6012 matches found
Updated X11 client libraries packages fix security vulnerability
The XvQueryAdaptors and XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data CVE-2016-5407. The XGetImage function in X.org libX11 before 1.6.4 might allow remo...
Updated gstreamer1.0-plugins-bad packages fix security vulnerability
Hanno Boeck discovered multiple vulnerabilities in the GStreamer media framework and its codecs and demuxers, which may result in denial of service or the execution of arbitrary code if a malformed media file is opened CVE-2016-9809, CVE-2017-5843, CVE-2017-5848...
Updated ffmpeg packages fix security vulnerability
This update provides ffmpeg version 2.4.14, which fixes several security vulnerabilities and other bugs which were corrected upstream...
Updated apache packages fix security vulnerability
Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed CVE-2017-9798...
Updated apache packages fix security vulnerability
modsessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation AES256-CBC by default, hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC CVE-2016-0736...
Updated openssh packages fix security vulnerability
It was found that the boundary checks in the code implementing support for pre-authentication compression could have been optimized out by certain compilers. An attacker able to compromise the privilege-separated process could possibly use this flaw for further attacks against the privileged...
Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
Updated python/python3 packages fix security vulnerability
It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code CVE-2017-1000158...
Updated ldns packages fix security vulnerabilities
Stephan Zeisberg discovered that ldns incorrectly handled memory when processing data. A remote attacker could use this issue to cause ldns to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2017-1000231, CVE-2017-1000232...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113...
Updated webkit2 packages fix security vulnerabilities
The webkit2 package has been updated to version 2.18.4, fixing several security issues and other bugs...
Updated ncurses packages fix security vulnerabilities
Possible RCE via stack-based buffer overflow in the fmtentry function CVE-2017-10684. Possible RCE with format string vulnerability in the fmtentry function CVE-2017-10685. Illegal address access in appendacs CVE-2017-11112. Dereferencing NULL pointer in ncparseentry CVE-2017-11113. Fix infinite...
Updated ruby packages fix security vulnerabilities
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTPget, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernelopen to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default...
Updated openjpeg2 packages fix security vulnerability
A heap-based buffer overflow was discovered in the opjt2encodepacket function. The vulnerability caused an out-of-bounds write, which may have lead to remote denial of service or possibly unspecified other impact CVE-2017-14039. An invalid write access was discovered in bin/jp2/convert.c,...
Updated icu packages fix security vulnerability
Integer overflow in ICU in the Persian calendar CVE-2017-15422...
Updated heimdal packages fix security vulnerability
Michael Eder and Thomas Kittel discovered that Heimdal did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service crash of the KDC daemon by sending maliciously crafted packets CVE-2017-17439...
Updated shotwell packages fix security vulnerability
It was discovered that Shotwell is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission CVE-2017-1000024...
Updated ruby-RubyGems packages fix security vulnerabilities
An ANSI escape sequence vulnerability CVE-2017-0899. A DoS vulnerability in the query command CVE-2017-0900. A vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files CVE-2017-0901. A DNS request hijacking vulnerability CVE-2017-0902. An unsafe object...
Updated openssh packages fix security vulnerability
The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files CVE-2017-15906...
Updated bind packages fix security vulnerability
It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-9131. It was discovered that Bind incorrectly handled certain malformed responses to an AN...
Updated mupdf packages fix security vulnerability
Multiple vulnerabilities have been found in the PDF viewer MuPDF, which may result in denial of service or the execution of arbitrary code if a malformed PDF file is opened CVE-2016-8674, CVE-2017-5896, CVE-2017-5991 Terry Chia and Jeremy Heng discovered an integer overflow that can cause arbitra...
Updated jasper packages fix security vulnerabilities
The jasper package has been updated and patched to fix several security issues...
Updated kdebase4-runtime packages fix security vulnerability
A user could sneak an unicode string terminator in the kdesu invocation, which could hide the fact that more commands could be executed CVE-2016-7787...
Updated emacs packages fix security vulnerability
Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data e.g. when using Emacs-based mail clients CVE-2017-14482...
Updated thunderbird packages fix security vulnerabilities
Multiple vulnerabilities have been fixed in thunderbird. JavaScript Execution via RSS in mailbox:// origin CVE-2017-7846. Local path string can be leaked from RSS feed CVE-2017-7847. RSS Feed vulnerable to new line Injection CVE-2017-7848. Mailsploit From address with encoded null character is cu...
Updated freerdp packages fix security vulnerabilities
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...
Updated nonfree firmwares fixes security issues and adds new hw support
Updated nonfree firmwares fixes at least the following security issues: Broadcom firmware fixes: - dropping BRCM proprietary packets received over the air CVE-2016-0801 - adding length checks for TDLS action frames CVE-2017-0561 - adding length checks for WME IE CVE-2017-9417 Iwlwifi firmware...
Updated phpmyadmin packages fix security vulnerability
Due to an XSRF/CSRF vulnerability in phpMyAdmin before 4.7.7, by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc PMASA-2017-9. The phpmyadmin package has been updated to version 4.7.7 to fix...
Updated glibc packages fix security vulnerabilities
The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.CVE-2017-12132, CVE-2017-12133. The GNU C Library aka...
Updated transfig package fix security vulnerability
An out-of-bounds read flaw was found in the way fig2dev program in Xfig handled the processing of Fig format files. This flaw could potentially be used to crash the fig2dev program by tricking it into processing specially crafted Fig format files CVE-2017-16899...
Updated libraw packages fix security vulnerability
Invalid read memory access in the LibRaw::xtransinterpolate function. CVE-2017-16910...
Updated glibc packages fix security vulnerabilities
The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.CVE-2017-12132, CVE-2017-12133. The GNU C Library aka...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a...
Updated shadow-utils packages fix security vulnerability
It was found that shadow-utils had a buffer overflow where if a buffer was left NULL for a cycle the next cycle would happily write past the entries buffer CVE-2017-12424...
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a netlink...
Updated flash-player-plugin packages fix security vulnerability
A regression affecting Adobe Flash Player version 27.0.0.187 and earlier versions causes the unintended reset of the global settings preference file when a user clears browser data. CVE-2017-11305...
Updated mariadb packages fix security vulnerabilities
Difficult to exploit vulnerability in MariaDB Server allows high privileged attacker with logon to the infrastructure where MariaDB Server executes to compromise MariaDB Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...
Updated dhcp packages fix security vulnerability
It was found that the DHCP daemon does not free socket descriptors when handling empty OMAPI messages. An adjacent network attacker could potentially use this flaw to send crafted OMAPI messages to the DHCP daemon, thereby leading to denial of service due to exhaustion of file descriptors in the...
Updated pcre packages fix security vulnerabilities
The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression CVE-2017-6004. A vulnerability wa...
Updated graphicsmagick packages fix security vulnerabilities
The updated packages fix many security vulnerabilities...
Updated xrdp packages fix security vulnerability
The scpv0saccept function in sesman/libscp/libscpv0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted input...
Updated rsync package fixes security vulnerability
The receivexattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact by sendi...
Updated rootcerts packages fix security vulnerability
The rootcerts have been updated to the latest certdata from Mozilla November 22 and it now virtual provides ca-certificates, to allow the installation of packages such as google-chrome, that expect it...
Updated lynx package fixes security vulnerability
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself. CVE-2017-1000211...
Updated openssl packages fix security vulnerabilities
OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the...
Updated deluge packages fix security vulnerability
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template fileCVE-2017-9031. Updated deluge package adds systemd services required to autostart deluge daemon and web service...
Updated evince packages fix security vulnerability
It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code CVE-2017-1000159...
Updated rsync package fixes security vulnerabilities
The recvfiles function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemonfilterlist data structure, which allows remote attackers to bypass intended access restrictions...