6012 matches found
Updated jruby packages fix security vulnerabilities
Response Splitting attack in the HTTP server of WEBrick CVE-2017-17742. Delete directory using symlink when decompressing tar CVE-2019-8320. Escape sequence injection vulnerability in verbose CVE-2019-8321. Escape sequence injection vulnerability in gem owner CVE-2019-8322. Escape sequence...
Updated webkit2 packages fix security vulnerabilities
The webkit2 package has been updated to version 2.30.3, fixing several security issues and other bugs. A type confusion issue may lead to arbitrary code execution with a maliciously crafted web content, fixed with improved memory handling CVE-2020-9948. An use after free issue may lead to arbitra...
Updated python-cryptography packages fix security vulnerability
Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information CVE-2020-25659...
Updated italc packages fix security vulnerabilities
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
Updated python-pillow packages fix security vulnerabilities
Pillow before 6.2.3 and 7.x before 7.0.1 has multiple out-of-bounds reads in libImaging/FliDecode.c CVE-2020-10177. In libImaging/PcxDecode.c in Pillow before 6.2.3 and 7.x before 7.0.1, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond...
Updated tcpreplay package fixes security vulnerabilities
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon that can make tcpprep crash and cause a denial of service CVE-2020-24265. An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerabilit...
Updated vino package fixes a security vulnerability
libvncserver/rfbserver.c from LibVNCServer, which is bundled by vino, has a divide by zero issue which could result in denial of service CVE-2020-25708...
Updated f2fs-tools packages fix security vulnerability
An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this...
Updated tcpdump package fixes a security vulnerability
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037...
Updated raptor2 packages fix a security vulnerability
A malformed input file can lead to a segfault due to an out of bounds array access in raptorxmlwriterstartelementcommon. CVE-2020-25713...
Updated librepo packages fix a security vulnerability
It was discovered that librepo was subject to a directory traversal vulnerability where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal...
Updated python-twisted packages fix security vulnerabilities
Jake Miller and ZeddYu Lu discovered that Twisted incorrectly handled certain content-length headers. A remote attacker could possibly use this issue to perform HTTP request splitting attacks CVE-2020-10108, CVE-2020-10109...
Updated postgresql packages fix security vulnerabilities
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportuni...
Updated thunderbird packages fix security vulnerabilities
Variable time processing of cross-origin images during drawImage calls. CVE-2020-16012 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code. CVE-2020-26951 Fullscreen could be enabled without displaying the security UI. CVE-2020-26953 XSS through paste manual...
Updated firefox and nss packages fix security vulnerabilities
When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a variable amount of time depending on the content of the underlying image. This resulted in potential cross-origin information exposure of image content through timing side-channel...
Updated golang packages fix a security vulnerability
A flaw was found in Go standard library packages. Both the net/http/cgi and net/http/fcgi packages use a default Content-Type response header value of "text/html", rather than "text/plain". An attacker could exploit this in applications using these packages by uploading crafted files, allowing fo...
Updated kleopatra packages fix a security vulnerability
The Kleopatra component before 20.07.80 for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary library. CVE-2020-24972...
Updated libexif packages fix a security vulnerability
In exifentrygetvalue of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for...
Updated kdeconnect-kde packages fix a security vulnerability
An attacker on your local network could send maliciously crafted packets to other hosts running kdeconnect on the network, causing them to use large amounts of CPU, memory or network connections, which could be used in a Denial of Service attack within the network. CVE-2020-26164...
Updated arpwatch package fixes a security vulnerability
A buffer overflow from long hostnames. rhbz1563939...
Updated firefox and thunderbird packages fix a security vulnerability
Write side effects in MCallGetProperty opcode not accounted for. In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. CVE-2020-26950 Also some bugfix for Thunderbird have been added. See upstream release...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
High memory usage during deserialization of Proxy class with many interfaces. CVE-2020-14779 Credentials sent over unencrypted LDAP connection. CVE-2020-14781 Certificate blacklist bypass via alternate certificate encodings. CVE-2020-14782 Integer overflow leading to out-of-bounds access...
Updated chromium-browser-stable packages fix security vulnerabilities
The chromium-browser-stable package has been updated to 86.0.4240.198 version that fixes multiples security vulnerabilities. From 81.0.4044.138 released on May 9th, 2020 to 86.0.4240.198 version, see upstream advisories...
Updated packagekit packages fix a security vulnerability
It was discovered that packagekit was subject to a vulnerability where the InstallFiles, GetFilesLocal and GetDetailsLocal methods of the DBus interface to PackageKit accesses given files before checking for authorization. This allows non-privileged users to learn the MIME type of any file on the...
Updated tpm2-tss packages fix a security vulnerability
FAPI PolicyPCR not instatiating correctly CVE-2020-24455. Note that all TPM object created with a PolicyPCR with the currentPcrs and currentPcrsAndBank options have been created with an incorrect policy that omits PCR checks. All such objects have to be recreated. The tpm2-tss package has been...
Updated bluez packages fix a security vulnerability
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event. CVE-2020-27153...
Updated lilypond package fixes a security vulnerability
It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. CVE-2020-17353...
Updated ruby packages fix a security vulnerability
A potential HTTP request smuggling vulnerability in WEBrick was reported. WEBrick was too tolerant against an invalid Transfer-Encoding header. This may lead to inconsistent interpretation between WEBrick and some HTTP proxy servers, which may allow the attacker to “smuggle” a request...
Updated microcode package fixes security vulnerabilities
Insufficient access control in the Linux kernel driver for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-8694 Observable discrepancy in the RAPL interface for some IntelR Processors may allow a privileged user to...
Updated openldap packages fix a security vulnerability
A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP. An unauthenticated remote attacker can use this flaw to cause a denial of service slapd daemon crash via a specially crafted packet CVE-2020-25692. Also, the PID file path in the systemd service was fixed to...
Updated pacemaker packages fix a security vulnerability
ACL restrictions bypass. CVE-2020-25654...
Updated sddm package fixes a security vulnerability
Fabian Vogt discovered a flaw in sddm before 0.19.0. A local attacker can take advantage of a race condition when creating the Xauthority file to escalate privileges CVE-2020-28049...
Updated lout packages fix security vulnerabilities
Lout 3.40 has a buffer overflow in the StringQuotedWord function in z39.c. CVE-2019-19917 Lout 3.40 has a heap-based buffer overflow in the srcnext function in z02.c. CVE-2019-19918...
Updated samba packages fix security vulnerabilities
Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information CVE-2020-14318. Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use th...
Updated spice and spice-gtk packages fix a security vulnerability
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client spice-gtk and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messag...
Updated docker packages fix a security vulnerability
It was discovered that Docker could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user's registry credentials CVE-2020-15157...
Updated webmin package fixes security vulnerabilities
An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and executed. CVE-2020-8820 An...
Updated fontforge packages fix a security vulnerability
SFDGetFontMetaData insufficient CVE-2020-5395 backport. CVE-2020-25690...
Updated suricata packages fix security vulnerabilities
The suricata package has been updated to version 4.1.9, which fixes security issues and other bugs. See the upstream announcements for details...
Updated blueman packages fixes a security vulnerability
Vaisha Bernard discovered that blueman did not properly sanitize input on the D-Bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service CVE-2020-15238...
Updated libuv packages a fix security vulnerability
The implementation of realpath in libuv before 1.39 incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes CVE-2020-8252...
Updated junit packages fix a security vulnerability
It was discovered that junit contained a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by oth...
Updated libproxy packages fix a security vulnerability
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. CVE-2020-26154...
Updated mariadb packages fix security vulnerabilities
The latest release of mariadb fixes some undisclosed easily exploitable vulnerabilities. CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 and CVE-2020-14812. Additionally some bugs are fixed: - Temporary tables can overwrite existing files MDEV-23569 - Crash on SELECT on a table with indexed...
Updated tomcat packages fix a security vulnerability
If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than t...
Updated claws-mail packages fix a security vulnerability
Shielded template's |program and |attachprogram so that the command-line that is executed does not allow sequencing such as with && || ;, preventing possible execution of nasty, or at least unexpected, commands. No CVE...
Updated nss and firefox packages fix security vulnerabilities
Mozilla developers and community members Jason Kratzer, Simon Giesecke, Philipp, and Christian Holler reported memory safety bugs present in Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...
Updated pdns-recursor package fixes a security vulnerability
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This result...
Updated thunderbird packages fix security vulnerabilities
Memory safety bugs fixed in Thunderbird 78.4. CVE-2020-15683 Use-after-free in usersctp. CVE-2020-15969...
Updated geary package fixes a security vulnerability
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificates when the client system is not configured to use a system-provided PKCS11 store. This allows a meddler in the middle to present a...