6012 matches found
kernel update provides 4.14 series and fixes security vulnerabilities
This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...
Updated backintime packages fix security vulnerability
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
Updated erlang packages fix security vulnerabilities
It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys CVE-2017-1000385...
Updated wildmidi packages fix security vulnerabilities
The WMSetupMidiEvent function in internalmidi.c:2318 in WildMIDI before 0.4.2 can cause a denial of serviceinvalid memory read and application crash via a crafted mid file CVE-2017-11661. The WMParseNewMidi function in fmidi.c in WildMIDI before 0.4.2 can cause a denial of serviceinvalid memory...
Updated gnome-shell packages fix security vulnerability
gnome-shell through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications but not interact with them, see information from the extensions e.g., what applications you have open...
Updated systemd packages fix security vulnerability
Updated systemd packages fix security vulnerability: Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez independently discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop...
Updated gdm packages fix security vulnerability
Updated gdm packages fix security vulnerability: A flaw was discovered in the gdm where gdm greeter was no longer setting the ranonce boolean during autologin. If autologin was enable for a victim, an attacker could simply select 'login as another user' to unlock their screen CVE-2017-12164...
Updated gnome-shell packages fix security vulnerability
Updated gnome-shell packages fix security vulnerability: gnome-shell through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications but not interact with them, see information...
Updated curl packages fix security vulnerability
libcurl contains a buffer overrun flaw in the NTLM authentication code CVE-2017-8816. libcurl contains a read out of bounds flaw in the FTP wildcard function CVE-2017-8817. libcurl may read outside of a heap allocated buffer when doing FTP CVE-2017-1000254. libcurl contains a buffer overrun flaw ...
Updated curl packages fix security vulnerability
If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. The issue pertains to the function that loads cookies into memory, which reads the specified file...
Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities
Use-after-free error could lead to crash CVE-2016-4658. Use-after-free vulnerability in libxml2 through 2.9.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function CVE-2016-5131. libxml2 2.9.4 and earli...
Updated perl packages fix security vulnerability
Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a remote attacker to cause a denial of service via a specially crafted regular expression with the case-insensitive modifier CVE-2017-12837. Jakub Wilk reported a buffer over-read flaw in the regular...
Updated perl packages fix security vulnerability
John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory without the user realising and potentially leading to privilege escalation...
Updated swftools packages fix security vulnerability
A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, due to bundled code in Gfx.cc from Xpdf 3.02 CVE-2017-7698...
Updated libxml2 packages fix security vulnerability
Integer overflow in memory debug code in libxml2 before 2.9.5 CVE-2017-5130. It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service CVE-2017-15412...
Updated libexif packages fix security vulnerability
A vulnerability was found in libexif. The vulnerability is caused by an integer overflow. In some cases, the integer overflow can cause Heap Out-of-Bounds Read, i.e. Heap Buffer Overflow vulnerability. In some other cases, the integer overflow can cause use of uninitialized pointer variable, i.e...
Updated jbig2dec packages fix security vulnerability
libjbig2dec.a in Artifex jbig2dec 0.13 has a NULL pointer dereference in the jbig2huffmanget function in jbig2huffman.c. For example, the jbig2dec utility will crash segmentation fault when parsing an invalid file CVE-2017-9216...
Updated fossil packages fix security vulnerability
Client-side code execution via crafted "ssh://" URLs CVE-2017-17459...
Updated perl-DBD-mysql packages fix security vulnerability
Pali Rohar discovered that DBD::mysql constructed an error message in a fixed-length buffer, leading to a crash FORTIFYSOURCE failure and, potentially, to denial of service CVE-2016-1246. A vulnerability was discovered in perl-DBD-MySQL that can lead to an out-of-bounds read when using server sid...
Updated connman packages fix security vulnerability
Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service...
Updated mbedtls packages fix security vulnerability
ARM mbed TLS before 1.3.21, 2.1.x before 2.1.9 and 2.x before 2.6.0, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates CVE-2017-14032...
Updated OpenEXR packages fix security vulnerability
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...
Updated openldap packages fix security vulnerability
A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this flaw to crash slapd by issuing a specially crafted LDAP search query CVE-2017-9287. The openldap package ha...
Updated gdb packages fix security vulnerability
It was discovered that gdb incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service CVE-2016-4491, CVE-2016-6131...
Updated mercurial packages fix security vulnerability
A specially malformed repository may have caused Git subrepositories to run arbitrary code CVE-2017-17458...
Updated gdb packages fix security vulnerability
Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly...
Updated fontforge packages fix security vulnerability
It was discovered that FontForge, a font editor, did not correctly validate its input. An attacker could use this flaw by tricking a user into opening a maliciously crafted OpenType font file, thus causing a denial-of-service via application crash, or execution of arbitrary code CVE-2017-11568,...
Updated wayland packages fix security vulnerability
It is possible to trigger heap overflows due to an integer overflow while parsing images. The integer overflow occurs because the chosen limit 0x10000 for dimensions is too large for 32 bit systems, because each pixel takes 4 bytes. Properly chosen values allow an overflow which in turn will lead...
Updated python-werkzeug packages fix security vulnerability
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message CVE-2016-10516...
Updated libextractor packages fix security vulnerability
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
Updated awstats packages fix security vulnerability
The cPanel Security Team discovered two path traversal flaws in awstats in the "config" and "migrate" parameters that could be leveraged for unauthenticated remote code execution CVE-2017-1000501...
Updated binutils packages fix security vulnerability
Exploitable buffer overflow CVE-2016-2226. Invalid write due to a use-after-free to array btypevec CVE-2016-4487. Invalid write due to a use-after-free to array ktypevec CVE-2016-4488. Invalid write due to integer overflow CVE-2016-4489. Write access violation CVE-2016-4490. Write access violatio...
Updated libplist packages fix security vulnerability
The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data CVE-2017-5209. The main function in plistutil.c in libimobiledevice libplist allowed attackers to...
Updated raptor2 packages fix security vulnerability
The raptor2 package has been patched to fix two heap buffer overflows...
Updated rkhunter packages fix security vulnerability
The rkhunter package has been updated to disable by default an insecure cron job. The script is now included with the package as documentation. See the README.urpmi file for more information...
Updated podofo packages fix security vulnerability
The podofo package has been updated to fix several security issues. The krename and calibre packages have been rebuilt against the updated podofo...
Updated gimp packages fix security vulnerability
Several vulnerabilities were discovered in the GIMP which could result in denial of service application crash or potentially the execution of arbitrary code if malformed files are opened CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789...
Updated w3m packages fix security vulnerability
The w3m package has been updated to a newer git snapshot to fix several security issues...
Updated elfutils packages fix security vulnerabilities
The elfutils package has been updated to version 0.169 to fix several bugs that can lead to memory allocation failures or heap overflows CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613...
Updated libical packages fix security vulnerability
libical 1.0 allows remote attackers to cause a denial of service use-after-free via a crafted ics file CVE-2016-5824. The icaltimefromstring function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service out-of-bounds heap read via a crafted string to the...
Updated samba packages fix security vulnerabilities
Updated samba packages fix security vulnerabilities: Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Stefan Metzmacher discovered that Samba incorrectly...
Updated samba packages fix security vulnerability
Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. CVE-2017-12150 Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote...
Updated libzip packages fix security vulnerability
The zipreadeocd64 function mishandled EOCD records, which allowed remote attackers to cause a denial of service memory allocation failure in zipcdirgrow in zipdirent.c via a crafted ZIP archive CVE-2017-14107...
Updated mad packages fix security vulnerability
The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file CVE-2017-8373. The madbitskip function in bit.c in Underbit...
Updated iceape packages fix security vulnerabilities
Updated iceape packages include security fixes from upstream Seamonkey and Firefox: Multiple flaws were found in the way Iceape 2.48 processes various types of web content, where loading a web page containing malicious content could cause Iceape to crash, execute arbitrary code, or disclose...
Updated libvirt packages fix security vulnerability
In virsh, the hostname could crafted maliciously with ssh arguments, which would be passed to ssh bsc1053600...
Updated gdk-pixbuf2.0 packages fix security vulnerability
JPEG gdkpixbufjpegimageloadincrement Code Execution Vulnerability CVE-2017-2862. tiffimageparse Code Execution Vulnerability CVE-2017-2870. Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system were tricked...
Updated gstreamer0.10-plugins-ugly/gstreamer1.0-plugins-ugly packages fix security vulnerability
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened CVE-2017-5846, CVE-2017-5847...
Updated gstreamer0.10-plugins-ugly packages fix security vulnerability
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened CVE-2017-5846, CVE-2017-5847...
Updated gstreamer0.10-plugins-bad/gstreamer1.0-plugins-bad packages fix security vulnerability
Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code CVE-2016-9445, CVE-2016-9446. Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code CVE-2016-9447...