Updated firefox packages fix security vulnerability

expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Fixes webrtc...

Updated nginx packages fix security vulnerability

Two security issues were identified in the ngxhttpmp4module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact. CVE-2022-41741, CVE-2022-41742...

Updated minidlna packages fix security vulnerability

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files. CVE-2022-26505...

Updated heimdal packages fix security vulnerability

Heimdal was not properly handling logical conditions that related to memory management operations. An attacker could possibly use this issue to cause a denial of service. CVE-2022-3116...

Updated cups packages fix security vulnerability

Authentication bypass and code execution vulnerability. CVE-2022-26691...

Updated krb5-appl packages fix security vulnerability

NULL pointer dereference in krb5-appl telnetd. CVE-2022-39028...

Updated thunderbird packages fix security vulnerability

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674...

Updated git packages fix security vulnerability

CVE-2022-39253: A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. CVE-2022-39260: Allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. CVE-2022-29187:...

Updated virtualbox packages fix security vulnerabilities

This update provides the upstream 6.1.40 maintenance release that fixes at least the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 6.1.40 contains a difficult to exploit vulnerability that allows high privileged attacker with logon to the infrastructure...

Updated epiphany packages fix security vulnerability

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow in ephystringshorten in the UI process via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. CVE-2022-29536...

Updated freerdp packages fix security vulnerability

FreeRDP is a free implementation of the Remote Desktop Protocol RDP. In versions prior to 2.7.0, NT LAN Manager NTLM authentication does not properly abort when someone provides and empty password value. This issue affects FreeRDP based RDP Server implementations. RDP clients are not affected. Th...

Updated libconfuse packages fix security vulnerability

cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320...

Updated libosip2 packages fix security vulnerability

GNU oSIP v5.3.0 was discovered to contain an integer overflow via the component osipbodyparseheader. CVE-2022-41550...

Updated perl-Image-ExifTool packages fix security vulnerability

lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file = /|$/ check, leading to command injection. CVE-2022-23935...

Updated bind packages fix security vulnerability

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 By spoofing the target resolver with responses that have a malformed ECDSA...

Updated poppler packages fix security vulnerability

Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described...

Updated ntfs-3g packages fix security vulnerability

ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+5123-2. CVE-2021-46790 An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...

Updated e2fsprogs packages fix security vulnerability

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. CVE-2022-1304...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest V...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM...

Updated sos packages fix security vulnerability

SoS incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. CVE-2022-2806...

Updated dhcp packages fix security vulnerability

In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addoption, it increases the option's refcount field. However, there is not a corresponding call to optiondereference to decrement the refcount field. The function addoption is on...

Updated python-joblib packages fix security vulnerability

Arbitrary Code Execution in joblib CVE-2022-21797...

Updated firefox packages fix security vulnerability

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries CVE-2022-42927. Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.119 version, fixing many bugs and 6 vulnerabilities. Some of the security fixes are: High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang @eternalsakura13 and Yong Liu of 360 Vulnerability...

Updated dokuwiki packages fix security vulnerability

Cross-site Scripting XSS - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a. CVE-2022-3123...

Updated golang packages fix security vulnerability

regexp/syntax: limit memory used by parsing regexps CVE-2022-41715 archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880...

Updated unzip packages fix security vulnerability

Improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. CVE-2021-4217 Conversion of a wide string to a local string that leads to a heap of out-of-bound write. Thi...

Updated lighttpd packages fix security vulnerability

In lighttpd 1.4.65, modwstunnel does not initialize a handler function pointer if an invalid HTTP request websocket handshake is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. CVE-2022-37797 A...

Updated mediawiki packages fix security vulnerability

HTMLUserTextField exposes existence of hidden users CVE-2022-41765. reassignEdits doesn't update results in an IP range check on Special:Contributions CVE-2022-41767...

Updated libofx packages fix security vulnerability

The updated packages fix memory issues in libofx. rhbz2127755...

Updated python packages fix security vulnerability

The mailcap module does not add escape characters into commands discovered in the system mailcap file. CVE-2015-20107 Allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. CVE-2021-4189 The urlparse method does not...

Updated python3 packages fix security vulnerability

Converting between int and str in bases other than 2 binary, 4, 8 octal, 16 hexadecimal, or 32 such as base 10 decimal now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. CVE-2020-10735...

Updated enlightenment packages fix security vulnerability

Updated enlightenment package to fix the security vulnerability, CVE-2022-37706 that would allow an user to gain root privileges...

Updated unbound packages fix security vulnerability

Non-Responsive Delegation Attack. CVE-2022-3204 Improves performance when under load, by cutting promiscuous queries for nameserver discovery and limiting the number of times a delegation point can look in the cache for missing records...

Updated php packages fix security vulnerability

Core Fixed bug GH-9323 Crash in ZENDRETURN/GC/zendcallfunction Fixed bug GH-9361 Segmentation fault on script exit 9379. Fixed bug GH-9407 LSP error in eval'd code refers to wrong class for static type. Fixed bug 81727: Don't mangle HTTP variable names that clash with ones that have a specific...

Updated colord packages fix security vulnerability

There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'errmsg' of 'sqlite3exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it...

Updated libvncserver packages fix security vulnerability

libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup. CVE-2020-29260...

Updated kitty packages fix security vulnerability

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. CVE-2022-41322...

Updated dbus packages fix security vulnerability

A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.61 version, fixing many bugs and 20 vulnerabilities; it brings as well some improvements. Some of the security fixes are: High CVE-2022-3304: Use after free in CSS. High CVE-2022-3201: Insufficient...

Updated golang packages fix security vulnerability

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path...

Updated bash packages fix security vulnerability

Bash has been updated to version 5.1.16 using a patch from Fedora to fix a security issue by adding a null check in the parameterbracetransform function...

Updated firejail packages fix security vulnerability

root escalation in --join logic CVE-2022-31214...

Updated perl-HTTP-Daemon packages fix security vulnerability

Request smuggling in HTTP::Daemon CVE-2022-31081...

Updated expat packages fix security vulnerability

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674...

Updated libjpeg packages fix security vulnerability

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c. CVE-2021-468...

Updated squid packages fix security vulnerability

Exposure of Sensitive Information in Cache Manager. CVE-2022-41317 Buffer Over Read in SSPI and SMB Authentication. CVE-2022-41318...

Updated nodejs packages fix security vulnerability

DNS rebinding in --inspect on macOS CVE-2022-32212 Bypass via obs-fold mechanic CVE-2022-32213 HTTP Request Smuggling Due to Incorrect Parsing of Header Fields CVE-2022-35256...

Updated python-mako packages fix security vulnerability

Denial of service attack via crafted regular expressions. CVE-2022-40023...