Updated openscad packages fix security vulnerability

Out-of-bounds memory access in DXF loader. CVE-2022-0496 Out-of-bounds memory access in comment parser. CVE-2022-0497...

Updated git packages fix security vulnerability

On multi-user machines, Git users might find themselves unexpectedly in a Git worktree, e.g. when another user created a repository in /tmp, in a mounted network drive or in a scratch space. Merely having a Git-aware prompt that runs 'git status' or 'git diff' and navigating to a directory which ...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 100.0.4896.127 version, fixing many CVE, along with fixes from the 100.0.4896.75 and 100.0.4896.88 versions. Google is aware that an exploit for CVE-2022-1364 exists in the wild. 1315901 High CVE-2022-1364: Type Confusion in V8. Reported...

Updated mediawiki packages fix security vulnerability

Title::newMainPage goes into an infinite recursion loop if it points to a local interwiki CVE-2022-28201. Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete CVE-2022-28202. Requesting Special:NewFiles on a wiki with many file uploads with acto...

Updated libarchive packages fix security vulnerability

7zip reader: fix PPMD read beyond boundary. ZIP reader: fix possible out of bounds read. ISO reader: fix possible heap buffer overflow in readchildren. RARv4 redaer: fix multiple issues in RARv4 filter code introduced in libarchive 3.6.0: - fix heap use after free in archivereadformatrarreaddata;...

Updated docker-containerd packages fix security vulnerability

Containers were incorrectly started with non-empty inheritable Linux process capabilities CVE-2022-24769...

Updated crun packages fix security vulnerability

Containers were started incorrectly with non-empty inheritable Linux process capabilities. CVE-2022-27650...

Updated ruby packages fix security vulnerability

Double free in Regexp compilation CVE-2022-28738. A buffer overrun was found in String-to-Float conversion CVE-2022-28739...

Updated subversion packages fix security vulnerability

SVN authz protected copyfrom paths regression. CVE-2021-28544 Subversion's moddavsvn is vulnerable to memory corruption. CVE-2022-24070...

Updated webkit2 packages fix security vulnerability

The webkit2 package has been updated to version 2.36.0, fixing several security issues and other bugs...

Updated ceph packages fix security vulnerability

Updated ceph packages fix security vulnerabilities: the key length for encrypted devices created using ceph-volume is incorrect. This is due to a bug in cephvolume/util/encryption.py which is fixed by this new version. CVE-2021-3979...

Updated flatpak packages fix security vulnerability

Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. CVE-2021-43860 Path traversal vulnerability CVE-2022-21682 Vario...

Updated gdal packages fix security vulnerability

GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment. CVE-2021-45943...

Updated fribidi packages fix security vulnerability

Stack based buffer overflow. CVE-2022-25308 Heap-buffer-overflow in fribidicaprtltounicode. CVE-2022-25309 SEGV in fribidiremovebidimarks. CVE-2022-25310...

Updated python-paramiko packages fix security vulnerability

In Paramiko before 2.10.1, a race condition between creation and chmod in the writeprivatekeyfile function could allow unauthorized information disclosure. CVE-2022-24302...

Updated usbredir packages fix security vulnerability

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparserserialize in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination. CVE-2021-3700...

Updated 389-ds-base packages fix security vulnerability

A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The...

Updated busybox packages fix security vulnerability

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors. CVE-2022-28391...

Updated chromium-browser-stable packages fix security vulnerability

Use after free in Portals. CVE-2022-1125 Use after free in QR Code Generator. CVE-2022-1127 Inappropriate implementation in Web Share API. CVE-2022-1128 Inappropriate implementation in Full Screen Mode. CVE-2022-1129 Insufficient validation of untrusted input in WebOTP. CVE-2022-1130 Use after fr...

Updated openjpeg2 packages fix security vulnerability

A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and...

Updated libtiff packages fix security vulnerability

Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. CVE-2022-0907...

Updated php-smarty packages fix security vulnerability

Updated php-smarty packages to version 4 for php 8 compatibility and to fix security vulnerabilities...

Updated zlib packages fix security vulnerability

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Update to release 1.2.12 for additional bug fixes. See the changelog for details...

Updated golang packages fix security vulnerability

On 64-bit platforms, an extremely deeply nested expression can cause regexp.Compile to cause goroutine stack exhaustion, forcing the program to exit. Note this applies to very large expressions, on the order of 2MB. CVE-2022-24921...

Updated wavpack packages fix security vulnerability

An out of bounds read was found in Wavpack 5.4.0 in processing .WAV files. This issue triggered in function WavpackPackSamples of file src/packutils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound. CVE-2021-44269...

Updated openvpn packages fix security vulnerability

Potential authentication by-pass with multiple deferred authentication plug-ins. CVE-2022-0547...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local...

Updated libtiff packages fix security vulnerability

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. CVE-2022-0865 A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory acces...

Updated graphicsmagick packages fix security vulnerability

The graphicsmagick package has been updated to version 1.3.38, fixing several security issues and other bugs. See the referenced NEWS link for details...

Updated docker packages fix security vulnerability

Containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during 'execve2' CVE-2022-24769...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to 99.0.4844.84 that fixes one security vulnerability and many bugs together with 99.0.4844.82. Type Confusion in V8. Reported by anonymous on 2022-03-23 Google is aware that an exploit for CVE-2022-1096 exists in the wild. CVE-2022-1096...

Updated abcm2ps packages fix security vulnerability

abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculatebeam at draw.c. CVE-2021-32434 Stack-based buffer overflow in the function getkey in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service DoS via unspecified vectors. CVE-2021-324...

Updated pesign packages fix security vulnerability

Fix potential DoS in pesign daemon...

Updated libpano13 packages fix security vulnerability

Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine in parser.c. CVE-2021-33293...

Updated sphinx packages fix security vulnerability

It was found that sphinx could allow arbitrary files to be read by abusing a configuration option. CVE-2020-29050...

Updated cyrus-sasl packages fix security vulnerability

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407...

Updated swtpm packages fix security vulnerability

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

Updated openssl packages fix security vulnerability

Infinite loop in BNmodsqrt reachable when parsing certificates. CVE-2022-0778...

Updated 389-ds-base packages fix security vulnerability

A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. CVE-2021-4091...

Updated apache packages fix security vulnerability

SECURITY: CVE-2022-23943: modsed: Read/write beyond bounds. Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. Credits: Ronald Crane Zippenhop LLC SECURITY: CVE-2022-22721: core: Possible buffer...

Updated stunnel packages fix security vulnerability

Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...

Updated python-django/python-asgiref packages fix security vulnerability

The % debug % template tag didn't properly encode the current context posing an XSS attack vector CVE-2022-22818. Passing certain inputs to multipart forms could result in an infinite loop when parsing files resulting in a denial of service CVE-2022-23833. The python-django update necessitated a...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 99.0.4844.74 version that fixes multiples security vulnerabilities. 1299422 Critical CVE-2022-0971: Use after free in Blink Layout. 1301320 High CVE-2022-0972: Use after free in Extensions. 1297498 High CVE-2022-0973: Use after free in...

Updated nodejs-tar packages fix security vulnerability

Untrusted tar file to symlink into an arbitrary location allowing file overwrites. CVE-2021-37712 Arbitrary file creation/overwrite and arbitrary code execution. CVE-2021-37701 Arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. CVE-2021-32803 Arbitrary File...

Updated bind packages fix security vulnerability

DNS forwarders - cache poisoning vulnerability. CVE-2021-25220...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 99.0.4844.51 version that fixes multiples security vulnerabilities...

Updated ruby packages fix security vulnerability

Command injection in ruby bundler. CVE-2021-43809...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...