Updated freerdp packages fix security vulnerability

In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...

Updated erlang packages fix security vulnerability

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. CVE-2022-37026...

Updated imagemagick packages fix security vulnerability

A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. CVE-2021-3574 A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows a...

Updated radare2/rizin packages fix security vulnerability

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. CVE-2021-32613 A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS...

Updated botan packages fix security vulnerability

Fixed validation of embedded certificates was when checking OCSP responses CVE-2022-43705...

Updated xterm packages fix security vulnerability

xterm before patch 375 can enable an RCE under certain conditions...

Updated golang packages fix security vulnerability

Fixed unsanitized NUL in environment variables in syscalls, os/exec go56327 bsc1204941. CVE-2022-41716 runtime: lock count" fatal error when cgo is enabled go56308...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an iouring request and the Unix socket garbage collector, allowing an attacker local privilege escalation CVE-2022-2602. A...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an iouring request and the Unix socket garbage collector, allowing an attacker local privilege escalation CVE-2022-2602. A...

Updated tumbler packages fix security vulnerability

gst-thumbnailer: Add mime type check gxoxfce/tumbler65 desktop-thumbnailer: Guard against null path Fix typo in gthread version gxoxfce/tumbler!14...

Updated libx11 packages fix security vulnerability

Memory leak in XRegisterIMInstantiateCallback. CVE-2022-3554 Memory leak in XFreeX11XCBStructure. CVE-2022-3555...

Updated java packages fix security vulnerability

Class compilation issue. CVE-2022-21540 Improper restriction of MethodHandle.invokeBasic. CVE-2022-21541 Integer truncation issue in Xalan-J. CVE-2022-34169 Improper MultiByte conversion can lead to buffer overflow. CVE-2022-21618 Improper handling of long NTLM client hostnames. CVE-2022-21619...

Updated dropbear packages fix security vulnerability

Updated dropbear package fixes a security vulnerability in dbclient:. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measure...

Updated freerdp packages fix security vulnerability

FreeRDP based clients on unix systems using /parallel command line switch might read uninitialized data and send it to the server the client is currently connected to. CVE-2022-39282 All FreeRDP based clients when using the /video command line switch might read uninitialized data, decode it as...

Updated sysstat packages fix security vulnerability

On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representin...

Updated x11-server packages fix security vulnerability

Buffer overflow in function GetCountedString of the file xkb/xkb.c. CVE-2022-3550 Memory leak in the function ProcXkbGetKbdByName of the file xkb/xkb.c. CVE-2022-3551...

Updated php-pear-CAS packages fix security vulnerability

This update fixes a vulnerability in this lib. For details see refererenced github advisory...

Updated varnish packages fix security vulnerability

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce...

Updated vim packages fix security vulnerability

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. CVE-2022-2000, CVE-2022-2129, CVE-2022-2210 Use After Free in GitHub repository vim/vim prior to 8.2. CVE-2022-2042 Buffer Over-read in GitHub repository vim/vim prior to 8.2. CVE-2022-2124, CVE-2022-2175 Heap-based Buffer Overflow in...

Updated firefox packages fix security vulnerability

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations CVE-2022-43680. Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for...

Updated systemd packages fix security vulnerability

buffer overrun in formattimespan function bsc1204968 CVE-2022-3821 Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 0469b9f2bc pstore: do not try to load all known pstore modules ad05f54439 pstore: Run after modules are loaded ccad817445 core: Add trigger limit for path units 281d818fe3...

Updated thunderbird packages fix security vulnerability

Service Workers might have learned size of cross-origin media files. CVE-2022-45403 Fullscreen notification bypass. CVE-2022-45404 Use-after-free in InputStream implementation. CVE-2022-45405 Use-after-free of a JavaScript Realm. CVE-2022-45406 Fullscreen notification bypass via windowName...

Updated sudo packages fix security vulnerability

Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer...

Updated wayland packages fix security vulnerability

An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wlshm buffer objects, or if it...

Updated exiv2 packages fix security vulnerability

Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to integer overflow. It is possible to launch the attack remotely. CVE-2022-3756...

Updated pcre packages fix security vulnerability

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in...

Updated nodejs packages fix security vulnerability

DNS rebinding in --inspect via invalid octal IP address CVE-2022-43548 In addition, 14.21.0 has provided the following changes: deps update corepack to 0.14.2 Node.js GitHub Bot 44775 src add --openssl-shared-config option Daniel Bevenius 43124...

Updated webkit2 packages fix security vulnerability

The updated packages fix a security vulnerability and other issues...

Updated chromium-browser-stable packages fix security vulnerabilities

The chromium-browser-stable package has been updated to the new 107 branch with the 107.0.5304.87 version, fixing many bugs and 15 vulnerabilities, together with 107.0.5304.68. Some of the security fixes are: High CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at S.S.L Team...

Updated binutils/gdb packages fix security vulnerability

libiberty: Heap/stack buffer overflow in the dlanglname function in d-demangle.c CVE-2021-3826 binutils: heap-based buffer overflow in bfdgetl32 when called by stripmain in objcopy.c via a crafted file CVE-2022-38533...

Updated pixman packages fix security vulnerability

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow in pixmansamplefloory. CVE-2022-44638...

Updated libtiff packages fix security vulnerability

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. CVE-2022-3599 LibTIFF 4.4.0 has an out-of-bounds write in TIFFmemset in libtiff/tifunix.c:340 when called from processCropSelections,...

Updated ffmpeg packages fix security vulnerability

This update provides ffmpeg version 4.3.5, which fixes several security vulnerabilities and other bugs which were corrected upstream...

Updated libtasn1 packages fix security vulnerability

GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder. CVE-2021-46848...

Updated bluez packages fix security vulnerability

The updated packages add one additional fix for security vulnerabilities. See references for details...

Updated 389-ds-base packages fix security vulnerability

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated ttacker to cause a denial of service. This CVE is assigned against an incomplete fix o...

Updated mbedtls packages fix security vulnerability

An unauthenticated remote host could send an invalid ClientHello message in which the declared length of the cookie extends past the end of the message. A DTLS server with MBEDTLSSSLDTLSCLIENTPORTREUSE enabled would read past the end of the message up to the declared length of the cookie. This...

Updated libtiff packages fix security vulnerability

There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1. CVE-2022-2519 A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input. CVE-2022-2520 It w...

Updated libxml2 packages fix security vulnerability

Integer overflows with XMLPARSEHUGE. CVE-2022-40303 Dict corruption caused by entity reference cycles. CVE-2022-40304...

Updated wkhtmltopdf packages fix security vulnerability

Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations. CVE-2020-21365...

Updated ntfs-3g packages fix security vulnerability

NTFS-3G could be made to crash or run programs as an administrator if it mounted a specially crafted disk. CVE-2022-40284...

Updated expat packages fix security vulnerability

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680...

Updated virglrenderer packages fix security vulnerability

An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer virglrenderer. This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPUEXECBUFFER ioctl, leading to a denial of service or possible code execution. CVE-2022-0135 A flaw was...

Updated nbd packages fix security vulnerability

It was discovered that nbd prior to 3.24 contained an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name resulting in a write to a dangling pointer CVE-2022-26495. Stack-based...

Updated gdk-pixbuf2.0 packages fix security vulnerability

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. CVE-2021-44648...

Updated curl packages fix security vulnerability

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. CVE-2022-32221...

Updated php packages fix security vulnerability

GD - Fixed bug 81739: OOB read due to insufficient input validation in imageloadfont. Hash - Fixed bug 81738: buffer overflow in hashupdate on long parameter. Session - Fixed bug GH-9583 sessioncreateid fails with user defined save handler that doesn't have a validateId method. Streams - Fixed bu...

Updated libksba packages fix security vulnerability

Integer Overflow in LibKSBA. CVE-2022-3515...

Updated libreoffice packages fix security vulnerability

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal...

Updated http-parser packages fix security vulnerability

http-parser could be made to expose sensitive data if it received a specially crafted request. CVE-2020-8287...