6011 matches found
Updated cyrus-sasl packages fix security vulnerability
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407...
Updated openssl packages fix security vulnerability
Infinite loop in BNmodsqrt reachable when parsing certificates. CVE-2022-0778...
Updated nodejs-tar packages fix security vulnerability
Untrusted tar file to symlink into an arbitrary location allowing file overwrites. CVE-2021-37712 Arbitrary file creation/overwrite and arbitrary code execution. CVE-2021-37701 Arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. CVE-2021-32803 Arbitrary File...
Updated 389-ds-base packages fix security vulnerability
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. CVE-2021-4091...
Updated bind packages fix security vulnerability
DNS forwarders - cache poisoning vulnerability. CVE-2021-25220...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 99.0.4844.74 version that fixes multiples security vulnerabilities. 1299422 Critical CVE-2022-0971: Use after free in Blink Layout. 1301320 High CVE-2022-0972: Use after free in Extensions. 1297498 High CVE-2022-0973: Use after free in...
Updated apache packages fix security vulnerability
SECURITY: CVE-2022-23943: modsed: Read/write beyond bounds. Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. Credits: Ronald Crane Zippenhop LLC SECURITY: CVE-2022-22721: core: Possible buffer...
Updated stunnel packages fix security vulnerability
Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests bsc1182529. - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service bsc1181400. New features - Added new...
Updated python-django/python-asgiref packages fix security vulnerability
The % debug % template tag didn't properly encode the current context posing an XSS attack vector CVE-2022-22818. Passing certain inputs to multipart forms could result in an infinite loop when parsing files resulting in a denial of service CVE-2022-23833. The python-django update necessitated a...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 99.0.4844.51 version that fixes multiples security vulnerabilities...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...
Updated ruby packages fix security vulnerability
Command injection in ruby bundler. CVE-2021-43809...
Updated gnutls packages fix security vulnerability
Null pointer dereference in MDUPDATE. CVE-2021-4209...
Updated shapelib packages fix security vulnerability
Double-free vulnerability in contrib/shpsort.c. CVE-2022-0699...
Updated thunderbird packages fix security vulnerabilities
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash CVE-2022-26381. When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification CVE-2022-26383. If an attacker coul...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.26 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is ORDONLY, immutable or on...
Updated thunderbird packages fix security vulnerabilities
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free CVE-2022-26485. An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape CVE-2022-26486...
Updated firefox packages fix security vulnerabilities
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash CVE-2022-26381. When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification CVE-2022-26383. If an attacker coul...
Updated webmin packages fix security vulnerability
Less privileged Webmin users who do not have any File Manager module restrictions configured can access files with root privileges, if using the default Authentic theme CVE-2022-0824, CVE-2022-0829...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.25 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is ORDONLY, immutable or on a...
Updated golang packages fix security vulnerability
Overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption CVE-2022-23772 Incorrect access control in cmd/go CVE-2022-23773 Incorrect returned value in crypto/elliptic IsOnCurve CVE-2022-23806 The following non-security bugs were fixed: - go50978 crypto/elliptic: IsOnCurve...
Updated mc packages fix security vulnerability
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. CVE-2021-36370...
Updated docker-containerd packages fix security vulnerability
A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup...
Updated libtiff packages fix security vulnerability
Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. CVE-2022-0561 Null source pointer passed as an argument to memcpy function within TIFFReadDirector...
Updated libxml2 packages fix security vulnerability
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308...
Updated flac packages fix security vulnerability
In appendtoverifyfifointerleaved of streamencoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. CVE-2021-0561...
Updated firefox packages fix security vulnerabilities
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free CVE-2022-26485. An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape CVE-2022-26486...
Updated php packages fix security vulnerability
Security update for php. See changelog for details...
Updated htmldoc packages fix security vulnerability
A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gifgetcode and occurs when opening a malicious GIF file, which can result in a crash segmentation fault. CVE-2022-0534...
Updated nodejs packages fix security vulnerability
Improper handling of URI Subject Alternative Names Medium. Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often n...
Updated expat packages fix security vulnerability
Passing malformed 2- and 3-byte UTF-8 sequences e.g. from start tag names to the XML processing application on top of Expat can cause arbitrary damage e.g. code execution depending on how invalid UTF-8 is handled inside the XML processor; validation was not their job but Expat's. Exploits with co...
Updated polkit packages fix security vulnerability
There is a file descriptor leak in polkit, which can enable an unprivileged user to cause polkit to crash, due to file descriptor exhaustion. CVE-2021-4115...
Updated cpanminus packages fix security vulnerability
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. CVE-2020-16154...
Updated util-linux packages fix security vulnerability
An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic...
Updated varnish packages fix security vulnerability
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and Varnish Enterprise Cache Plus 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections. CVE-2022-23959...
Updated webkit2 packages fix security vulnerability
Fix accessibility not working when the Bubblewrap sandbox is enabled. Fix rendering of scrollbars when overlay scrollbars are disabled. Fix the build when the X11 support is disabled. Fix the build in a number of situations where the main OpenGL library is not called libGL or libgl, as is the cas...
Updated docker-containerd packages fix security vulnerability
Unprivileged pod may bind mount any privileged regular file on disk CVE-2021-43816...
Updated thunderbird packages fix security vulnerability
Crafted email could trigger an out-of-bounds write. CVE-2022-0566...
Updated zxing-cpp packages fix security vulnerability
Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An...
Updated nas packages fix security vulnerability
Stack-based buffer overflow in auphone.c that can be triggered by an environment variable. Also, the x11-util-cf-files package has been patched to allow building nas...
Updated wireshark packages fix security vulnerability
Kafka dissector infinite loop CVE-2021-4190. RTMPT dissector infinite loop wnpa-sec-2022-01. Large loops in multiple dissectors wnpa-sec-2022-02. PVFS dissector crash wnpa-sec-2022-03. CSN.1 dissector crash wnpa-sec-2022-04. CMS dissector crash wnpa-sec-2022-05...
Updated rlwrap packages fix security vulnerability
rlwrap update fixes use of /tmp/rlwrap.debug causing a denial of service for other users on the same system...
Updated phoronix-test-suite packages fix security vulnerability
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'. CVE-2022-0157 phoronix-test-suite is vulnerable to Cross-Site Request Forgery CSRF. CVE-2022-0196, CVE-2022-0197, CVE-2022-0238...
Updated zsh packages fix security vulnerability
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPTSUBST expansion. CVE-2021-45444...
Updated mariadb packages fix security vulnerability
InnoDB - --skip-symbolic-links does not disallow .isl file creation MDEV-26870 - Indexed CHAR columns are broken with NOPAD collations MDEV-25440 - insert-intention lock conflicts with waiting ORDINARY lock MDEV-27025 - Crash recovery improvements MDEV-26784, MDEV-27022, MDEV-27183, MDEV-27610...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.23 and fixes at least the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.23 and fixes at least the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than th...
Updated microcode packages fix security vulnerabilities
Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of service via local access CVE-2021-0127 / SA-00532...
Updated nonfree firmware packages fix security vulnerabilities
This update provides new and updated nonfree firmwares and fixes at least the following security issues: Improper input validation in firmware for IntelR PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable escalation of privilege via local access CVE-2021-0066 / SA-00539...