6012 matches found
Updated opencontainers-runc packages fix security vulnerability
Not using pivotroot2 leaves the host /proc around in the mount namespace so that it is possible to mount another /proc without any other submount, even if /proc in the container is not fully visible. This flaw allows an attacker to read and modify some parts of the Linux kernel memory rhbz1663068...
Updated golang packages fix security vulnerability
Remote code execution in go get, when executed with the -u flag CVE-2018-16873. An arbitrary filesystem write in go get, which could lead to code execution CVE-2018-16874. Denial of Service in the crypto/x509 package during certificate chain validation CVE-2018-16875. Go before 1.11.5 mishandles...
Updated firefox packages fix security vulnerabilities
Use-after-free parsing HTML5 stream CVE-2018-18500. Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 CVE-2018-18501. Privilege escalation through IPC channel messages CVE-2018-18505...
Updated netatalk packages fix security vulnerability
Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, allowing an unauthenticated user to execute arbitrary code with root privileges CVE-2018-1160...
Updated gitolite packages fixes security vulnerability
In commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P CVE-2018-20683...
Updated libvorbis packages fix security vulnerabilities
The vorbis library version 1.3.6 fix security vulnerabilities: - CVE-2017-11735 libvorbis: NULL pointer dereference in vorbisblockclear function in lib/block.c - CVE-2017-11333 libvorbis: Memory exhaustion in vorbisanalysiswrote function in lib/block.c...
Updated bluez packages fix security vulnerability
A buffer overflow in pincodereplydump function CVE-2016-9800. A buffer overflow in setextctrl function CVE-2016-9801. A buffer overflow in commandsdump function CVE-2016-9804...
Updated php-tcpdf packages fix security vulnerabilities
- Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data. - Merge various fixes for PHP 7.3 compatibility and security...
Updated ghostscript packages fix a security vulnerability
Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file. CVE-2019-6116...
Updated zeromq packages fix security vulnerability
CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow...
Updated phpmyadmin packages fix security vulnerabilities
- Possible SQL injection in Designer feature - When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access...
Updated virtualbox packages fix security vulnerabilities
Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM...
Updated perl-Email-Address package fixes security vulnerability
The parse method in the Email::Address module through 1.912 for Perl can consume a large amount of resources on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f" CVE-2018-12558...
Updated php-pear-HTML_QuickForm package fixes security vulnerability
A vulnerability in the HTMLQuickForm package has been found which potentially allows remote code execution...
Updated wavpack packages fix security vulnerabilities
Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service CVE-2018-6767. It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cau...
Updated libcaca packages fix security vulnerabilities
It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service CVE-2018-20544. It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code...
Updated podofo packages fix security vulnerabilities
The podofo package has been updated to fix several security issues...
Updated libmp4v2 packages fix security vulnerability
This release address a potential security issue in libmp4v2 for Mageia 6: CVE-2018-14054: libmp4v2: Double free in the MP4StringProperty class in mp4property.cpp...
Updated libxml2 packages fix security vulnerabilities
A flaw was found in libxml2 2.9.8. The xzdecomp function in xzlib.c, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint CVE-2018-9251, CVE-2018-14567. A null pointer...
Updated pdns-recursor package fixes security vulnerabilities
An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua CVE-2019-3806. An issue has been found in PowerDNS Recursor where records in the...
Updated libssh packages fix security vulnerability
libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2MSGUSERAUTHSUCCESS message in place of the SSH2MSGUSERAUTHREQUEST message which the server would expect to initiate authentication, the attacker could successfully...
Updated php packages fix security vulnerabilities
Several buffer overflows in the components GD, MBString, Phar and XMLRPC were discovered and fixed...
Updated python-django16 package fixes security vulnerability
It was discovered that Django incorrectly handled the default 404 page. A remote attacker could use this issue to spoof content using a malicious URL CVE-2019-3498...
Updated rdesktop package fixes security vulnerabilities
rdesktop has been updated to fix multiple CVE's. Fix memory corruption in processbitmapdata - CVE-2018-8794 Fix remote code execution in processbitmapdata - CVE-2018-8795 Fix remote code execution in processplane - CVE-2018-8797 Fix Denial of Service in mcsrecvconnectresponse - CVE-2018-20175 Fix...
Updated gthumb packages fix security vulnerability
An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the addthemesfromdir method in dlg-contact-sheet.c because of two successive calls of gfree, each of which frees the same buffer. CVE-2018-18718...
Updated nss packages fix security vulnerability
Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys CVE-2018-0495...
Updated aria2 package fixes security vulnerability
It was observed that URL's which gets downloaded via "--log=" attribute stores sensitive information. This update fixes that...
Updated libvncserver & x11vnc packages fix security vulnerabilities
A heap use-after-free vulnerability in the server code of the file transfer extension, which can result in remote code execution. This attack appears to be exploitable via network connectivity CVE-2018-6307. A heap use-after-free vulnerability in the server code of the file transfer extension,...
Updated spice-vdagent package fixes security vulnerability
Improperly escaped save directory that is passed to the shell allows local attacker with access to the session the agent runs to inject arbitrary commands to be executed CVE-2017-15108...
Updated python-django packages fix security vulnerability
An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...
GNU tar has been updated to fix CVE-2018-20482
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...
Updated graphicsmagick packages fix security vulnerabilities
It was discovered that graphicsmagick was subject to vulnerabilities. heap-based buffer overflow in the WriteTGAImage function of tga.c CVE-2018-20184. denial of service vulnerability in ReadDIBImage function of coders/dib.c CVE-2018-20189. heap-based buffer over-read in the ReadBMPImage function...
Updated terminology package fixes security vulnerability CVE-2018-20167
Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...
Updated libarchive packages fix security vulnerabilities
readheader in archivereadsupportformatrar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archivereadformatrarreadheader CVE-2017-14502. Multiple security issues were found in libarchive: Processing malformed RAR archive...
Updated mbedtls packages fix security vulnerability
A vulnerability was found in mbedTLS which allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-ECDHE cipher suites CVE-2018-19608...
Updated live, ffmpeg, mplayer, and vlc packages fix security vulnerabilities
A bug in the server implementation of RTSP-over-HTTP in live could allow a denial-of-service attack. A bug in the server implementation of RTSP-over-HTTP could allow a buffer overflow, which could result in the execution of arbitrary code when parsing a malformed RTSP stream CVE-2018-4013. The...
Updated krb5 packages fix security vulnerability
An authenticated user who can obtain a TGT using an older encryption type DES, DES3, or RC4 can cause an assertion failure in the KDC by sending an S4U2Self request CVE-2018-20217...
Updated openafs packages fix security vulnerabilities
Jeffrey Altman reported that the backup tape controller butc process does accept incoming RPCs but does not require or allow for authentication of those RPCs, allowing an unauthenticated attacker to perform volume operations with administrator credentials CVE-2018-16947. Mark Vitale reported that...
Updated opensc packages fix security vulnerabilities
Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
Updated ansible package fixes security vulnerability
It was found that when a retry task in ansible run with -vvv fails, it will log the raw return code, stdout and stderr from ssh which could have contained sensitive data CVE-2018-16876...
Updated avidemux packages fix security vulnerabilities
The avidemux package has been updated to version 2.7.1. Avidemux includes a bundled copy of the ffmpeg libraries, which have been updated from version 3.3.3 to version 3.3.9, fixing several security issues and other bugs...
Updated discount packages fix security vulnerabilities
The mkdtrimline function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file CVE-2018-11468. DISCOUNT through version 2.2.3a is vulnerable to a Heap-based buffer-overflow in the markdown.c:isfootnote...
Updated coreutils packages fix security vulnerabilities
A flaw was found in GNU Coreutils through 8.29 in chown-core.c. The functions chown and chgrp do not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...
Updated nettle packages fix security vulnerability
A leaky data conversion exposing a manager oracle CVE-2018-16869...
Updated qtbase5 packages fix security vulnerabilities
Double free in QXmlStreamReader CVE-2018-15518. Denial of Service on malformed BMP file in QBmpHandler CVE-2018-19873...
Updated libao packages fix security vulnerability
A flaw was found in libao. The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 can cause a denial of servicememory corruption via a crafted mp3 file CVE-2017-11548...
Updated dcraw packages fix security vulnerability
A NULL pointer dereference flaw was found in the way dcraw processed images. An attacker could potentially use this flaw to crash dcraw by tricking it into processing crafted images CVE-2018-5801...
Updated aubio packages fix security vulnerabilities
NULL pointer dereference in the function aubiosourceavcodecreadframe which may lead to DoS when playing a crafted audio file CVE-2017-17554. A crash in aubiopitchsetunit CVE-2018-14522. A buffer overrread resulting in crash or information leakage in newaubiopitchyinfft CVE-2018-14523...
Updated wget packages fix security vulnerability
Since version 1.19 Wget stores the URL and in certain cases the 'Referer' URL within extended attributes xattrs of the file system - by default. This includes username + password and other credentials or private data if those have been used within the URLs. Anyone with read access to those files...
Updated units package fixes security vulnerability
A flaw was found in units. unitscur doesn't sanitize downloaded data. This allows a maliciously intended server to execute arbitrary code remotely on the client rhbz1598913...