Updated samba packages fix security vulnerability

There is a limited write heap buffer overflow in the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal included in Samba. Some SMB1 write requests were not correctly range checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into...

Updated php packages fix security vulnerability

Update to php version 8.0.27 fixes PDO/SQLite, where PDO::quote may return unquoted string See referenced changelog for other changes...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.88 and fixes atleast the following security issues: A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.88 and fixes atleast the following security issues: A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first grufileunlockedioctl function is called by the user, where a fail pass occurs in the grucheckchipletassignment...

Updated w3m packages fix security vulnerability

There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. CVE-2022-38223...

Updated ctags packages fix security vulnerability

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

Updated xrdp packages fix security vulnerability

xrdp less than v0.9.21 contain a buffer over flow in xrdploginwndcreate function. CVE-2022-23468 xrdp less than v0.9.21 contain a buffer over flow in audinsendopen function. CVE-2022-23477 xrdp less than v0.9.21 contain a Out of Bound Write in xrdpmmtransprocessdrdynvcchannelopen function...

Updated python-gitpython packages fix security vulnerability

Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments...

Updated ffmpeg packages fix security vulnerability

An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointer dereference, impacting availability. CVE-2022-3109...

Updated minetest packages fix security vulnerability

This update provides minetest 5.6.1, the latest stable release of the open source voxel game. This updates provides a number of feature and bug fix changes compared to the previous version 5.4.0 provided in Mageia 8. See the linked release notes and changelogs for details. The update also improve...

Updated freeradius packages fix security vulnerability

Information leakage in EAP-PWD. CVE-2022-41859 Crash on unknown option in EAP-SIM. CVE-2022-41860 Crash on invalid abinary data. CVE-2022-41861...

Updated python-ujson packages fix security vulnerability

Fixes len integer overflow issue. RHBZ2149975 Ultrajson doesn't build on webassembly e.g. pyodide because the version of double-conversion used is too old. This updates it to a newer version which supports webassembly...

Updated libtar packages fix security vulnerability

After tarclose, libtar.c releases the memory pointed to by pointer t. After tarclose is called in the list function, it continues to use pointer t: freelonglinklongnamet-thbuf . As a result, the released memory is used use-after-free. CVE-2021-33640...

Updated webkit2 packages fix security vulnerability

The updated packages fix security vulnerabilities and other issues. See references for details...

Updated sogo packages fix security vulnerability

Missing SAML signature validation in the SOGo groupware could result in impersonation attacks. CVE-2021-33054...

Updated libksba packages fix security vulnerability

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. CVE-2022-47629...

Updated thunderbird packages fix security vulnerability

Drag and Dropped Filenames could have been truncated to malicious extensions. CVE-2022-46874...

Updated curl packages fix security vulnerability

Another HSTS bypass via IDN. CVE-2022-43551 HTTP Proxy deny use-after-free. CVE-2022-43552...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 108.0.5359.124 release, fixing 8 vulnerabilities. Some of the security fixes are ... High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous on 2022-11-15 High CVE-2022-4437: Use after free in Mojo IPC. Reported by...

Updated advancecomp packages fix security vulnerability

advancecomp has been updated to fix a number of bugs and security issues...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.82 and fixes atleast the following security issues: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver,...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.82 and fixes atleast the following security issues: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the drive...

Updated firefox packages fix security vulnerability

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages CVE-2022-46872. A drag-and-dropped file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious...

Updated thunderbird packages fix security vulnerability

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages CVE-2022-46872. A drag-and-dropped file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious...

Updated python-slixmpp packages fix security vulnerability

Fixes missing certificate hostname validation...

Updated xfce4-settings packages fix security vulnerability

argument injection vulnerability in xfce4-mime-helper from the xfce4-settings package...

Updated golang packages fix security vulnerability

net/http: limit canonical header cache by bytes, not entries bsc1206135 CVE-2022-41717...

Updated couchdb packages fix security vulnerability

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front o...

Updated libetpan packages fix security vulnerability

Null pointer dereference in mailimapmailboxdatastatusfree in low-level/imap/mailimaptypes.c. CVE-2022-4121...

Updated krb5 packages fix security vulnerability

Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution in a KDC, kadmin, or GSS or Kerberos application server process, information exposure to a cross-realm KDC acting maliciously, or denial of servi...

Updated heimdal packages fix security vulnerability

Isaac Boukris reported that the Heimdal KDC before 7.7.1 does not apply delegationnotallowed aka not-delegated user attributes for S4U2Self. Instead the forwardable flag is set even if the impersonated client has the not-delegated flag set. CVE-2019-14870 Joseph Sutton discovered that the Heimdal...

Updated freerdp packages fix security vulnerability

Affected versions of FreeRDP are missing input length validation in 'drive' channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. CVE-2022-41877...

Updated leptonica packages fix security vulnerability

This update fixes a denial of service vulnerability in leptonlib. It can be made to crash with an arithmetic exception on specially crafted JPEG files. CVE-2022-38266...

Updated libarchive packages fix security vulnerability

In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. CVE-2022-36227...

Updated rxvt-unicode packages fix security vulnerability

rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. CVE-2022-4170...

Updated rootcerts packages fix security vulnerability

Set CKANSSSERVERDISTRUSTAFTER and CKANSSEMAILDISTRUSTAFTER for 3 TrustCor Root Certificates. r=KathleenWilson...

Updated nodejs-json-schema packages fix security vulnerability

node-json-schema, JSON Schema validation and specifications, was vulnerable to Improperly Controlled Modification of Object Prototype Attributes. CVE-2021-3918...

Updated vim packages fix security vulnerability

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. CVE-2022-4141...

Updated shadowutils packages fix security vulnerability

shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees. CVE-2013-4235...

Updated emacs packages fix security vulnerability

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

Updated busybox packages fix security vulnerability

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. CVE-2022-30065...

Updated netkit-telnet packages fix security vulnerability

2-byte DoS in netkit-telnetd. CVE-2022-39028...

Updated matio packages fix security vulnerability

matio aka MAT File I/O Library 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble called from ReadInt32Data and MatVarRead4. CVE-2020-36428 matio aka MAT File I/O Library 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MMmemcpy called from H5MMmalloc and...

Updated awstats packages fix security vulnerability

AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. CVE-2022-46391...

Updated admesh packages fix security vulnerability

Security fix for TALOS-2022-1594...

Updated ruby packages fix security vulnerability

If an application that generates HTTP responses using the cgi gem with untrusted user input, an attacker can exploit it to inject a malicious HTTP response header and/or body. Also, the contents for a CGI::Cookie object were not checked properly. If an application creates a CGI::Cookie object bas...

Updated libtiff packages fix security vulnerability

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tifgetimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. CVE-2022-3970...

Updated jbigkit packages fix security vulnerability

JBIG-KIT could be made to crash if it opened a specially crafted file. CVE-2017-9937...

Updated freerdp packages fix security vulnerability

In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the new 108 branch with the 108.0.5359.94 release, fixing many bugs and 29 vulnerabilities, together with 107.0.5304.121 and 108.0.5359.71. Some of the security fixes are - CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao...