6012 matches found
Updated mbedtls packages fix security vulnerabilities
This update provides Mbed TLS 2.16.11, with a number of bug fixes, including security fixes. The intermediate version 2.16.10 are included security fixes. See the referenced release notes and advisories for details...
Updated libuv packages fix security vulnerability
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to...
Updated thunderbird packages fix security vulnerabilities
IMAP server responses sent by a MITM prior to STARTTLS could be processed CVE-2021-29969. Use-after-free in accessibility features of a document CVE-2021-29970. Out of bounds write in ANGLE CVE-2021-30547. Memory safety bugs fixed in Thunderbird 78.12 CVE-2021-29976...
Updated firefox packages fix security vulnerabilities
A malicious webpage could have triggered a use-after-free in accessibility features of a document, causing memory corruption and a potentially exploitable crash when accessibility was enabled CVE-2021-29970. Mozilla developers Valentin Gosu, Randell Jesup, Emil Ghitta, Tyson Smith, and Olli Petta...
Updated tpm2-tools package fixes security vulnerability
A flaw was found in tpm2-tools. tpm2import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality CVE-2021-3565...
Updated aom packages fix security vulnerabilities
aomimage.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap CVE-2021-30473. aomdsp/graintable.c in libaom in AOMedia before 2021-03-30 has a use-after-free CVE-2021-30474. aomdsp/noisemodel.c in libaom in AOMedia before 2021-03-24 has a buffer overflow...
Updated python-django package fixes security vulnerabilities
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability CVE-2021-28658. In Django 2.2 before 2.2.21, 3.1 before 3.1.9, an...
Updated ffmpeg packages fix security vulnerabilities
This update provides ffmpeg version 4.3.2, which fixes several security vulnerabilities and other bugs which were corrected upstream...
Updated libsolv packages fix a security vulnerability
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver testcasereadPool pool, FILE fp, const char testcase, Queue job, char resultp, int resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service CVE-2021-3200...
Updated mosquitto packages fix security vulnerability
Updated mosquitto packages fix security vulnerability: If an authenticated client connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur. For other fixes in this update, see the mosquitto.org blog reference...
Updated guile1.8 packages fix security vulnerabilities
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Th...
Updated mediawiki packages fix a security vulnerability
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a "sitewide block" applied, it is able to still "purge" pages through the MediaWiki Action API which a "sitewide block" should have prevented...
Updated freeradius packages fix security vulnerabilities
Moved logrotate options into specific parts for each log as "global" options will persist past and clobber global options in the main logrotate config bsc1180525. Fixed plaintext password entries in logfiles bsc1184016. The freeradius package has been updated to version 3.0.22, fixing these issue...
Updated binutils packages fix security vulnerabilities
This update provides binutils 2.36.1 and fixes at least the following security issues: There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to syst...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.48 and fixes at least the following security issues: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection mechanism. This affects certs/blacklist.c and certs/systemkeyring.c...
Updated libgrss packages fix security vulnerability
libgrss does not perform any TLS certificate verification because it uses the deprecated SoupSessionAsync, which requires manually enabling certificate verification, rather than a modern SoupSession that has good defaults CVE-2016-20011...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.48 and fixes at least the following security issues: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection mechanism. This affects certs/blacklist.c and certs/systemkeyring.c...
Updated webmin package fixes security vulnerability
The webmin package has been updated to version 1.979, which has fixes for handling un-trusted inputs in the Network Configuration module. Also, the openvpn module has been updated to version 3.2...
Updated php-phpmailer package fixes security vulnerability
PHPMailer contained a vulnerability that can result in untrusted code being called CVE-2021-3603. See upstream release notes...
Updated libebml packages fix a security vulnerability
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml CVE-2021-3405...
Updated avahi packages fix a security vulnerability
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahishostnameresolverstart function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this...
Updated libcroco and gettext packages fix security vulnerability
libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption CVE-2020-12825...
Updated php-smarty package fixes security vulnerabilities
Smarty before 3.1.39 allows a Sandbox Escape because $smarty.templateobject can be accessed in sandbox mode CVE-2021-26119. Smarty before 3.1.39 allows code injection via an unexpected function name after a function name= substring CVE-2021-26120...
Updated pjproject packages fix a security vulnerability
An issue has been found in pjproject. Due to bad handling of two consecutive crafted answers to an INVITE, the attacker is able to crash the server resulting in a denial of service CVE-2021-21375...
Updated pjproject packages fix security vulnerabilities
Currently, PJSIP transport can be reused if they have the same IP address + port + protocol. However, this is insufficient for secure transport since it lacks remote hostname authentication. The vulnerability allows for an insecure interaction without user awareness. It affects users who need...
Updated gstreamer1.0-plugins packages fix security vulnerabilities
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags CVE-2021-3522. Overflows in AVC/HEVC NAL unit length calculations, which would lead to allocating infinite amounts of small memory blocks until OOM and could potentially also lead to memory corruptions...
Updated connman packages fix security vulnerability
Updated connman packages fix security vulnerability. ConnMan aka Connection Manager 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH for A or AAAA CVE-2021-33833...
Updated python packages fix security vulnerability
Updated python packages fix security vulnerability: In Python's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP CVE-2020-27619...
Updated botan2 packages fix security vulnerability
Updated botan2 packages fix security vulnerability: In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex CVE-2021-24115...
Updated jhead packages fix security vulnerabilities
Updated jhead package fixes security vulnerabilities: jhead through 3.04 has a heap-based buffer over-read in processDQT in jpgqguess.c CVE-2020-6624. jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c CVE-2020-6625. A heap-based buffer...
Updated openexr packages fix security vulnerabilities
Updated openexr packages fix security vulnerabilities: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...
Updated libosinfo packages fix security vulnerability
Updated libosinfo packages fix security vulnerability: A flaw was found in libosinfo, version 1.5.0, where the script for automated guest installations, 'osinfo-install-script', accepts user and admin passwords via command line arguments. This could allow guest passwords to leak to other system...
Updated php packages fix security vulnerabilities
Updated php packages provides upstream 8.0.8 and fixes the following security vulnerabilities: - PDOFirebird: Fix Stack buffer overflow in firebirdinfocb CVE-2021-21704. Fix SIGSEGV in firebirdhandledoer CVE-2021-21704. Fix SIGSEGV in firebirdstmtexecute CVE-2021-21704. Fix Crash while parsing...
Updated htmldoc packages fix security vulnerabilities
Updated htmldoc packages fix security vulnerabilities: Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181 CVE-2021-20308. AddressSanitizer: double-free in function pspdfexport ps-pdf.cxx...
Updated zstd packages fix a security vulnerability
In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions matching the input would only be set at completion time. Output files could therefore be readable or writable to unintended parties CVE-2021-24031...
Updated zstd packages fix a security vulnerability
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to...
Updated fluidsynth packages fix a security vulnerability
fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when loading an invalid SoundFont file CVE-2021-21417...
Updated redis package fixes a security vulnerability
It was discovered that there were a number of integer overflow issues in Redis. It is currently believed that the issues only affect 32-bit based systems CVE-2021-21309...
Updated hivex packages fix a security vulnerability
A flaw was found in the hivex library. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat...
Updated glib2.0 packages fix security vulnerabilities
Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to GLib to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2021-27218. Kevin Backhouse discovered that GLib incorrect...
Updated grub2 packages fix security vulnerabilities
All CVEs below are against the SecureBoot functionality in GRUB2. We do not ship this as part of Mageia. Therefore, we ship an updated grub2 package to 2.06 for Mageia 8 fixing upstream bugfixes. A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and...
Updated gupnp packages fix a security vulnerability
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected...
Updated gnome-shell package fixes a security vulnerability
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visibl...
Updated libupnp packages fix a security vulnerability
The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp libupnp appears to be vulnerable to DNS rebinding attacks because it does not check the value of the 'Host' header. This can be mitigated by using DNS revolvers whic...
Updated httpcomponents-client packages fix a security vulnerability
Priyank Nigam discovered that HttpComponents Client could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution CVE-2020-13956...
Updated php packages fix security vulnerabilities
Updated PHP packages fix security vulnerabilities: - Fixed bug 81122: SSRF bypass in FILTERVALIDATEURL. CVE-2021-21705 PDOFirebird: - Fixed bug 76448: Stack buffer overflow in firebirdinfocb. CVE-2021-21704 - Fixed bug 76449: SIGSEGV in firebirdhandledoer. CVE-2021-21704 - Fixed bug 76450:...
Updated file-roller packages fix security vulnerability
Updated file-roller package fixes security vulnerability: A path traversal vulnerability was found in file-roller due to an incomplete fix for CVE-2020-11736. It may still be possible to extract files outside of the intended directory in case of malicious archives containing symbolic links. The...
Updated networkmanager packages fix security vulnerability
A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability. CVE-2021-20297...
Updated live packages fix security vulnerabilities
Updated live packages fix security vulnerabilities: Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors CVE-2019-15232...
Updated busybox packages fix security vulnerability
Updated busybox packages fix security vulnerability: decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data CVE-2021-28831...