Updated podofo packages fix security vulnerabilities

The podofo package has been updated to fix several security issues...

Updated perl-Email-Address package fixes security vulnerability

The parse method in the Email::Address module through 1.912 for Perl can consume a large amount of resources on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters "\f" CVE-2018-12558...

Updated libmp4v2 packages fix security vulnerability

This release address a potential security issue in libmp4v2 for Mageia 6: CVE-2018-14054: libmp4v2: Double free in the MP4StringProperty class in mp4property.cpp...

Updated libxml2 packages fix security vulnerabilities

A flaw was found in libxml2 2.9.8. The xzdecomp function in xzlib.c, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint CVE-2018-9251, CVE-2018-14567. A null pointer...

Updated pdns-recursor package fixes security vulnerabilities

An issue has been found in PowerDNS Recursor where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua CVE-2019-3806. An issue has been found in PowerDNS Recursor where records in the...

Updated libcaca packages fix security vulnerabilities

It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service CVE-2018-20544. It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code...

Updated libssh packages fix security vulnerability

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2MSGUSERAUTHSUCCESS message in place of the SSH2MSGUSERAUTHREQUEST message which the server would expect to initiate authentication, the attacker could successfully...

Updated rdesktop package fixes security vulnerabilities

rdesktop has been updated to fix multiple CVE's. Fix memory corruption in processbitmapdata - CVE-2018-8794 Fix remote code execution in processbitmapdata - CVE-2018-8795 Fix remote code execution in processplane - CVE-2018-8797 Fix Denial of Service in mcsrecvconnectresponse - CVE-2018-20175 Fix...

Updated python-django16 package fixes security vulnerability

It was discovered that Django incorrectly handled the default 404 page. A remote attacker could use this issue to spoof content using a malicious URL CVE-2019-3498...

Updated php packages fix security vulnerabilities

Several buffer overflows in the components GD, MBString, Phar and XMLRPC were discovered and fixed...

Updated gthumb packages fix security vulnerability

An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the addthemesfromdir method in dlg-contact-sheet.c because of two successive calls of gfree, each of which frees the same buffer. CVE-2018-18718...

Updated aria2 package fixes security vulnerability

It was observed that URL's which gets downloaded via "--log=" attribute stores sensitive information. This update fixes that...

Updated nss packages fix security vulnerability

Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys CVE-2018-0495...

Updated libvncserver & x11vnc packages fix security vulnerabilities

A heap use-after-free vulnerability in the server code of the file transfer extension, which can result in remote code execution. This attack appears to be exploitable via network connectivity CVE-2018-6307. A heap use-after-free vulnerability in the server code of the file transfer extension,...

Updated spice-vdagent package fixes security vulnerability

Improperly escaped save directory that is passed to the shell allows local attacker with access to the session the agent runs to inject arbitrary commands to be executed CVE-2017-15108...

GNU tar has been updated to fix CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

Updated graphicsmagick packages fix security vulnerabilities

It was discovered that graphicsmagick was subject to vulnerabilities. heap-based buffer overflow in the WriteTGAImage function of tga.c CVE-2018-20184. denial of service vulnerability in ReadDIBImage function of coders/dib.c CVE-2018-20189. heap-based buffer over-read in the ReadBMPImage function...

Updated python-django packages fix security vulnerability

An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...

Updated libarchive packages fix security vulnerabilities

readheader in archivereadsupportformatrar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archivereadformatrarreadheader CVE-2017-14502. Multiple security issues were found in libarchive: Processing malformed RAR archive...

Updated terminology package fixes security vulnerability CVE-2018-20167

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...

Updated krb5 packages fix security vulnerability

An authenticated user who can obtain a TGT using an older encryption type DES, DES3, or RC4 can cause an assertion failure in the KDC by sending an S4U2Self request CVE-2018-20217...

Updated live, ffmpeg, mplayer, and vlc packages fix security vulnerabilities

A bug in the server implementation of RTSP-over-HTTP in live could allow a denial-of-service attack. A bug in the server implementation of RTSP-over-HTTP could allow a buffer overflow, which could result in the execution of arbitrary code when parsing a malformed RTSP stream CVE-2018-4013. The...

Updated mbedtls packages fix security vulnerability

A vulnerability was found in mbedTLS which allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-ECDHE cipher suites CVE-2018-19608...

Updated discount packages fix security vulnerabilities

The mkdtrimline function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file CVE-2018-11468. DISCOUNT through version 2.2.3a is vulnerable to a Heap-based buffer-overflow in the markdown.c:isfootnote...

Updated ansible package fixes security vulnerability

It was found that when a retry task in ansible run with -vvv fails, it will log the raw return code, stdout and stderr from ssh which could have contained sensitive data CVE-2018-16876...

Updated coreutils packages fix security vulnerabilities

A flaw was found in GNU Coreutils through 8.29 in chown-core.c. The functions chown and chgrp do not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

Updated nettle packages fix security vulnerability

A leaky data conversion exposing a manager oracle CVE-2018-16869...

Updated avidemux packages fix security vulnerabilities

The avidemux package has been updated to version 2.7.1. Avidemux includes a bundled copy of the ffmpeg libraries, which have been updated from version 3.3.3 to version 3.3.9, fixing several security issues and other bugs...

Updated qtbase5 packages fix security vulnerabilities

Double free in QXmlStreamReader CVE-2018-15518. Denial of Service on malformed BMP file in QBmpHandler CVE-2018-19873...

Updated openafs packages fix security vulnerabilities

Jeffrey Altman reported that the backup tape controller butc process does accept incoming RPCs but does not require or allow for authentication of those RPCs, allowing an unauthenticated attacker to perform volume operations with administrator credentials CVE-2018-16947. Mark Vitale reported that...

Updated opensc packages fix security vulnerabilities

Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

Updated libao packages fix security vulnerability

A flaw was found in libao. The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 can cause a denial of servicememory corruption via a crafted mp3 file CVE-2017-11548...

Updated dcraw packages fix security vulnerability

A NULL pointer dereference flaw was found in the way dcraw processed images. An attacker could potentially use this flaw to crash dcraw by tricking it into processing crafted images CVE-2018-5801...

Updated aubio packages fix security vulnerabilities

NULL pointer dereference in the function aubiosourceavcodecreadframe which may lead to DoS when playing a crafted audio file CVE-2017-17554. A crash in aubiopitchsetunit CVE-2018-14522. A buffer overrread resulting in crash or information leakage in newaubiopitchyinfft CVE-2018-14523...

Updated wget packages fix security vulnerability

Since version 1.19 Wget stores the URL and in certain cases the 'Referer' URL within extended attributes xattrs of the file system - by default. This includes username + password and other credentials or private data if those have been used within the URLs. Anyone with read access to those files...

Updated php-phpmailer package fixes security vulnerability

Potential object injection vulnerability CVE-2018-19296...

Updated pdns packages fix security vulnerabilities

A vulnerability was in found in PowerDNS Authoritative Server. The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid. It allows an authorized user to...

Updated pache-commons-compress packages fix security vulnerabilities

A flaw was found in Apache Commons Compress versions 1.11 to 1.15. A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount ...

Updated libgxps packages fix security vulnerabilities

A flaw was found in libgxps through 0.3.0. There is a heap-based buffer over-read in the function ftfontfacehash of gxps-fonts.c. A crafted input will lead to a remote denial of service attack CVE-2018-10733. An integer overflow flaw exists within the "gxpsimagescreatefrompng" function in...

Updated xmlrpc packages fix security vulnerabilities

XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD CVE-2016-5002. A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that...

Updated plexus-archiver packages fix security vulnerability

A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or...

Updated units package fixes security vulnerability

A flaw was found in units. unitscur doesn't sanitize downloaded data. This allows a maliciously intended server to execute arbitrary code remotely on the client rhbz1598913...

Updated libextractor packages fix security vulnerabilities

Several vulnerabilities were discovered in libextractor which may lead to denial of service or memory disclosure if a malformed OLE file is processed CVE-2018-20430, CVE-2018-20431...

Updated libpgf packages fix security vulnerability

Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32 CVE-2015-6673...

Updated imagemagick packages fix security vulnerabilities & bugs

Imagemagick has been updated to fix several bugs and security issues...

Updated ldb, talloc, and samba packages fix security vulnerabilities

Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service CVE-2018-14629. Alex MacCuish discovered that a user with a valid certificate or smart card can crash the Samba AD DC's KDC when configured to accept smart-card...

Updated freerdp packages fix security vulnerabilities

Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2018-8784, CVE-2018-8785. Eyal Itkin discovered FreeRDP incorrectly handled...

Updated openjpeg2 packages fix security vulnerabilities

A stack-based buffer overflow in the pgxtoimage function in jpwl/convert.c could crash the converter CVE-2017-17479. A stack-based buffer overflow in the pgxtovolume function in jp3d/convert.c could crash the converter CVE-2017-17480. A flaw was found in OpenJPEG 2.3.0, there is an integer overfl...

Updated pdns-recursor packages fix security vulnerabilities

A vulnerability was in found in PowerDNS Recursor. The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid. It allows a malicious auth server to cause a...

Updated python-lxml packages fix security vulnerability

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer CVE-2018-19787...