6012 matches found
Updated dovecot packages fix security vulnerabilities
Dovecot has been updated to version 2.2.34 to fix two security issues. CVE-2017-14461: This vulnerability comes in two flavors. A malicious party can send a specially crafted email to a vulnerable system, causing it to crash dovecot. In some systems, the mail can be stored into the mail system,...
Updated 389-ds-base packages fix CVE-2018-1054
389-ds-base has been updated to fix a security issue. A flaw was found in 389 Directory Server that affects all versions. An improper handling of the search feature with an extended filter, when read access on is enabled, in SetUnicodeStringFromUTF8 function in collate.c, can lead to out-of-bound...
Updated tor packages fix security vulnerabilities
A protocol-list handling bug that could be used to remotely crash directory authorities with a null-pointer exception CVE-2018-0490. A bug can be remotely triggered in order to crash relays with a use-after-free pattern CVE-2018-0491...
Updated glibc packages fix security vulnerability
An integer overflow in the implementation of the posixmemalign in memalign functions in the GNU C Library aka glibc or libc6 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption CVE-2018-6485, CVE-2018-6551...
Updated xerces-c packages fix CVE-2017-12627
Updated xerces-c packages fix security vulnerability: The Xerces-C XML parser mishandles certain kinds of external DTD references, resulting in dereference of a NULL pointer while processing the path to the DTD. The bug allows for a denial of service attack in applications that allow DTD processi...
Updated xv packages fix a security vulnerability
Updated xv package fixes DoS security vulnerability: It was discovered that png images created in gimp would crash xv...
Updated phpmyadmin package fixes a security vulnerability
Updated phpmyadmin package fixes security vulnerability: A self-cross site scripting XSS vulnerability has been reported relating to the central columns feature CVE-2018-7260...
Updated leptonica packages fix a security vulnerability
Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...
Updated libvirt packages fix security vulnerabilities
Updated libvirt packages fix security vulnerabilities: In virsh, the hostname could crafted maliciously with ssh arguments, which would be passed to ssh bsc1053600. The defaulttlsx509verify and related parameters in qemu.conf control whether the TLS servers in QEMU request & verify certificates...
Updated krb5 packages fix security vulnerabilities
Updated krb5 packages fix security vulnerabilities: An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the Key Distribution Center KDC, which allows...
Updated ioquake3 packages fix security vulnerability
It was discovered that ioquake3 contained a read buffer overflow that allows remote attackers to cause a denial of service CVE-2017-11721...
Updated wireshark packages fix security vulnerabilities
The SIGCOMP dissector could crash CVE-2018-7320. Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors, along with the DICOM, DMP, LLTD, OpenFlow, RELOAD, RPCoRDMA, RPKI-Router, S7COMM, SCCP, Thread, Thrift, USB, and WCCP dissectors were susceptible...
Updated tomcat packages fix security vulnerabilities
In Tomcat 8.0.45, the description of the search algorithm used by the CGI Servlet to identify which script to execute was updated. The update was not correct. As a result, some scripts may have failed to execute as expected and other scripts may have been executed unexpectedly. Note that the...
Updated TiMidity++ packages fix security vulnerabilities
The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option CVE-2017-11546. The resamplegauss function in...
Updated tomcat-native package fixes security vulnerability
When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for client certificates that should have been rejected if the OCSP check...
Updated cups packages fix security vulnerability
Updated cups packages fix security vulnerability: Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could...
Updated jhead package fixes security vulnerability
Updated jhead package fixes security vulnerability: An integer underflow bug in the processEXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecifie...
Updated flatpak packages fix security vulnerability
Updated flatpak packages fix security vulnerability: A sandbox escape in the flatpak dbus proxy in the authentication phase CVE-2018-6560. The flatpak has been upgraded to the latest stable version, 0.10.3, which fixes this issue. The bubblewrap, ostree, flatpak-builder, xdg-desktop-portal,...
Updated golang packages fix security vulnerability
Updated golang packages fix security vulnerabilities: Go before 1.9.4 allows "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked CVE-2018-6574...
Updated qpdf packages fix security vulnerabilities
Updated qpdf packages fix security vulnerabilities: 1. Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral 2. Another stack overflow / endless recursion in QPDFWriter::enqueueObject 3. Stack out of bounds read in iteraterc4 4. heap out of bounds read large in...
Updated ghostscript packages fix security vulnerability
The fillthreshholdbuffer function in base/gxhtthresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document CVE-2016-10317...
Updated postgresql packages fix security vulnerability
In postgresql 9.4.x before 9.4.16 and 9.6.x before 9.6.7, pgupgrade creates file in current working directory containing the output of pgdumpall -g under umask which was in effect when the user invoked pgupgrade, and not under 0077 which is normally used for other temporary files. This can allow ...
Updated glpi packages fix security vulnerability
The glpi package has been updated to version 9.1.6, which fixes several security issues and other bugs. See the upstream release announcements for details. An issue in the php-zetacomponents-base package which prevented GLPI from working has also been fixed...
Updated jackson-databind packages fix security vulnerability
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper CVE-2017-17485. A flaw was found in FasterXML jackson-databind which allows unauthenticate...
Updated apache-commons-email packages fix security vulnerability
Apache Commons-Email, from version 1.0 to 1.4 inclusive, does not properly validate bounce addresses. If a user of Commons-Email typically an application programmer passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details recipients,...
Updated freetype2 packages fix security vulnerability
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the InsGETVARIATION function within ttinterp.c could lead to DoS via a crafted font file CVE-2018-6942...
Updated advancecomp packages fix security vulnerability
Joonun Jang discovered a vulnerability in AdvanceCOMP that could be used to crash or run programs if it opened a specially crafted ZIP file...
Updated mariadb packages fix security vulnerability
Vulnerability in the MariaDB Server component of MariaDB subcomponent: Server: Partition. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.20 and adds KPTI mitigation for Meltdown CVE-2017-5754 on 32bit x86. Arm platorm has now also addedmitigations for Meltdown CVE-2017-5754 and Spectre, variant 2 CVE-2017-5715. For other fixes in this update, read the referenced changelogs...
Updated qpdf packages fix security vulnerability
Qpdf has been updated to the latest version to fix several security issues. - Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral - Another stack overflow / endless recursion in QPDFWriter::enqueueObject - Stack out of bounds read in iteraterc4 - heap out of bounds read...
Updated irssi packages fix security vulnerability
Null pointer dereference when an "empty" nick has been observed by Irssi CVE-2018-7050. Certain nick names could result in out of bounds access when printing theme strings CVE-2018-7051. When the number of windows exceed the available space, Irssi would crash due to Null pointer dereference...
Updated mpv packages fix security vulnerability
Josef Gajdusek reported that mpv 0.27.0 was vulnerable to an attack through it's youtube-dl hook. This could cause remote code execution. This upstream update creates of list of sure protocols to use through the hook...
Updated quagga packages fix security vulnerability
This is an update to fix several security issues. 1. CVE-2018-5379: Fix double free of unknown attribute 2. CVE-2018-5380: debug print of received NOTIFY data can over-read msg array 3. CVE-2018-5381: fix infinite loop on certain invalid OPEN messages...
Updated nasm packages fix security vulnerabilities
This update provides nasm 2.13.03 and fixes the following security issues: In Netwide Assembler NASM 2.14rc0, there is a "SEGV on unknown address" that will cause a remote denial of service attack, because asm/preproc.c mishandles macro calls that have the wrong number of arguments. In Netwide...
Updated freetype2 packages fix security vulnerability
Updated freetype2 packages fix security vulnerability: FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the ttsizereset function in truetype/ttobjs.c CVE-2017-7864...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on the upstream 4.14.18 and adds some support for mitigating Spectre, variant 1 CVE-2017-5753 and as it is built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full retpoline mitigation for Spectre, variant 2 CVE-2017-5715. The BPF interpreter has bee...
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on the upstream 4.14.18 and adds some support for mitigating Spectre, variant 1 CVE-2017-5753 and as it is built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full retpoline mitigation for Spectre, variant 2 CVE-2017-5715. The BPF interpreter has been...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.18 and adds some support for mitigating Spectre, variant 1 CVE-2017-5753 and as it is built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full retpoline mitigation for Spectre, variant 2 CVE-2017-5715. WireGuard has been updated to...
Updated libtasn1 packages fix security vulnerability
It was discovered that Libtasn1 incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a denial of service CVE-2017-10790. It was discovered that Libtasn1 incorrectly handled certain inputs. An attacker could possibly us...
Updated p7zip packages fix security vulnerability
Heap-based buffer overflow vulnerability in the NCompress::NShrink::CDecoder::CodeReal method in p7zip. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially...
Updated gcc packages fix security vulnerability
This update provides and update to 5.5.0 maintenance release and adds support for retpoline, a mitigation technique for CVE-2017-5715 branch target injection aka 'Spectre Variant 2' that is needed at least for the kernels...
Updated 389-ds-base packages fix security vulnerability
A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service CVE-2017-15134...
Updated flash-player-plugin packages fix security vulnerability
Adobe Flash Player 28.0.0.161 addresses critical use-after-free vulnerabilities that could lead to remote code execution CVE-2018-4877, CVE-2018-4878. Successful exploitation could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for...
Updated redis packages fix security vulnerability
The following vulnerabilities were fixed: - Buffer overflows occurring reading redis.conf bsc1061967 The following bugs are fixed: - Several PSYNC2 bugs could cause data corruption...
Updated php-smarty packages fix security vulnerability
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template nameCVE-2017-1000480...
Updated pure-ftpd packages fix security vulnerability
Fixes loading the configuration file...
Updated curl packages fix security vulnerability
It was reported that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. When accessed, the data is read out of bounds and causes either a crash or that the too large data gets passed to the libcurl callback. This might lead to a...
Updated dovecot packages fix security vulnerability
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by login processes. The leak has impact in high performance configuration where same login processes are reused and can cause the process to crash due to...
Updated clamav packages fix security vulnerability
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a lack of input validation checking mechanisms during certain mail...
Updated gcab packages fix security vulnerability
It was discovered that gcab is prone to a stack-based buffer overflow vulnerability when extracting .cab files. An attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running gcab, if a specially...