6012 matches found
Updated ldb, talloc, and samba packages fix security vulnerabilities
Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service CVE-2018-14629. Alex MacCuish discovered that a user with a valid certificate or smart card can crash the Samba AD DC's KDC when configured to accept smart-card...
Updated freerdp packages fix security vulnerabilities
Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2018-8784, CVE-2018-8785. Eyal Itkin discovered FreeRDP incorrectly handled...
Updated pdns packages fix security vulnerabilities
A vulnerability was in found in PowerDNS Authoritative Server. The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid. It allows an authorized user to...
Updated libpgf packages fix security vulnerability
Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32 CVE-2015-6673...
Updated units package fixes security vulnerability
A flaw was found in units. unitscur doesn't sanitize downloaded data. This allows a maliciously intended server to execute arbitrary code remotely on the client rhbz1598913...
Updated plexus-archiver packages fix security vulnerability
A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or...
Updated imagemagick packages fix security vulnerabilities & bugs
Imagemagick has been updated to fix several bugs and security issues...
Updated libextractor packages fix security vulnerabilities
Several vulnerabilities were discovered in libextractor which may lead to denial of service or memory disclosure if a malformed OLE file is processed CVE-2018-20430, CVE-2018-20431...
Updated xmlrpc packages fix security vulnerabilities
XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD CVE-2016-5002. A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that...
Updated pdns-recursor packages fix security vulnerabilities
A vulnerability was in found in PowerDNS Recursor. The issue is a memory leak occurring while parsing some malformed records, due to the fact that some memory is allocated parsing a record and is not always properly released if the record is not valid. It allows a malicious auth server to cause a...
Updated openjpeg2 packages fix security vulnerabilities
A stack-based buffer overflow in the pgxtoimage function in jpwl/convert.c could crash the converter CVE-2017-17479. A stack-based buffer overflow in the pgxtovolume function in jp3d/convert.c could crash the converter CVE-2017-17480. A flaw was found in OpenJPEG 2.3.0, there is an integer overfl...
Updated php-phpmailer package fixes security vulnerability
Potential object injection vulnerability CVE-2018-19296...
Updated libgxps packages fix security vulnerabilities
A flaw was found in libgxps through 0.3.0. There is a heap-based buffer over-read in the function ftfontfacehash of gxps-fonts.c. A crafted input will lead to a remote denial of service attack CVE-2018-10733. An integer overflow flaw exists within the "gxpsimagescreatefrompng" function in...
Updated python-lxml packages fix security vulnerability
An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer CVE-2018-19787...
Updated graphicsmagick packages fix security vulnerabilities & bugs
Graphicsmagick has been updated to fix several bugs and security issues...
Updated poppler packages fix security vulnerability
Poppler before 0.70.0 has a NULL pointer dereference in popplerattachmentnew when called from popplerannotfileattachmentgetattachment. CVE-2018-19149...
Updated python packages fix security vulnerabilities
Possible denial of service vulnerability due to a missing check in Lib/wave.py to verify that at least one channel is provided CVE-2017-18207. Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service...
Updated libtiff packages fix security vulnerabilities
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service crash or possibly have unspecified other impact via a crafted TIFF file. CVE-2018-12900 LibTIFF 4.0.9 with JBIG enabled decodes arbitrarily-sized...
Updated keepalived package fixes security vulnerabilities
keepalived before version 2.0.9 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protectedsymlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data ...
Updated ruby-i18n packages fix security vulnerability
A flaw was found in the i18n gem before 0.8.0 for Ruby. The Hashslice in lib/i18n/coreext/hash.rb allows remote attackers to cause a denial of service application crash via a call in a situation where :somekey is present in keepkeys but not present in the hash CVE-2014-10077...
Updated tcpdump package fixes security vulnerability
Fixed a stack-based buffer over-read in the printprefix function CVE-2018-19519...
Updated thunderbird packages fix security vulnerabilities & bugs
The updated packages fix several bugs and some security issues...
Updated monit packages fix security vulnerability
There is a use-after-free in monit that shows up if you run it for a while on an active system with address sanitizer enabled...
Updated sqlite3 packages fix security vulnerability
A security issue fixed upstream in sqlite3 has been announced: https://www.openwall.com/lists/oss-security/2018/12/21/1 The issue is fixed in 3.25.3...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.89 and fixes at least the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors STIBP support. Note that STIBP also requires the functionality be supported by the Intel...
Updated php packages fix security vulnerability
Bypassing disabled exec functions in PHP via imapopen CVE-2018-19518...
Updated netty & jctools packages fix security vulnerability
handler/ssl/OpenSslEngine.java in Netty before 4.0.37.Final allows remote attackers to cause a denial of service infinite loop CVE-2016-4970...
Updated phpmyadmin packages fix security vulnerabilities
- XSS vulnerability in navigation tree was discovered - Local file inclusion through transformation feature...
Updated firefox packages fix security vulnerabilities
A buffer overflow and out-of-bounds read can occur in TextureStorage11 within the ANGLE graphics library, used for WebGL content. This results in a potentially exploitable crash CVE-2018-17466. A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to...
Updated libwpd packages fix security vulnerability
It was discovered there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack CVE-2018-19208...
Updated nss packages fix security vulnerability
Cache side-channel variant of the Bleichenbacher attack.CVE-2018-12404...
Updated thunderbird packages fix security issues & bugs
- Buffer overflow using computed size of canvas element. CVE-2018-12359 - Use-after-free when using focus. CVE-2018-12360 - Integer overflow in SwizzleData. CVE-2018-12361 - Integer overflow in SSSE3 scaler. CVE-2018-12362 - Media recorder segmentation fault when track type is changed during...
Updated tomcat packages fix security vulnerabilities
An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service CVE-2018-1336. The defaults settings for the CORS filter are insecure and enable supportsCredentials for all origins. It is expected that user...
Updated flash-player-plugin packages fix security vulnerability
Use after free flaw enabling arbitrary code execution. CVE-2018-15982 Insecure Library Loading DLL hijacking flaw enabling privilege escalation. CVE-2018-15983...
Updated kio-extras packages fix security vulnerability
The HTML thumbnailer was incorrectly accessing some content of remote URLs listed in HTML files. This meant that the owners of the servers referred in HTML files in your system could have seen in their access logs your IP address every time the thumbnailer tried to create the thumbnail...
Updated messagelib packages fix security vulnerability
Some HTML emails can trick messagelib into opening a new browser window when displaying said email as HTML. This happens even if the option to allow the HTML emails to access remote servers is disabled in KMail settings. This means that the owners of the servers referred in the email can see in...
Updated python-requests packages fix security vulnerability
It was discovered that Requests incorrectly handled certain HTTP headers. An attacker could possibly use this issue to access sensitive information CVE-2018-18074...
Updated apache-mod_perl packages fix security vulnerability
A flaw was found in modperl 2.0 through 2.0.10 which allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request processi...
Updated kdeconnect-kde packages fix security vulnerability
The kdeconnect-kde package has been updated to version 1.3.3, which fixes an issue with modern encryption algorithms being disabled with SSH, and also fixes several bugs and updates compatibility with the Android app...
Updated yaml-cpp packages fix security vulnerability
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.1 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file. CVE-2017-5950...
Updated icecast packages fix security vulnerability
Buffer overflows in URL auth code if there is a "mount" definition that enables URL authentication. A malicious client could send long HTTP headers, leading to a buffer overflow and potential remote code execution CVE-2018-18820...
Updated openssl packages fix security vulnerabilities
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a Affected 1.1.1. Fixed in OpenSSL 1.1.0j Affected 1.1.0-1.1.0i. Fixed in OpenSSL 1.0.2q...
Updated libpng(12) packages fix security vulnerability
In libpng until version 1.6.35, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. CVE-2018-13785 This update fixes it, also providing the...
Updated mariadb packages fix security vulnerabilities
Some easily exploitable vulnerabilities allowing high privileged attacker with network access via multiple protocols to compromise MySQL Server have been fixed...
Updated poppler packages fix security vulnerabilities
In Poppler 0.68.0, the Parser::getObj function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. CVE-2018-16646 An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service becau...
Updated Ghostscript packages fixes security issues
The ghostscript 9.26 update is focusing on security issues, including solving several well publicised real and potential exploits. For other fixes in this release, see the referenced News...
Updated flash-player-plugin packages fix security vulnerability
A critical vulnerability in Adobe Flash Player 31.0.0.148 and earlier versions. Successful exploitation could lead to arbitrary code execution in the context of the current user. CVE-2018-15981...
Updated roundcubemail packages fix security vulnerability & bugs
This is a service release to update the stable version 1.3 of Roundcube Webmail. It contains fixes to several bugs backported from the master branch including a security fix for a reported XSS vulnerability in handling invalid style tag content plus updates to ensure compatibility with PHP 7.3 an...
Updated gettext packages fix security vulnerability
An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to an invalid free in pogramparse in po-gram-gen.y, as demonstrated by lt-msgfmt. CVE-2018-18751...
Updated apache packages fix security vulnerabilities
modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two...