Updated libxml2 packages fix security vulnerability

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

Updated avahi packages fix security vulnerability

Fixes crash on some invalid DBus calls. CVE-2023-1981...

Updated git packages fix security vulnerability

By feeding specially crafted input to 'git apply --reject', a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunks from the given patch. CVE-2023-25652. When Git is compiled with runtime prefix support and runs without translated...

Updated virtualbox packages fix security vulnerabilities

This update provides the upstream 7.0.8 maintenance release that fixes at least the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 7.0.8. A difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM...

Updated emacs packages fix security vulnerability

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. CVE-2023-28617...

Updated tcpdump packages fix security vulnerability

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. CVE-2023-1801...

Updated dnsmasq packages fix security vulnerability

A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. CVE-2023-28450...

Updated php-smarty packages fix security vulnerability

Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...

Updated squirrel/supertux packages fix security vulnerability

sqclass.cpp in Squirrel 3.1 allows an out-of-bounds read in the core interpreter that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as Fi...

Updated redis packages fix security vulnerability

Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access. CVE-2023-28856...

Updated openimageio packages fix security vulnerability

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...

Updated kernel-linus packages fix security vulnerability

This kernel-linus update is based on upstream 5.15.106 and fixes atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tunta...

Updated kernel packages fix security vulnerability

This kernel update is based on upstream 5.15.106 and fixes atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap...

Updated python-certifi packages fix security vulnerability

Disable bundled Trustcor root cerificate signatures generated after Wednesday November 30 00:00:00 2022. CVE-2022-23491...

Updated libheif packages fix security vulnerability

Vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. CVE-2023-0996...

Updated golang packages fix security vulnerability

DOS due to incorrect HTTP and MIME header parsing CVE-2023-24534 DOS due to incorrect Multipart form parsing CVE-2023-24536 Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...

Updated jpegoptim packages fix security vulnerability

A heap overflow can occur with crafted JPEG image file. CVE-2023-27781...

Updated thunderbird packages fix security vulnerability

Fullscreen notification obscured. CVE-2023-29533 Double-free in libwebp. MFSA-TMP-2023-0001 Potential Memory Corruption following Garbage Collector compaction. CVE-2023-29535 Invalid free from JavaScript code. CVE-2023-29536 Revocation status of S/Mime recipient certificates was not checked...

Updated python-flask-restx packages fix security vulnerability

Fixes unspecified security issues...

Updated ceph packages fix security vulnerability

Openstack manilla owning a Ceph File system "share", enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system...

Updated firefox packages fix security vulnerability

Updated firefox and libwebp packages fix security vulnerabilities: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash CVE-2023-1945. A website could have obscured the fullscreen notification by using a combination of...

Updated davmail packages fix security vulnerability

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1...

Updated tomcat packages fix security vulnerability

Information disclosure due to concurrency bug CVE-2021-43980 Fix for CVE-2020-9484 introduced a time of check, time of use vulnerability CVE-2022-23181 Correct documentation to warn of use over untrusted networks. CVE-2022-29885 Correct documentation showing use of XSS vulnerability. CVE-2022-343...

Updated sudo packages fix security vulnerability

Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487...

Updated imgagmagick packages fix security vulnerability

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial o...

Updated vim packages fix security vulnerability

"rvim" can execute a shell through :diffpatch...

Updated tigervnc/x11-server packages fix security vulnerability

A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...

Updated ipmitool packages fix security vulnerability

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged...

Updated openssl packages fix security vulnerability

A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

Updated ghostscript packages fix security vulnerability

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...

Updated thunderbird packages fix security vulnerability

Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack. CVE-2023-28427...

Updated libapreq2 packages fix security vulnerability

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. CVE-2022-22728...

Updated peazip packages fix security vulnerability

Denial of service via the End of Archive tag function of the peazip/pea UNPEA feature. CVE-2023-24785...

Updated ldb/samba packages fix security vulnerability

Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users CVE-2023-0225 Read access controlled AD LDAP attributes CVE-2023-0614 Cleartext password sending by AD DC admin tool CVE-2023-0922...

Updated stellarium packages fix security vulnerability

Attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal. CVE-2023-28371...

Updated zstd packages fix security vulnerability

Buffer overrun in util.c CVE-2022-4899...

Updated python-cairosvg packages fix security vulnerability

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...

Updated opencontainers-runc packages fix security vulnerability

/sys/fs/cgroup is writable when cgroupns isn't unshared CVE-2023-25809 Regression that reintroduced CVE-2019-19921 - Incorrect Access Control leading to Escalation of Privileges CVE-2023-27561 AppArmor/SELinux bypass with symlinked /proc CVE-2023-28642...

Updated perl-Cpanel-JSON-XS packages fix security vulnerability

Fixes some bugs including a security vulnerability when decoding hash keys without ending ':'...

Updated xapian packages fix security vulnerability

Xapian database corruption on disk full is possible. It doesn't happen in every case as ENOSPC needs to happen on a particular operation during the commit but then not happen on a repeat attempt at that operation. bdo1032398...

Updated dino packages fix security vulnerability

When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the user’s personal bookmark store without requiring further user interaction. CVE-2023-28686...

Updated tigervnc/x11-server packages fix security vulnerability

DeepCopyPointerClasses use-after-free leads to privilege elevation. CVE-2023-0494...

Updated snort packages fix security vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

Updated perl-Net-Server packages fix security vulnerability

Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter. CVE-2013-1841...

Updated thunderbird packages fix security vulnerability

Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...

Updated firefox packages fix security vulnerability

Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash CVE-2023-25751. When accessing throttled streams, the count of available bytes needed to be checked in the calling...

Updated python-flask-security packages fix security vulnerability

Open redirect CVE-2021-23385...

Updated unarj packages fix security vulnerability

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. CVE-2004-0947 Directory traversal vulnerability in the -x extract command line option in unarj allows remote attackers to overwrite arbitrary files via an ar...

Updated vim packages fix security vulnerability

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. CVE-2023-1127 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. CVE-2023-1170 Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. CVE-2023-1175...

Updated libmicrohttpd packages fix security vulnerability

In the MHDPostProcessor, malformed inputs can be used to crash the server for denial-of-service...