6012 matches found
Updated ikiwiki packages fix security vulnerability
Several security issues identified in ikiwiki fixed by updating to version 3.20190228. See references for details...
Updated apache packages fix security vulnerability
By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections in Apache HTTP Server versions 2.4.37 and prior CVE-2018-17189. In Apache HTTP Serv...
Updated hiawatha packages fix security vulnerability
Verison 10.8.4 fixed a vulnerability which allowed a remote atacker to perform directory traversal when AllowDotFiles was enabled CVE-2019-8358...
Updated gnupg2 packages fix security vulnerability
GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery CSRF vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window...
Updated rsyslog packages fix security vulnerability
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash CVE-2018-16881...
Updated gnome-keyring packages fix security vulnerability
It was discovered that GNOME Keyring incorrectly cleared out credentials supplied to the PAM module. A local attacker could possibly use this issue to discover login credentials CVE-2018-20781...
Updated kernel packages fix security vulnerability
This kernel update is based on the upstream 4.14.104 and fixes at least the following security issue: Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware...
Updated nagios packages fix security vulnerability
A flaw was found in Nagios Core version 4.4.1 and earlier. The qhhelp function is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket CVE-2018-13441. A flaw was found in...
Updated openssl packages fix security vulnerability
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
Updated gnutls packages fix security vulnerability
A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...
Updated python-gnupg packages fix security vulnerability
When symmetric encryption is used, data can be injected through the passphrase property of the gnupg.GPG.encrypt and gnupg.GPG.decrypt methods. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on th...
Updated spice-gtk packages fix security vulnerability
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are...
Updated libreoffice packages fix security vulnerability
Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document CVE-2018-16858. The libreoffice package has been updated to version 6.1.5.2, fixing this issue, and including several other bug fixes and...
Updated libtiff packages fix security vulnerability
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tifdirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file...
Updated spice packages fix security vulnerability
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslotgetvirt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. CVE-2019-3813 A vulnerability was discovered in SPICE before versio...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on the upstream 4.14.100 and fixes at least the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors STIBP support. Note that STIBP also requires the functionality be supported by the...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.100 and fixes at least the following security issues: A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error...
Updated libexif packages fix security vulnerability
It was found that specially crafted XIFIFDINTEROPERABILITY and EXIFIFDEXIF tags could be used for a denial of service CVE-2018-20030...
Updated tcpreplay packages fix security vulnerability
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlten10mbencode of the file plugins/dlten10mb/en10mb.c, due to inappropriate values in the function memmove. The length pktlen + ctx - l2len can be larger than source value packet +...
Updated zziplib packages fix security vulnerability
In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzipdiskfread function zzip/mmapped.c because the size variable is not validated against the amount of file-stored data CVE-2018-6381. An unaligned memory access bug was found in the way ZZIPlib handled ZIP...
Updated giflib packages fix security vulnerability
Null dereferences in main of gifclrmp. Heap Buffer Overflow-2 in function DGifDecompressLine in cgif.c. CVE-2018-11490 Segmentation fault in PrintCodeBlock. Segmentation fault of giftool reading a crafted file. Floating point exception in giftext utility. Heap buffer overflow in DumpScreen2RGB in...
Updated poppler packages fix security vulnerability
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo. CVE-2018-18897 XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of...
Updated irssi packages fix security vulnerability
It was discovered that Irssi incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code CVE-2019-5882...
Updated flash-player-plugin packages fix security vulnerability
Information disclosure in the context of the current user. CVE-2019-7090...
Updated firefox packages fix security vulnerability
A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash CVE-2018-18356. An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash CVE-2019-57...
Updated thunderbird packages fix security vulnerability
A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash. CVE-2018-18356 An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash...
Updated lxc packages fix security vulnerability
LXC allows attackers to overwrite the host LXC binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: a new container with an attacker-controlled image, or an existing container, to which the attacker...
Updated dom4j packages fix security vulnerability
dom4j version prior to version 2.1.1 contains an XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appears to be exploitable via an attacker specifying attributes or...
Updated logback packages fix security vulnerability
It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to...
Updated libwmf packages fix security vulnerability
The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected. CVE-2019-6978...
Updated kauth packages fix security vulnerability
KAuth allows to pass parameters with arbitrary types to helpers running as root over DBus. Certain types can cause crashes and trigger decoding arbitrary images with dynamically loaded plugins...
Updated avahi packages fix security vulnerability
It was found that avahi responds to unicast queries coming from outside of local network which may cause an information leak, such as disclosing the device type/model that responds to the request or the operating system. The mDNS response may also be used to amplify denial of service attacks...
Updated python packages fix security vulnerability
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.7.2. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted...
Updated radvd packages fix security vulnerability
A flaw was found in radvd. In case of misconfiguration a race condition between privsep and main thread occurs. This leads to double-free and crashing of radvd rhbz1669297...
Updated python-django packages fix security vulnerability
If django.utils.numberformat.format -- used by contrib.admin as well as the floatformat, filesizeformat, and intcomma templates filters -- received a Decimal with a large number of digits or a large exponent, it could lead to significant memory usage due to a call to ':f'.format CVE-2019-6975...
Updated mad packages fix security vulnerability
The maddecoderrun function in decoder.c in libmad 0.15.1b allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file CVE-2017-11552. The maddecoderrun function in decoder.c in Underbit libmad through 0.15.1b allows attackers to cause a denial of service SIGABRT...
Updated gvfs packages fix security vulnerability
The backend currently allows to access and modify files without prompting for password if any polkit authentication agent isn't available. This affects only users which belong to wheel group i.e. those who are already allowed to use sudo. It doesn't allow privilege escalation for users, who don't...
Updated golang packages fix security vulnerability
Remote code execution in go get, when executed with the -u flag CVE-2018-16873. An arbitrary filesystem write in go get, which could lead to code execution CVE-2018-16874. Denial of Service in the crypto/x509 package during certificate chain validation CVE-2018-16875. Go before 1.11.5 mishandles...
Updated libarchive packages fix security vulnerability
libarchive contains an out-of-bounds read vulnerability in 7zip decompression, archivereadsupportformat7zip.c, headerbytes that can result in a crash denial of service. This attack appears to be exploitable via the victim opening a specially crafted 7zip file CVE-2019-1000019. libarchive contains...
Updated java-1.8.0-openjdk packages fix security vulnerability
Vulnerability in the Java Advanced Management Console component of Oracle Java SE subcomponent: Server. The supported version that is affected is Java Advanced Management Console: 2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
Updated transfig packages fix security vulnerability
It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code CVE-2018-16140...
Updated libvncserver packages fix security vulnerability
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c CVE-2018-20750...
Updated docker packages fix security vulnerability
Docker Engine before 18.09 allows attackers to cause a denial of service dockerd memory consumption via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemonunix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go CVE-2018-20699...
Updated openssh packages fix security vulnerability
In OpenSSH, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename CVE-2018-20685...
Updated jruby packages fix security vulnerability
Several vulnerabilities were discovered in jruby. They would allow an attacker to use specially crafted gem files to mount cross-site scripting attacks, cause denial of service through an infinite loop, write arbitrary files, or run malicious code CVE-2018-1000073, CVE-2018-1000074,...
Updated libtiff packages fix security vulnerability
The TIFFFdOpen function in tifunix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. CVE-2019-6128...
Updated dovecot packages fix security vulnerability
CVE-2019-3814: If imap/pop3/managesieve/submission client has trusted certificate with missing username field sslcertusernamefield, under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing...
Updated opencontainers-runc packages fix security vulnerability
Not using pivotroot2 leaves the host /proc around in the mount namespace so that it is possible to mount another /proc without any other submount, even if /proc in the container is not fully visible. This flaw allows an attacker to read and modify some parts of the Linux kernel memory rhbz1663068...
Updated cinnamon packages fix security vulnerability
A flaw was found in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of for example other users' icon files in onfacebrowsemenuitemactivated and onfacemenuitemactivated. These icon files are written to the respective user's $HOME/.face locatio...
Updated python-marshmallow packages fix security vulnerability
In the marshmallow library before 2.15.1 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the "only" option, and there...