6011 matches found
Updated golang packages fix security vulnerability
A carry propagation issue was found in the P-256 implementation for x86-64 in golang CVE-2017-8932...
Updated drupal packages fix security vulnerability
Greg Knaddison, Mori Sugimoto and iancawthorne discovered that files uploaded by anonymous users into a private file system can be accessed by other anonymous users leading to an access bypass vulnerability CVE-2017-6922...
Updated libmwaw packages fix security vulnerability
It was discovered that a buffer overflow in libmwaw might result in the execution of arbitrary code if a malformed document is opened CVE-2017-9433...
Updated tomcat packages fix security vulnerability
Aniket Nandkishor Kulkarni discovered that in tomcat7, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement or removal of the custom...
Updated libsndfile packages fix security vulnerability
In libsndfile, an error in the "aiffreadchanmap" function aiff.c can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file CVE-2017-6892...
Updated docker packages fix security vulnerability
The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...
Updated yodl packages fix security vulnerability
Invalid memory read in queuepush could lead to Denial of service CVE-2016-10375...
Updated weechat packages fix security vulnerability
It was discovered that weechat is prone to a buffer overflow vulnerability in the IRC plugin, allowing a remote attacker to cause a denial-of-service by sending a specially crafted filename via DCC CVE-2017-8073...
Updated libetpan packages fix security vulnerability
It was discovered that libetpan, a C language mail access and handling library that is used in a number of MUAs, contained a NULL dereference vulnerability in the MIME handling code CVE-2017-8825...
Updated rpcbind/libtirpc packages fix security vulnerability
It was discovered that rpcbind and libtirpc contain a vulnerability that allows an attacker to allocate any amount of bytes up to 4 gigabytes per attack on a remote rpcbind host, and the memory is never freed unless the process crashes or the administrator halts or restarts the rpcbind service...
Updated glibc packages fixes critical security vulnerabilities
The sunrpc implementation in glibc is vulnerable to a flaw that can cause it to be triggered to allocate additional memory until it causes a crash, similar to CVE-2017-8779 CVE-2017-8804. A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or...
Updated kernel-tmb packages fixes critical security vulnerabilities
This kernel-tmb update is based on upstream 4.4.74 and fixes at least the following security issues: The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...
Updated kernel-linus packages fixes critical security vulnerabilities
This kernel-linus update is based on upstream 4.4.74 and fixes at least the following security issues: The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...
Updated irssi packages fix security vulnerabilities
It was discovered that Irssi incorrectly handled certain DCC messages. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service CVE-2017-9468. Joseph Bisch discovered that Irssi incorrectly handled receiving incorrectly quoted DCC files. A remote...
Updated kernel packages fixes critical security vulnerabilities
This kernel update is based on upstream 4.4.74 and fixes at least the following security issues: The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...
Updated mercurial packages fix security vulnerability
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...
Updated roundcubemail packages fix security vulnerability
It was discovered that roundcubemail prior to 1.0.11 contained a vulnerability in the virtualmin and sasl drivers of the password plugin CVE-2017-8114...
Updated kodi packages fix security vulnerability
Updated Kodi package to fix world readable $HOME/.kodi directory which could potentially contain clear passwords for add-ons...
Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7751,...
Updated thunderbird packages fix security vulnerability and bugs
Use-after-free using destroyed node when regenerating trees CVE-2017-5472. Use-after-free during docshell reloading CVE-2017-7749. Use-after-free with track elements CVE-2017-7750. Use-after-free with content viewer listeners CVE-2017-7751. Use-after-free with IME input CVE-2017-7752. Out-of-boun...
Updated libcryptopp packages fix security vulnerability
Crypto++'s Zinflate class, used by classes like Gunzip and Inflator, could perform an out-of-bounds read when decompressing data CVE-2017-9434...
Updated catdoc packages fix security vulnerability
Various issues found during fuzzing which may lead to an application crash or have unspecified further impact when the user is tricked into opening specially crafted files boo919228. A lot of segfaults on incorrect or corrupted data...
Updated libytnef packages fix security vulnerabilities
Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat fi...
Updated ettercap packages fix security vulnerability
The strescape function in ecstrings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter CVE-2017-8366...
Updated tor packages fix security vulnerability
A remotely triggerable assertion failure caused by receiving a BEGINDIR cell on a hidden service rendezvous circuit CVE-2017-0376...
Updated libosip2 packages fix security vulnerabilities
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipclrncpy function defined in osipparser2/osipport.c CVE-2016-10324. In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipmessagetostr function define...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 26.0.0.126 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves use-after-free vulnerabilities and memory corruption vulnerabilities that could lead to...
Updated smb4k packages fix security vulnerability
Smb4k contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run. This allows calling any other binary as root since the mount helper is typically installed as suid CVE-2017-8849...
Updated libxslt packages fix security vulnerability
The libxslt library failed to seed its random number generator, resulting in predictable random values CVE-2015-9019...
Updated libsndfile packages fix security vulnerabilities
A stack-based buffer overflow via a specially crafted FLAC file due to an error in the headerread function CVE-2017-7586. Several stack-based buffer overflows via a specially crafted FLAC file due to an error in the flacbuffercopy function CVE-2017-7585, CVE-2017-7741, CVE-2017-7742. Global buffe...
Updated lxc packages fix security vulnerabilities
Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container CVE-2016-8649. Jann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A...
Updated gajim packages fix security vulnerability
Gajim unconditionally implements the "XEP-0146: Remote Controlling Clients" extension, which may be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions CVE-2016-10376...
Updated dropbear packages fix security vulnerability
A double-free in the server could be triggered by an authenticated user if dropbear is running with -a CVE-2017-9078. The default Mageia configuration does not set -a, so is not vulnerable Dropbear parsed authorizedkeys as root, even if it were a symlink. The fix is to switch to user permissions...
Updated ansible packages fix security vulnerability
It was found that aptkey module does not properly verify key fingerprints, allowing remote adversary to create an OpenPGP key which matches the short key ID and inject this key instead of the correct key CVE-2016-8614. It is reported that in Ansible, under some circumstances the mysqluser module...
Updated zziplib packages fix security vulnerability
Heap-based buffer overflow in zzipget32 in fetch.c CVE-2017-5974. Heap-based buffer overflow in zzipget64 in fetch.c CVE-2017-5975. Heap-based buffer overflow in zzipmementryextrablock in memdisk.c CVE-2017-5976. Invalid memory read in zzipmementryextrablock in memdisk.c CVE-2017-5977. Out of...
Updated zoneminder packages fix security vulnerability
This update fixes the following security issues: Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which allows a remote unauthenticated attacker to browse all directories in the web root, e.g., a...
Updated libtasn1 packages fix security vulnerability
Jakub Jirasek of Secunia Research discovered that libtasn1 did not properly validate its input. This would allow an attacker to cause a crash by denial-of-service, or potentially execute arbitrary code, by tricking a user into processing a maliciously crafted assignments file CVE-2017-6891...
Updated wireshark packages fix security vulnerabilities
The wireshark package has been updated to version 2.0.13, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...
Updated gc packages fix security vulnerability
Kuang-che Wu discovered that multiple integer overflow vulnerabilities existed in libgc. An attacker could use these to cause a denial of service application crash or possibly execute arbitrary code CVE-2016-9427...
Updated puppet packages fix security vulnerability
It was discovered that unrestricted YAML deserialisation of data sent from agents to the server in the Puppet configuration management system could result in the execution of arbitrary code CVE-2017-2295...
Updated libnl3 packages fix security vulnerability
An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process CVE-2017-0386. An integer overflow vulnerability was found in nlmsgreserve triggered by crafted @len argument resulting into...
Updated nss packages fix security vulnerability
A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library CVE-2017-7502...
Updated menu-cache packages fix security vulnerability
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service menu unavailability. CVE-2017-8933...
Updated git packages fix security vulnerability
Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help" CVE-2017-8386...
Updated pcmanfm packages fix security vulnerability
PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability. CVE-2017-8934...
Updated openvpn packages fix security vulnerability
It was discovered that OpenVPN improperly triggered an assert when receiving an oversized control packet in some situations. A remote attacker could use this to cause a denial of service server or client crash CVE-2017-7478. It was discovered that OpenVPN improperly triggered an assert when packe...
Updated perl-Image-Info packages fix security vulnerability
A crafted SVG file could have caused information disclosure or denial of service by using external entitity expansion XXE. This is a potentially incompatible change; however usually SVG files do not rely on XXE CVE-2016-9181...
Updated vlc packages fix security vulnerability
The VLC packages have been updated to version 2.2.6, which includes various security improvements in demuxers, as well as other bug fixes...
Updated kernel-tmb packages fixes security vulnerabilities
This kernel-tmb update is based on upstream 4.4.68 and fixes at least the following security issues: fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service memory consumption and deadloc...
Updated perl-CGI-Emulate-PSGI packages fix security vulnerability
This update removes the setting of the HTTPPROXY environment value. This works around the httproxy vulnerability aka CVE-2016-5387...