6011 matches found
Updated php and libgd packages fix security vulnerabilities
Buffer over-read into uninitialized memory in libgd CVE-2017-7890. Security issues from bundled oniguruma in php-mbstring CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229...
Updated swftools package fixes security vulnerability
In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function pngload in lib/png.c. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution CVE-2017-8400...
Updated librsvg packages fix security vulnerability
Division-by-zero in the Gaussian blur code CVE-2017-11464...
Updated evince packages fix security vulnerability
Felix Wilhelm discovered that Evince did not safely invoke tar when handling tar comic book cbt files. An attacker could use this to construct a malicious cbt comic book format file that, when opened in Evince, executes arbitrary code. Please note that this update disables support for cbt files i...
Updated kernel packages fixes security and other bugs
This kernel update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
Updated R-base packages fix security vulnerability
Cory Duplantis discovered a buffer overflow in the R programming language. A malformed encoding file may lead to the execution of arbitrary code during PDF generation CVE-2016-8714...
Updated sqlite3 packages fix security vulnerability
Pointer disclosure in SQLite CVE-2017-7000. The getNodeSize function in ext/rtree/rtree.c in SQLite mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact CVE-2017-10989. Note: the CVE-2017-10989 issue only affected...
Updated catdoc package fixes security vulnerability
Attackers may have used specially crafted files to cause a denial of service through a heap-based buffer under-flow and application crash, or have unspecified other impact CVE-2017-11110...
Updated tcpdump package fixes security vulnerability
Security issue due to insufficient bounds checking for STP CVE-2017-11108...
Updated qpdf packages fix security vulnerabilities
This snapshot of the upstream development branch 6.0 of qpdf fixes several infinite loop vulnerabilities: CVE-2017-9208, CVE-2017-9209, CVE-2017-9210, CVE-2017-11624, CVE-2017-11625, CVE-2017-11626, CVE-2017-11627. For Mageia 5, the cups-filters package was also rebuilt against this new major...
Updated spice packages fix security vulnerability
A vulnerability was discovered in spice, in the server's protocol handling. An authenticated attacker could send specially crafted messages to the spice server, causing out-of-bounds memory accesses leading to parts of server memory being leaked or a crash CVE-2017-7506. The Mageia 5 package has...
Updated freerdp packages fix security vulnerabilities
An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middle...
Updated gnupg packages fix security vulnerability
Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG was susceptible to an attack via side channels. A local attacker could use this attack to recover RSA private keys CVE-2017-75...
Updated kernel packages fixes security and other bugs
This kernel update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...
Updated nginx packages fix security vulnerability
A security issue was identified in nginx range filter. A specially crafted request might result in an integer overflow and incorrect processing of ranges, potentially resulting in sensitive information leak CVE-2017-7529...
Updated graphicsmagick packages fix security vulnerabilities
New stable upstream release including security fixes for CVE-2016-7800, CVE-2016-7996, CVE-2016-7997, CVE-2016-8682, CVE-2016-8683, CVE-2016-8684, CVE-2016-9830, CVE-2017-6335, CVE-2017-8350, CVE-2017-10794, CVE-2017-10799, CVE-2017-10800, CVE-2017-11403 and possibly several other security issues...
Updated postgresql9.4 packages fix security vulnerabilities
Robert Haas discovered that some selectivity estimators did not validate user privileges which could result in information disclosure CVE-2017-7484. Daniel Gustafsson discovered that the PGREQUIRESSL environment variable did no longer enforce a TLS connection CVE-2017-7485. Andrew Wheelwright...
Updated freeradius packages fix security vulnerabilities
Fuzz testing of freeradius found multiple vulnerabilites that resulted in either the potential for remote code execution or a possible denial of service except for CVE-2017-10988 which was later determined to not actually result in any vulnerability...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application CVE-2017-10102. Multiple flaws were discovere...
Updated webkit2 packages fix security vulnerability
The webkit2 package has been updated to version 2.16.6, fixing several security issues and other bugs...
Updated gdk-pixbuf2.0 packages fix security vulnerability
The gdk-pixbuf2.0 package has been updated to version 2.36.7, which fixes integer overflows in the ico, bmp, and tiff decoder, as well as fixing other bugs...
Updated libmtp and libgphoto packages fix security vulnerabilities
An integer overflow vulnerability in the ptpunpackEOSCustomFuncEx function of the ptp-pack.c file of libmtp and libgphoto allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer through a USB...
Updated openvpn packages fix security vulnerabilities
It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known CVE-2017-7508. Some parts of the...
Updated wireshark packages fix security vulnerabilities
The wireshark package has been updated to version 2.2.8, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...
Updated libraw packages fix security vulnerabilities
A memory corruption in parsetiffifd function CVE-2017-6886. A memory corruption via e.g. a specially crafted KDC file parsetiffifd CVE-2017-6887. An integer overflow error within the "foveonloadcamf" function CVE-2017-6889. A boundary error within the "foveonloadcamf" function CVE-2017-6890...
Updated valgrind packages fix security vulnerabilities
It was discovered that Valgrind incorectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could possibly execute arbitrary code CVE-2016-2226. It was discovered that Valgrind incorrectly handled parsing...
Updated cinnamon-settings-daemon packages fix security vulnerability
It was found that csd-datetime-setting SetDate DBUS function does not check the polkit authorization for the caller, Unlike SetTime...
Updated wireshark packages fix security vulnerabilities
The wireshark package has been updated to version 2.0.14, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...
Updated libquicktime packages fix security vulnerabilities
A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed CVE-2017-9122. An invalid memory read in lqtframeduration via a crafted mp4 file was fixed CVE-2017-9123. A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed CVE-2017-9124. A DoS in...
Updated gsoap packages fix security vulnerability
A potential vulnerability to a large and specific XML message over 2GB in size greater than 2147483711 bytes to trigger the software bug. A buffer overflow can cause an open unsecured server to crash or malfunction after 2GB is received CVE-2017-9765...
Updated graphite2 packages fix security vulnerabilities
An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution CVE-2017-5436. Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if...
Updated irssi packages fix security vulnerabilities
A malicious server could cause irssi to crash by providing an invalid timestamp CVE-2017-10965. Undefined behavior may be triggered when irssi updates the internal nick list CVE-2017-10966...
Updated c-ares packages fix security vulnerability
The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way CVE-2017-1000381...
Updated expat packages fix security vulnerabilities
Gustavo Grieco discovered an integer overflow flaw during parsing of XML. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library CVE-2016-9063. Rhodri James discovered an infinite loop vulnerability within the entityValueInitProcess...
Updated libgcrypt packages fix security vulnerability
Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that Libgcrypt was susceptible to an attack via side channels. A local attacker could use this attack to recover RSA private keys...
Updated gnutls packages fix security vulnerabilities
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10. CVE-2017-7869 GnuTLS version 3.5.1...
Updated sane packages fix security vulnerability
saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory CVE-2017-6318...
Updated tnef packages fix security vulnerability
It was discovered that tnef did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash CVE-2017-8911...
Updated libtiff packages fix security vulnerabilities
Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code CVE-2017-9936, CVE-2017-10688...
Updated flash-player-plugin packages fix security vulnerability
Adobe Flash Player 26.0.0.137 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves security bypass and memory corruption vulnerabilities that could lead to information...
Updated nodejs packages fix security vulnerability
Node.js has a defect that may make HTTP response splitting possible under certain circumstances. If user-input is passed to the reason argument to writeHead on an HTTP response, a new-line character may be used to inject additional responses CVE-2016-5325. The tls.checkServerIdentity function in...
Updated cairo packages fix security vulnerability
It was discovered that there was a possible DoS attack in Cairo. An SVG could generate invalid pointers from a cairoimagesurface in writepng CVE-2016-9082...
Updated sudo packages fix security vulnerability
A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367...
Updated jbig2dec packages fix security vulnerability
Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened CVE-2016-9601. Artifex jbig2dec has a heap-based buffer over-read leading to...
Updated apache-mod_fcgid packages fix security vulnerability
A remote attacker could have set the HTTPPROXY environment variable of CGI scripts CVE-2016-1000104...
Updated ffcall,clisp packages fix security vulnerability
In libffcall before version 1.13, linking with the libffcall libraries could cause the stack to become executable. This is now fixed. clisp is rebuilt to pick the fixed libffcall static library...
Updated libffi packages fix security vulnerability
libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, such as t...
Updated bitlbee packages fix security vulnerability
It was discovered that bitlbee contained issues that allowed a remote attacker to cause a denial of service via application crash, or potentially execute arbitrary commands CVE-2016-10188, CVE-2016-10189...
Updated libtiff packages fix security vulnerability
Heap-based buffer overflow in the readContigStripsIntoBuffer function in tifunix.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. CVE-2016-10092 Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a...
Updated rxvt-unicode packages fix security vulnerability
The rxvt-unicode package has been patched to harden it against potential integer overflow issues when printing escape sequences...