fix security vulnerability

Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. CVE-2023-32762 QTextLayout buffer overflow in SVG file...

Updated tcpreplay packages fix security vulnerability

An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpeditdltcleanup function at plugins/dltplugins.c. CVE-2023-27783 An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the readhexstring function ...

Updated vim packages fix security vulnerability

Use of Out-of-range Pointer Offset in GitHub repository vim/vim. CVE-2023-2426...

Updated mariadb packages fix security vulnerability

It is possible for function spiderdbmbase::printwarnings to dereference a null pointer. CVE-2022-47015...

Updated python-reportlab packages fix security vulnerability

Updates python3-reportlab includes a security fix and other minor bug fixes. See references for details...

Updated apache-mod_security packages fix security vulnerability

HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall CVE-2022-48279 Incorrect handling of '\0' bytes in file uploads in ModSecurity may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules...

Updated glib2.0 packages fix security vulnerability

Denial of service caused by handling a malicious text-form variant. CVE-2023-24593 Denial of service caused by malicious serialised variant. CVE-2023-25180...

Updated webkit2 packages fix security vulnerability

HTML document may be able to render iframes with sensitive user information CVE-2022-0108 maliciously crafted web content may lead to arbitrary code execution. CVE-2022-32885 use-after-free vulnerability exists in WebCore::RenderLayer. This issue allows remote attackers to execute arbitrary code ...

Updated libssh packages fix security vulnerability

Potential NULL dereference during rekeying with algorithm guessing. CVE-2023-1667 Authorization bypass in pkiverifydatasignature. CVE-2023-2283...

Updated freetype2 packages fix security vulnerability

An integer overflow vulnerability was discovered in Freetype in tthvadvanceadjust function in src/truetype/ttgxvar.c. CVE-2023-2004...

Updated suricata packages fix security vulnerability

Various security, performance, accuracy and stability issues. See referenced package announcements for details...

Updated sniproxy packages fix security vulnerability

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy. A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability. CVE-2023-25076...

Updated patchelf packages fix security vulnerability

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc. CVE-2022-44940...

Updated dmidecode packages fix security vulnerability

Dmidecode allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. CVE-2023-30630...

Updated python-sqlparse packages fix security vulnerability

ReDoS Regular Expression Denial of Service CVE-2023-30608...

Updated cmark packages fix security vulnerability

cmark incorrectly handled certain inputs. Fixes quadratic complexity in handleclosebracket "" which may lead to a denial of service CVE-2023-22486. Noting that this also fixes a quadratic parsing issue with repeated comment tags that was not in a released product but which was assigned a CVE...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.110 and fixes atleast the following security issues: A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. This issue could occur when associnfo-reqlen data is bigger than t...

Updated connman packages fix security vulnerability

client.c in gdhcp in ConnMan could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process. CVE-2023-28488...

Updated freeimage packages fix security vulnerability

Buffer Overflow vulnerability leading to denial of service via a crafted JXR file. CVE-2021-33367...

Updated golang packages fix security vulnerability

Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input...

Updated firefox/nss/rootcerts packages fix security vulnerability

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks CVE-2023-32205. An out-of-bounds read could have led to a crash in the RLBox Expat driver CVE-2023-32206. A missing delay in popup...

Updated python-pillow packages fix security vulnerability

libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. CVE-2022-30595 Improper Handling of Highly Compressed GIF Data Data Amplification. CVE-2022-45198...

Updated thunderbird packages fix security vulnerability

Browser prompts could have been obscured by popups. CVE-2023-32205 Crash in RLBox Expat driver. CVE-2023-32206 Potential permissions request bypass via clickjacking. CVE-2023-32207 Content process crash due to invalid wasm code. CVE-2023-32211 Potential spoof due to obscured address bar...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.110 and fixes atleast the following security issues: A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. This issue could occur when associnfo-reqlen data is bigger than the siz...

Updated python-django packages fix security vulnerability

Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. CVE-2023-24580 Bypass of validation when using one form field to upload multiple files. This...

Updated indent packages fix security vulnerability

Multiple memory safety issues bsc1209718...

Updated imagemagick packages fix security vulnerability

A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of...

Updated libfastjson packages fix security vulnerability

Integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. CVE-2020-12762...

Updated parcellite packages fix security vulnerability

Parcellite clipboard manager might cause your copied secrets to be stored in the plain-text form in the system logs...