6012 matches found
Updated dash packages fix a security vulnerability
Code was executed even if noexec "-n" was specified. bdo58288 / bsc1178978...
Updated c-ares packages fix security vulnerabilities
Avoid read-heap-buffer-overflow in aresparsesoareply found during fuzzing. Avoid theoretical buffer overflow in RC4 loop comparison. Empty hquery-name could lead to invalid memory access. aresparsea,aaaareply could return a larger naddrttls than was passed in...
Updated dovecot packages fix security vulnerabilities
It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users’ email CVE-2020-24386. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could...
Updated vlc packages features security improvements
The vlc package has been updated to version 3.0.12.1, which includes security enhancements in the web interface, as well as other fixes and enhancements. See the upstream NEWS file for details...
Updated rawtherapee package fixes a security vulnerability
There is a floating point exception in dcrawcommon.cpp of libRAW. It will lead to remote denial of service attack. This code is embedded in rawtherapee CVE-2017-13735...
Updated gdm packages fix a security vulnerability
Kevin Backhouse discovered that GDM incorrectly launched the initial setup tool when the accountsservice daemon was not reachable. A local attacker able to cause accountsservice to crash or stop responding could trick GDM into launching the initial setup tool and create a privileged user...
Updated libxml2 packages fix a security vulnerability
libxml2 v2.9.10 and earlier has a global Buffer Overflow vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c CVE-2020-24977...
Updated audacity package fixes security vulnerability
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there CVE-2020-11867...
Updated minidlna packages fix security vulnerabilities
It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...
Updated curl packages fix security vulnerabilities
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. CVE-2020-8231. A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl...
Updated graphicsmagick packages fix security vulnerability
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c CVE-2020-12672...
Updated libvirt packages fix security vulnerability
A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions cou...
Updated kdeconnect-kde packages improve security
For the pairing procedure, the GUI component only presented the friendly 'deviceName' to identify peer devices, which is completely under attacker control. Furthermore the 'deviceName' is transmitted in cleartext in UDP broadcast messages for all other nodes in the network segment to see. Therefo...
Updated spice-vdagent package fixes security vulnerabilities
Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service CVE-2020-25650. Matthias Gerstner discovered that SPICE vdagent incorrectly...
Updated pngcheck package fixes security vulnerability
Multiple buffer overflow flaws were found in pngcheck 2.4.0 and older rhbz1902806...
Updated flac packages fix security vulnerability
In FLACbitreaderreadricesignedblock of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation CVE-2020-0499...
Updated jackit packages fix security vulnerability
posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure,...
Updated python3 packages fix security vulnerability
In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP CVE-2020-27619...
Updated roundcubemail package fixes security vulnerability
Fixes stored cross-site scripting XSS vulnerability via HTML or plain text messages with malicious content. CVE-2020-35730...
Updated openjpeg2 packages fix security vulnerabilities
There's a flaw in openjpeg in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability CVE-2020-27841. There's a flaw in openjpeg's t2...
Updated libmaxminddb packages fix security vulnerability
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dumpentrydatalist in maxminddb.c CVE-2020-28241...
Updated erlang-rebar3 package fixes security vulnerability
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification CVE-2020-13802...
Updated compat-openssl10 packages fix security vulnerabilities
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman DH based ciphersuite. In such a case this would result in the attacker being able to eavesdrop on all encrypted...
Updated openssl packages fix security vulnerability
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...
Updated golang-googlecode-net package fixes security vulnerabilities
This code was vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both...
Updated mbedtls packages fix security vulnerabilities
This update provides security bug fixes and minor enhancements. Limit the size of calculations performed by mbedtlsmpiexpmod to MBEDTLSMPIMAXSIZE to prevent a potential denial of service when generating Diffie-Hellman key pairs. A failure of the random generator was ignored in mbedtlsmpifillrando...
Updated virtualbox packages fix security vulnerabilities
Vulnerabilities in the Oracle VM VirtualBox are fixed in version 6.1.16. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability which can lead to execute code in the context of the hypervisor. CVE-2020-14872. An...
Updated openjpeg2 packages fix security vulnerabilities
A heap-buffer overwrites error was discovered in lib/openjp2/mqc.c in OpenJPEG 2.3.1. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution CVE-2020-27814. A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker ...
Updated jupyter-notebook packages fix a security vulnerability
Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for know...
Updated x11-server packages fix security vulnerabilities
A flaw was found in the X.Org Server. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability CVE-2020-14360. A flaw was found in...
Updated dpic package fixes a security vulnerability
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat function in main.c. CVE-2019-13989...
Updated jasper packages fix security vulnerability
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability CVE-2020-27828...
Updated sam2p package fixes security vulnerabilities
In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file inpcx.cpp. CVE-2017-14628. In sam2p 0.49.3, the inxpmreader function in inxpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array element. CVE-2017-14629. In...
Updated bitcoin packages fix security vulnerabilities
Multiple vulnerabilities have been discovered in Bitcoin. In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their privat...
Updated firefox packages fix security vulnerabilities
When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read CVE-2020-16042. Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow in WebGL on some video drivers CVE-2020-26971. Certain inpu...
Updated thunderbird packages fix security vulnerabilities
When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read CVE-2020-16042. Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow in WebGL on some video drivers CVE-2020-26971. Certain inpu...
Updated chromium-browser-stable packages fix security vulnerabilities
The updated packages fix some problems found in version 86 and security vulnerabilities...
Updated oniguruma packages fix security vulnerability
In Oniguruma, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concatoptexactstr in src/regcomp.c CVE-2020-26159...
Updated x11vnc package fixes a security vulnerability
scan.c in x11vnc 0.9.16 uses IPCCREAT|0777 in shmget calls, which allows access by actors other than the current user. CVE-2020-29074...
Updated php-pear packages fix security vulnerabilities
Filename manipulation vulnerabilities CVE-2020-28948 / CVE-2020-28949 Updated also ArchiveTar to 1.4.11...
Updated python and python3 packages fix security vulnerabilities
It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service CVE-2019-9674. It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this...
Updated privoxy package fixes security vulnerabilities
Privoxy has been updated to version 3.0.29 to fix 8 security issues...
Updated mutt packages fix a security vulnerability
Mutt before 2.0.2 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted...
Updated pdfresurrect package fixes security vulnerability
In PDFResurrect before 0.20, lack of header validation checks causes a heap-buffer-overflow in pdfgetversion CVE-2020-20740...
Updated thunderbird packages fix security vulnerability
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable CVE-2020-26970...
Updated pngcheck packages fix a security vulnerability
This update fixes a potential global buffer overflow in the checkchunkname function via a crafted png file...
Updated xdg-utils package fixes a security vulnerability
Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information CVE-2020-27748...
Updated tor package fixes security vulnerabilities
When completing a channel, relays now check more thoroughly to make sure that it matches any pending circuits before attaching those circuits. Previously, address correctness and Ed25519 identities were not checked in this case, but only when extending circuits on an existing channel...
Updated cimg packages fix a security vulnerability
Multiple heap buffer overflows. CVE-2020-25693...
Updated poppler packages fix a security vulnerability
buffer overflow in pdftohtml could result in a DoS CVE-2020-27778...