6012 matches found
Updated xdg-user-dirs packages fix security vulnerability
Xsession creation of XDG user directories does not honour system umask policy CVE-2017-15131...
Updated libofx packages fix security vulnerabilities
An exploitable buffer overflow vulnerability exists in the tag parsing functionality of LibOFX 0.9.11. A specially crafted OFX file can cause a write out of bounds resulting in a buffer overflow on the stack. An attacker can construct a malicious OFX file to trigger this vulnerability...
Updated freeplane packages fix security vulnerability
Wojciech Regula discovered an XML External Entity vulnerability in the XML Parser of the mindmap loader in freeplane, a Java program for working with mind maps, resulting in potential information disclosure if a malicious mind map file is opened CVE-2018-1000069...
Updated libcdio packages fix security vulnerabilities
A heap corruption bug was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files, thus resulting in local DoS CVE-2017-18198. A NULL pointer dereference flaw was...
Updated zsh packages fix security vulnerabilities
Richard Maciel Costa discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service CVE-2018-1071. It was discovered that Zsh incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code CVE-2018-1083...
Updated libtiff packages fix security vulnerability
A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tifprint.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. This affects an earlier part of the TIFFPrintDirectory function that was not addressed...
Updated thunderbird packages fix bugs and security vulnerabilities
A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash CVE-2018-5127. A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially...
Updated firefox packages fix security vulnerability
Memory safety bugs fixed in Firefox ESR 52.7 CVE-2018-5125. Buffer overflow manipulating SVG animatedPathSegList CVE-2018-5127. Out-of-bounds write with malformed IPC messages CVE-2018-5129. Mismatched RTP payload type can trigger memory corruption CVE-2018-5130. Fetch API improperly returns cach...
Updated thunderbird packages fix security vulnerability
A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash CVE-2018-5127. A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially...
Updated python-paramiko packages fix security vulnerability
A flaw was found in the implementation of transport.py in Paramiko, which did not properly check whether authentication was completed before processing other requests. A customized SSH client could simply skip the authentication step CVE-2018-7750. This flaw is a user authentication bypass in the...
Updated flash-player-plugin packages fix security vulnerability
The Flashplayer plugin has been updated to the latest release from Adobe...
Updated nxagent packages fix security vulnerability
CVE-2017-2624: Timing attack against MIT Cookie...
Updated samba packages fix security vulnerabilities
It was discovered that Samba is prone to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon CVE-2018-1050. Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the LDAP server incorrectly validates permissions to modify passwords over LDA...
Updated puppet packages fix security vulnerability
It was discovered that Puppet incorrectly handled permissions when unpacking certain tarballs. A local user could possibly use this issue to execute arbitrary code CVE-2017-10689...
Updated libvncserver packages fix security vulnerability
An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact e.g., an integer overflow via specially crafted VNC packets...
Updated aubio packages fix security vulnerability
Specially crafted wav files could have been used to cause an application crash CVE-2017-17054...
Updated cfitsio packages fix security vulnerabilities
Updated cfitsio packages fix security vulnerabilities that could allow a remote, unauthenticated attacker to take control of a server running the CFITSIO software. These vulnerabilities affect all servers and products running the CFITSIO software...
Updated nmap packages fix security vulnerability
Nmap developer nnposter found a security flaw directory traversal vulnerability in the way the non-default http-fetch script sanitized URLs. If a user manualy ran this NSE script against a malicious web server, the server could potentially depending on NSE arguments used cause files to be saved...
Updated ntp packages fix security vulnerabilities
This release addresses five security issues in ntpd for Mageia 6: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. Reported by Matt Van Gundy of...
Updated 389-ds-base packages fix security vulnerability
It was discovered that a lack of size check in slapictmemcmp function may lead to authentication bypass through pre-hashed userPassword attributes under highly specific circumstances CVE-2017-15135...
Updated openssl packages fix security vulnerability
Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so...
Updated php packages fix security vulnerability
Dumpable FPM child processes allow bypassing opcache access controls php75605...
Updated acpica-tools packages fix security vulnerabilities
acpi operand cache leak in dsutils.c CVE-2017-13693. acpi parse and parseext cache leaks CVE-2017-13694. acpi operand cache leak in nseval.c CVE-2017-13695...
Updated flash-player-plugin packages fix security vulnerability
It was found that flash versions older than 29.0.0.113 contained a use after free vulnerability that could lead to remote code execution CVE-2018-4919. A second vulnerability was a type confusion which could also lead to remote code execution CVE-2018-4920...
Updated squirrelmail packages fix CVE-2018-8741
Updated squirrelmail packages fix security vulnerabilities: Filenames of attachment files are not sanitized, so attackers could read arbitrary files. CVE-2018-8741...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.30 and fixes at least the following security issues: The KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86 has been updated to revision 4. A flaw was found in the Linux kernel implementation of 32 bit syscall interface for bridging allowing a...
Updated mailman packages fix a security vulnerability
Updated mailman package fixes security vulnerability: Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed ...
Updated libvirt packages fix CVE-2018-1064
Updated libvirt package fixes security vulnerability: It was discovered that libvirt had a potential denial of service reading from QEMU guest agent CVE-2018-1064...
Updated net-snmp packages fix CVE-2018-1000116
Updated net-snmp packages fix security vulnerabilities: A Heap corruption in snmppduparse function in snmplib/snmpapi.c was discovered CVE-2018-1000116...
Updated jupyter-notebook packages fix security vulnerability
CVE-2018-8768: In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...
Updated exempi package fixes security vulnerabilities
CVE-2018-7728: Specially crafted TIFF images could have been used to cause a denial of service via a heap-based buffer overflow. CVE-2018-7730: Specially crafted Excel files could have been used cause a denial of service via a heap-based buffer overflow...
Updated sqlite3 packages fix security vulnerability
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c CVE-2018-8740...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.25 and updates the KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86. It also adds ome optimizations and improvements to mitigate some of the slowdons caused by the Meltdown CVE-2017-5754 and Spectre, variant 2 CVE-2017-5715. Other security...
Updated shadow-utils packages fix security vulnerability
Privilege escalation in newgidmap, which allowed an unprivileged user to be placed in a user namespace where setgroups2 is allowed CVE-2018-7169...
Updated libvorbis packages fix security vulnerability
libvorbis can write out of bounds on codebook decoding when processing malformed Vorbis audio data CVE-2018-5146...
Updated xerces-c packages fix security vulnerability
The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processing and do not prevent external DTD usage, and could...
Updated libtiff packages fix security vulnerabilities
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, tdimagelength is not checked. The value of tdimagelength can be directly controlled by an input file. In the...
Updated python-pycrypto packages fix security vulnerability
The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/dlitz/pycrypto/issues/253 This update includes ...
Updated bugzilla packages fix security vulnerability
A CSRF vulnerability in Bugzilla's report.cgi would allow a third-party site to extract confidential information from a bug the victim had access to CVE-2018-5123...
Updated microcode packages fix security vulnerabilities
This update provides new microcode fixes and mitigations for Spectre CVE-2017-5715 for many Intel CPUs produced in the last 5 years. So far the Intel microcode updates are for several processors from many of Intel Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake, Gemini Lake, Apollo Lake,...
Updated SDL_image packages fix security vulnerability
An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDLimage 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to trigger this...
Updated leptonica packages fix security vulnerabilities
Package leptonica has been updated to the current stable version 1.75.3 which fixes: CVE-2018-7186 - multiple stack-based buffer overflows in gplotRead and ptaReadStream CVE-2018-7247 - a buffer overflow in src/viewfiles.c with unsanitized input rootname...
Updated sharutils packages fix security vulnerability
It was discovered that unshar from sharutils contained a heap buffer overflow flaw that could result in a Denial of Service attack when processing a shar archive if the archive contains overlong lines...
Updated clamav packages fix security vulnerabilities
Clamav has been updated to fix 2 security issues and also contains a lot of bugfixes. Out-of-bounds access in the PDF parser CVE-2018-0202 Out-of-bounds heap read in XAR parser CVE-2018-1000085...
Updated php packages fix CVE-2018-7584
Updated php packages fix security vulnerability: Update to php 5.6.34 fixes a stack-buffer-overflow while parsing HTTP response. CVE-2018-7584...
Updated python-django packages fix security vulnerabilities
The python-django package has been updated to fix 2 security issues. CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc template filters. CVE-2018-7537: Denial-of-service possibility in truncatecharshtml and truncatewordshtml template filters...
Updated memcached packages disable UDP by default
Updated memcached packages fix security vulnerabilities: Memcached enabled UDP by default, which could be exploited to denial of service via network flood CVE-2018-1000115. By default this UPD is now closed. With this release some overflow and deadlock situations get fixed too...
Updated zsh packages fix security vulnerabilities
Zsh has been updated to fix 4 security issues. In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 In utils.c in zsh before 5.4, symlink expansion had a buff...
Updated libraw packages bring minor security fixes
Minor security fixes have been made in libraw version 0.18.8 checking limits are not enforced. See references for more details...
Updated mbedtls and related packages fix security vulnerabilities
The mbedtls package has been updated to fix several security issues. Fixed a heap corruption issue in the implementation of the truncated HMAC extension. When the truncated HMAC extension is enabled and CBC is used, sending a malicious application packet could be used to selectively corrupt 6 byt...