Updated openjpeg2 packages fix a security vulnerability

A heap-based buffer overflow was found in openjpeg. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg CVE-2021-3575...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.46 and fixes at least the following security issues: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF program can read arbitrary memory...

Updated bash packages fix a security vulnerability

A privilege escalation vulnerability was found in bash in the way it dropped privileges when started with an effective user id not equal to the real user id. Bash may be vulnerable to this flaw if the setuid permission is set and the owner of the bash program itself is a non-root user. A local...

Updated glibc packages fix a security vulnerability

A vulnerability was found in the iconv program provided by glibc when it's invoked with the -c option. It can enter an infinite loop while parsing an invalid multi-byte sequence CVE-2016-10228...

Updated leptonica packages fix security vulnerabilities

Leptonica before 1.80.0 allows a denial of service application crash via an incorrect left shift in pixConvert2To8 in pixconv.c CVE-2020-36277. Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c CVE-2020-36278. Leptonica before 1.80.0 allows a heap-bas...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.46 and fixes at least the following security issues: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF program can read arbitrary memory...

Updated tor package fixes security vulnerabilities

Don't allow relays to spoof RELAYEND or RELAYRESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it CVE-2021-34548. hashtable-based CPU denial-of-service atta...

Updated graphicsmagick packages fix security vulnerabilities

Updated graphicsmagick packages fix security vulnerabilities: The graphicsmagick package has been updated to version 1.3.36, fixing several security issues and other bugs. See the upstream NEWS file for details...

Updated samba and ldb packages fix security vulnerabilities

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

Updated matio packages fix a security vulnerability

A memory leak was discovered in MatVarCalloc in mat.c in matio 1.5.17 because SafeMulDims does not consider the rank==0 case CVE-2019-20052...

Updated gnome-autoar packages fix a security vulnerability

gnome-autoar: directory traversal during extraction because it lacks a check of whether a file's parent is a symlink in certain complex situations CVE-2021-28650. Also the previous update Bug 28454 introduced a regression, fixed here...

Updated qtwebsockets5 packages fix a security vulnerability

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption CVE-2018-21035...

Updated cifs-utils packages fix a security vulnerability

A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity CVE-2021-20208...

Updated kernel-linus packages fix security and other issues

The kernel-linus update in MGASA-2021-0258 contained some security fixes that caused regressions in at least some container and chroot setups. This update provides upstream 5.10.45 that adds follow-up fixes to resolve the regressions and other various security-related and other bugfixes. For more...

Updated bluez packages fix security vulnerability

Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing in the Passkey authentication procedure by reflection of the public key and the authentication evidence of the initiati...

Updated wavpack packages fix a security vulnerability

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in packutils.c because of an integer overflow in a malloc argument CVE-2020-35738...

Updated wireshark packages fix a security vulnerability

The DVB-S2-BB dissector could go into an infinite loop...

Updated guacd packages fix security vulnerabilities

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain...

Updated slic3r package fixes a security vulnerability

An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

Updated xscreensaver packages fix security vulnerability

An issue allowing to cause crash and locked screen bypass CVE-2021-34557...

Updated ffmpeg packages fix a security vulnerability

An out-of-bounds write in decodeframe in libavcodec/exr.c because of errors in calculations of when to perform memset zero operations CVE-2020-35965...

Updated bind packages fix a security vulnerability

Incremental zone transfers IXFR provide a way of transferring changed portions of a zone between servers. An IXFR stream containing SOA records with an owner name other than the transferred zone's apex may cause the receiving named server to inadvertently remove the SOA record for the zone in...

Updated apache-mod_auth_openidc package fixes a security vulnerability

modauthopenidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of- service DoS condition via unspecified vectors CVE-2021-20718...

Updated kernel packages fix security and other issues

The kernel update in MGASA-2021-0257 contained some security fixes that caused regressions in at least some container and chroot setups. This update provides upstream 5.10.45 that adds follow-up fixes to resolve the regressions and other various security-related and other bugfixes. For more info...

Updated tunnel packages fix security vulnerability

Updated stunnel package fixes security vulnerability: Client certificate not correctly verified when redirect and verifyChain options are used CVE-2021-20230...

Updated python-eventlet packages fix security vulnerability

Updated python-eventlet packages fix a security vulnerability: Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data...

Updated python-babel packages fix a security vulnerability

Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary code CVE-2021-20095...

Updated python-pikepdf packages fix security vulnerability

models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries CVE-2021-29421...

Updated puddletag packages fix security vulnerability

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injectio via the template function, particularly when a variable property is passed as an argument as it is not sanitized CVE-2021-23358...

Updated perl-Image-ExifTool package fixes a security vulnerability

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image CVE-2021-22204...

Updated python-bleach packages fix a security vulnerability

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when "svg" or "math" are in the allowed tags, 'p' or "br" are in allowed tags, "style", "title", "noscript", "script", "textarea", "noframes", "iframe", or "xmp"...

Updated openssh packages fix a security vulnerability

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host CVE-2021-28041...

Updated qt4 and qtsvg5 packages fix a security vulnerability

An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue CVE-2021-3481...

Updated apache packages fix security vulnerabilities

modproxywstunnel tunneling of non Upgraded connections: Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connecti...

Updated libgd packages fix a security vulnerability

A potential integer overflow is fixed in version 2.3.1...

Updated gsoap packages fix security vulnerabilities

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability CVE-2020-13574. A denial-of-service vulnerability exists in...

Updated jasper packages fix security vulnerabilities

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened CVE-2021-3443. A NULL pointer dereference fl...

Updated exif packages fix a security vulnerability

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash. CVE-2021-27815...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.43 and fixes at least the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a...

Updated slurm packages fix a security vulnerability

SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling CVE-2021-31215...

Updated microcode packages fix security vulnerabilities

Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Incomplete cleanup in some IntelR VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access CVE-2020-24489. Improper isolation ...

Updated python-lxml packages fix a security vulnerability

An XSS vulnerability was discovered in python-lxml’s clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run...

Updated gnuchess package fix a security vulnerability

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN Portable Game Notation data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmdpgnload and cmdpgnreplay functions in frontend/cmd.cc. CVE-2021-30184...

Updated djvulibre packages fix security vulnerabilities

Stack overflow in function DJVU::DjVuDocument::getdjvufile via crafted djvu file. CVE-2021-3500. Out of bounds write in function DJVU::filterbv via crafted djvu file. CVE-2021-32490. Integer overflow in function render in tools/ddjvu via crafted djvu file. CVE-2021-32491 Out of bounds read in...

Updated wpa_supplicant, hostapd packages fix security vulnerability

The wpasupplicant and hostapd packages are updated to fix a forging attacks that may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. CVE-2021-30004...

Updated irssi packages fix security vulnerabilities

The irssi packages are updated to irssi 1.2.3 to fix several issues among some security vulnerabilities: memory handling issues memory leaks erroneous free crashes / freezes null pointer dereference when receiving broken JOIN record...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.43 and fixes at least the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting ...

Updated python-pygments packages fix a security vulnerability

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service...

Updated docker-containerd packages fix security vulnerability

In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service that share the same image may receive incorrect...

Updated rust packages fix security vulnerabilities

This Rust update to version 1.52.1 includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. These are memory safety bugs in the Rust standard library. Because it is statically linked, affected applications will need to be rebuilt to benefit...