5998 matches found
Updated perl packages fix security vulnerability
John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory without the user realising and potentially leading to privilege escalation...
Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities
Use-after-free error could lead to crash CVE-2016-4658. Use-after-free vulnerability in libxml2 through 2.9.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function CVE-2016-5131. libxml2 2.9.4 and earli...
Updated OpenEXR packages fix security vulnerability
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...
Updated openldap packages fix security vulnerability
A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query CVE-2017-9287. The openldap package ha...
Updated connman packages fix security vulnerability
Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service...
Updated python-werkzeug packages fix security vulnerability
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message CVE-2016-10516...
Updated mercurial packages fix security vulnerability
A specially malformed repository may have caused Git subrepositories to run arbitrary code CVE-2017-17458...
Updated wayland packages fix security vulnerability
It is possible to trigger heap overflows due to an integer overflow while parsing images. The integer overflow occurs because the chosen limit 0x10000 for dimensions is too large for 32 bit systems, because each pixel takes 4 bytes. Properly chosen values allow an overflow which in turn will lead...
Updated binutils packages fix security vulnerability
Exploitable buffer overflow CVE-2016-2226. Invalid write due to a use-after-free to array btypevec CVE-2016-4487. Invalid write due to a use-after-free to array ktypevec CVE-2016-4488. Invalid write due to integer overflow CVE-2016-4489. Write access violation CVE-2016-4490. Write access violatio...
Updated perl-DBD-mysql packages fix security vulnerability
Pali Rohar discovered that DBD::mysql constructed an error message in a fixed-length buffer, leading to a crash FORTIFYSOURCE failure and, potentially, to denial of service CVE-2016-1246. A vulnerability was discovered in perl-DBD-MySQL that can lead to an out-of-bounds read when using server sid...
Updated gdb packages fix security vulnerability
Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly...
Updated gdb packages fix security vulnerability
It was discovered that gdb incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service CVE-2016-4491, CVE-2016-6131...
Updated mbedtls packages fix security vulnerability
ARM mbed TLS before 1.3.21, 2.1.x before 2.1.9 and 2.x before 2.6.0, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates CVE-2017-14032...
Updated fontforge packages fix security vulnerability
It was discovered that FontForge, a font editor, did not correctly validate its input. An attacker could use this flaw by tricking a user into opening a maliciously crafted OpenType font file, thus causing a denial-of-service via application crash, or execution of arbitrary code CVE-2017-11568,...
Updated libextractor packages fix security vulnerability
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
Updated jbig2dec packages fix security vulnerability
libjbig2dec.a in Artifex jbig2dec 0.13 has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file CVE-2017-9216...
Updated fossil packages fix security vulnerability
Client-side code execution via crafted "ssh://" URLs CVE-2017-17459...
Updated awstats packages fix security vulnerability
The cPanel Security Team discovered two path traversal flaws in awstats in the "config" and "migrate" parameters that could be leveraged for unauthenticated remote code execution CVE-2017-1000501...
Updated libplist packages fix security vulnerability
The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data CVE-2017-5209. The main function in plistutil.c in libimobiledevice libplist allowed attackers to...
Updated elfutils packages fix security vulnerabilities
The elfutils package has been updated to version 0.169 to fix several bugs that can lead to memory allocation failures or heap overflows CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613...
Updated podofo packages fix security vulnerability
The podofo package has been updated to fix several security issues. The krename and calibre packages have been rebuilt against the updated podofo...
Updated rkhunter packages fix security vulnerability
The rkhunter package has been updated to disable by default an insecure cron job. The script is now included with the package as documentation. See the README.urpmi file for more information...
Updated gimp packages fix security vulnerability
Several vulnerabilities were discovered in the GIMP which could result in denial of service application crash or potentially the execution of arbitrary code if malformed files are opened CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789...
Updated w3m packages fix security vulnerability
The w3m package has been updated to a newer git snapshot to fix several security issues...
Updated raptor2 packages fix security vulnerability
The raptor2 package has been patched to fix two heap buffer overflows...
Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Stefan Metzmacher discovered that Samba incorrectly...
Updated libical packages fix security vulnerability
libical 1.0 allows remote attackers to cause a denial of service use-after-free via a crafted ics file CVE-2016-5824. The icaltimefromstring function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service out-of-bounds heap read via a crafted string to the...
Updated samba packages fix security vulnerability
Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote...
Updated mad packages fix security vulnerability
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file CVE-2017-8373. The madbitskip function in bit.c in Underbit...
Updated libzip packages fix security vulnerability
The zipreadeocd64 function mishandled EOCD records, which allowed remote attackers to cause a denial of service memory allocation failure in zipcdirgrow in zipdirent.c via a crafted ZIP archive CVE-2017-14107...
Updated iceape packages fix security vulnerabilities
Updated iceape packages include security fixes from upstream Seamonkey and Firefox: Multiple flaws were found in the way Iceape 2.48 processes various types of web content, where loading a web page containing malicious content could cause Iceape to crash, execute arbitrary code, or disclose...
Updated gstreamer1.0-plugins-bad packages fix security vulnerability
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened CVE-2016-9809, CVE-2017-5843, CVE-2017-5848...
Updated X11 client libraries packages fix security vulnerability
The XvQueryAdaptors and XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data CVE-2016-5407. The XGetImage function in X.org libX11 before 1.6.4 might allow remo...
Updated libvirt packages fix security vulnerability
In virsh, the hostname could crafted maliciously with ssh arguments, which would be passed to ssh bsc1053600...
Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability
Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...
Updated gstreamer0.10-plugins-ugly/gstreamer1.0-plugins-ugly packages fix security vulnerability
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened CVE-2017-5846, CVE-2017-5847...
Updated gstreamer0.10-plugins-ugly packages fix security vulnerability
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened CVE-2017-5846, CVE-2017-5847...
Updated gdk-pixbuf2.0 packages fix security vulnerability
JPEG gdkpixbufjpegimageloadincrement Code Execution Vulnerability CVE-2017-2862. tiffimageparse Code Execution Vulnerability CVE-2017-2870. Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system were tricked...
Updated openssh packages fix security vulnerability
It was found that the boundary checks in the code implementing support for pre-authentication compression could have been optimized out by certain compilers. An attacker able to compromise the privilege-separated process could possibly use this flaw for further attacks against the privileged...
Updated apache packages fix security vulnerability
Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed CVE-2017-9798...
Updated apache packages fix security vulnerability
modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC CVE-2016-0736...
Updated ffmpeg packages fix security vulnerability
This update provides ffmpeg version 2.4.14, which fixes several security vulnerabilities and other bugs which were corrected upstream...
Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
Updated ldns packages fix security vulnerabilities
Stephan Zeisberg discovered that ldns incorrectly handled memory when processing data. A remote attacker could use this issue to cause ldns to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2017-1000231, CVE-2017-1000232...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113...
Updated python/python3 packages fix security vulnerability
It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code CVE-2017-1000158...
Updated webkit2 packages fix security vulnerabilities
The webkit2 package has been updated to version 2.18.4, fixing several security issues and other bugs...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113. Fix infinite...
Updated ruby packages fix security vulnerabilities
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...
Updated openssh packages fix security vulnerability
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files CVE-2017-15906...