6012 matches found
Updated screen packages fix security vulnerability
Felix Weinmann reported a flaw in the handling of combining characters in screen, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence CVE-2021-26937...
Updated xpdf packages fix security vulnerabilities
In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...
Updated bind packages fix security vulnerability
A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, which could result in denial of service daemon crash, or potentially the execution of arbitrary code CVE-2020-8625. The default configuration is not vulnerable to...
Updated gnome-autoar packages fix security vulnerability
Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution CVE-2020-36241...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.19 and fixes at least the following security issues: There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y, CONFIGBPF=y, CONFIGCGROUPS=y, CONFIGCGROUPBPF=y,...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.19 and fixes at least the following security issues: An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.19 and fixes at least the following security issues: An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel. A userland application can read the contents of the sigpage, which can leak kernel memory...
Updated nonfree firmware packages fix security vulnerability
Updated nonfree firmwares fixees various issues, adds new / improved hardware support and fixes at least the following security issue: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a...
Updated libtiff packages fix security vulnerabilities
The updated libtiff packages fix security vulnerabilities: - Integer overflow in tifgetimage.c CVE-2020-35523. - Heap-based buffer overflow in TIFF2PDF tool CVE-2020-35524. - Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the “TIFFVGetField” funtion in the...
Updated thunderbird packages fix security vulnerabilities
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs CVE-2021-23968. As specified in the W3C...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.19 and fixes at least the following security issues: There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y, CONFIGBPF=y, CONFIGCGROUPS=y, CONFIGCGROUPBPF=y, CONFIGHARDENEDUSERCOPY...
Updated firefox packages fix security vulnerabilities
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs CVE-2021-23968. As specified in the W3C...
Updated nonfree firmware packages fix security vulnerability
Updated nonfree firmwares fixees various issues, adds new / improved hardware support and fixes at least the following security issue: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a...
Updated openjpeg2 packages fix security vulnerability
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as...
Updated wpa_supplicant packages fix security vulnerability
A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could result in denial of service or other impact potentially execution of arbitrary code, for an attacker within radio range CVE-2021-27803...
Updated xterm package fixes security vulnerability
xterm through Patch 365 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted UTF-8 character sequence. CVE-2021-27135...
Updated pix packages fix a security vulnerability
A heap-based buffer overflow in cairoimagesurfacecreatefromjpeg in extensions/cairoio/cairo-image-surface-jpeg.c in Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file CVE-2019-20326...
Updated nodejs packages fix security vulnerabilities
Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks. Upgrade from Mageia 7 to 8 problem fixed...
Updated subversion packages fix security dos vulnerability
Subversion has been updated to fix a remote unauthenticated denial-of-service in Subversion modauthzsvn...
Updated coturn package fixes a security vulnerability
When sending a CONNECT request with the XOR-PEER-ADDRESS value of 0.0.0.0, a malicious user would be able to relay packets to the loopback interface. Additionally, when coturn is listening on IPv6, which is default, the loopback interface can also be reached by making use of either ::1 or :: as t...
Updated veracrypt package fixes a security vulnerability
IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 Veracrypt, all versions Truecrypt is affected by a Buffer Overflow that can lead to information disclosure of kernel stack through a locally executed code with IOCTL request to driver CVE-2019-1010208...
Updated privoxy package fixes security vulnerabilities
Fixed a memory leak when decompression fails "unexpectedly". CVE-2021-20216 Prevent an assertion from getting triggered by a crafted CGI request. CVE-2021-20217...
Updated mediawiki packages fix security vulnerability
In MediaWiki before 1.31.11, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right colu...
Updated kernel packages fix security vulnerability
This kernel update is based on upstream 5.10.14 and fixes at least the following security issues: A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AFVSOCK implementation are caused by wrong locking in net/vmwvsock/afvsock.c...
Updated chromium-browser packages fix security vulnerability
The updated packages fix security vulnerabilities. One of those problems is a security issue in V8 engine that is actively exploited...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.14 and fixes at least the following security issues: nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after-free that could be triggered by local attackers with access to the nbd device via an I/O...
Updated trojita packages fix security vulnerability
Damian Poddebniak discovered a TLS verification failure in Trojitá. When sending e-mails over SMTP, all TLS errors were ignored CVE-2020-15047...
Updated gssproxy package fixes a security vulnerability
gssproxy aka gss-proxy before 0.8.3 does not unlock condmutex before pthread exit in gpworkermain in gpworkers.c CVE-2020-12658...
Updated phpldapadmin package fixes a security vulnerability
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via getrequest in lib/function.php CVE-2020-35132...
Updated perl-Email-MIME and perl-Email-MIME-ContentType packages fix security vulnerability
Messages with too many tiny nested MIME parts can lead to memory exhaustion on split, resulting in denial of service rhbz1835353 This update limits the number of nested MIME parts to 10 by default, to avoid a possible memory exhaustion issue with lots of tiny MIME parts...
Updated gstreamer1.0-plugins-bad packages fix security vulnerability
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. CVE-2021-3185...
Updated nethack packages fix security vulnerabilities
Updated nethack packages fix security vulnerabilities: NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own...
Updated phppgadmin package fixes a security vulnerability
phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, database.php does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit...
Updated wpa_supplicant packages fix a security vulnerability
A vulnerability was discovered in how wpasupplicant processing P2P Wi-Fi Direct group information from active group owners. The actual parsing of that information validates field lengths appropriately, but processing of the parsed information misses a length check when storing a copy of the...
Updated php packages fix a security vulnerability
The php packages are updated to version 7.3.27 to fix a Null Dereference in SoapClient SOAP. CVE-2021-21702. Note also php packages version 7.4.15-1.mga7 are available in backports/updates...
Updated python-py packages fix a security vulnerability
A denial of service via regular expression in the py.path.svnwc component of python-py through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality CVE-2020-29651...
Updated tomcat packages fix a security vulnerability
When serving resources from a network location using the NTFS file system it was possible to bypass security constraints and/or view the source code for JSPs in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath which in turn was caused by the...
Updated gdisk package fixes security vulnerabilities
A bug that could cause segfault if GPT header claimed partition entries are oversized CVE-2020-0256. A bug that could cause a crash if a badly-formatted MBR disk was read CVE-2021-0308. The gdisk package has been updated to version 1.0.6, fixing these issues and several other bugs. See the upstre...
Updated nodejs-ini package fixes a security vulnerability
It was discovered that there was an issue in nodejs-ini, where an application could be exploited by a malicious input file. This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on th...
Updated nodejs packages fix security vulnerabilities
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method...
Updated mutt packages fix a security vulnerability
It was discovered that Mutt incorrectly handled certain email messages. An attacker could possibly use this issue to cause a denial of service because rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service mailbox unavailability by sending email messages with sequence...
Updated messagelib packages fix a security vulnerability
In KDE KMail, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted parts can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended...
Updated python and python3 packages fix security vulnerability
A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...
Updated ruby-nokogiri packages fix security vulnerabilities
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...
Updated thunderbird packages fix security vulnerabilities
Cross-origin information leakage via redirected PDF requests. CVE-2021-23953 Type confusion when using logical assignment operators in JavaScript switch statements. CVE-2021-23954 IMAP Response Injection when using STARTTLS. CVE-2020-15685 HTTPS pages could have been intercepted by a registered...
Updated firefox packages fix security vulnerabilities
When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the insecure framing CVE-2020-26976. If a user clicked into a...
Updated kernel-linus packages fix security vulnerability
This kernel-linus update is based on upstream 5.10.12 and fixes at least the following security issue: An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel CVE-2021-3347...
Updated php-pear packages fix a security vulnerability
The updated php-pear packages fix a security vulnerability in component Archivetar, a symlink out-of-path write vulnerability. Tar.php in ArchiveTar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links. CVE-2020-36193...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.10.12 and fixes at least the following security issues: fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPL...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.11 and fixes at least the following security issue: SCSI “EXTENDED COPY” XCOPY requests sent to a Linux SCSI target LIO allow an attacker to read or write anywhere on any LIO backstore configured on the host, provided the attacker has access to o...