Updated virtualbox packages fixes security vulnerabilities

This update provides virtualbox 5.1.22 maintenance release and resolves at least the following security issues: A vulnerability in the core subcomponent of virtualbox allows high privilegied attacker unauthorized read access to a subset of VirtualBox accessible data CVE-2017-3513. A vulnerability...

Updated ghostscript packages fix security vulnerability

Various userparams in Ghostscript allow %pipe% in paths, allowing remote shell command execution CVE-2016-7976. The .libfile function in Ghostscript doesn't check PermitFileReading array, allowing remote file disclosure CVE-2016-7977. Reference leak in the .setdevice function in Ghostscript allow...

Updated libsamplerate packages fix security vulnerability

It was discovered that libsamplerate contained a global buffer overflow in calcoutputsingle CVE-2017-7697...

Updated ettercap packages fix security vulnerability

Etterfilter utility of Ettercap have an out-of-bounds read denial-of-service vulnerability when parsing a crafted file. This occurs in the compiletree function of the efcompiler.c source file when processing corrupted filters CVE-2017-6430...

Updated libarchive packages fix security vulnerabilities

The archivewstringappendfrommbs function in archivestring.c in libarchive 3.2.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive file. CVE-2016-10209 The archivele32dec function in archiveendian.h in libarchive 3.2.2 allows...

Updated audiofile packages fix security vulnerabilities

Several vulnerabilities have been discovered in the audiofile library, which may result in denial of service or the execution of arbitrary code if a malformed audio file is processed CVE-2017-6827, CVE-2017-6828, CVE-2017-6829, CVE-2017-6830, CVE-2017-6831, CVE-2017-6832, CVE-2017-6833,...

Updated minicom packages fix security vulnerability

In minicom before version 2.7.1, the escparms buffer in vt100.c is vulnerable to an overflow that may allow for remote code execution CVE-2017-7467...

Updated texlive packages fix security vulnerability

It was discovered that texlive whitelists mpost as an external program to be run from within the TeX source code called \write18. Since mpost allows to specify other programs to be run, an attacker can take advantage of this flaw for arbitrary code execution when compiling a TeX document...

Updated python-lshell package fixes security vulnerabilities

Shell outbreak due to bad syntax parse CVE-2016-6902. Shell outbreak with multiline commands CVE-2016-6903...

Updated freetype2 packages fix security vulnerability

It was discovered that a heap-based buffer overflow existed in the FreeType library. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2016-10328. FreeType 2...

Updated 389-ds-base packages fix security vulnerability

An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. CVE-2017-2668...

Updated libxslt packages fix security vulnerability

Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code CVE-2017-5029...

Updated openjpeg packages fix security vulnerability

Multiple integer overflows in the opjtcdinittile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-51...

Updated squirrelmail packages fix security vulnerability

Squirrelmail version 1.4.22 and probably prior is vulnerable to a remote code execution vulnerability because it fails to sanitize a string before passing it to a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote server CVE-2017-7692...

Updated xstream packages fix security vulnerability

A vulnerability was found in XStream. Parsing a maliciously crafted file could cause the application to crash. The processed stream at unmarshalling type contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. Th...

Updated java-1.8.0-openjdk packages fix security vulnerability

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges CVE-2017-3511. It was found that the JAXP component of...

Updated firefox packages fix security vulnerability

An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an...

Updated tomcat packages fix security vulnerability

A bug in the handling of the pipelined requests when send file was used resulted in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests...

Updated proftpd packages fix security vulnerability

ProFTPD before 1.3.5e controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks...

Updated icu packages fix security vulnerability

It was discovered that icu did not correctly validate its input. An attacker could use this problem to trigger an out-of-bound write through a heap-based buffer overflow, thus causing a denial of service via application crash, or potential execution of arbitrary code CVE-2017-7867, CVE-2017-7868...

Updated gimp packages fix security vulnerability

Context-dependent attackers were able to cause a denial of service via an ICO file with an InfoHeader containing a Height of zero CVE-2007-3126...

Updated wireshark packages fix security vulnerability

The wireshark package has been updated to version 2.0.12, which fixes multiple security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...

Updated chromium-browser-stable packages fix security vulnerability

Chromium-browser 57.0.2987.133 fixes security issues: Multiple flaws were found in the way Chromium 55 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information...

Updated flash-player-plugin package fixes security vulnerability

This update fixes the following critical security issues: use-after-free vulnerabilities that could lead to code execution CVE-2017-3058, CVE-2017-3059, CVE-2017-3062, CVE-2017-3063. memory corruption vulnerabilities that could lead to code execution CVE-2017-3060, CVE-2017-3061, CVE-2017-3064...

Updated mediawiki packages fix security vulnerability

API parameters may now be marked as "sensitive" to keep their values out of the logs CVE-2017-0361. "Mark all pages visited" on the watchlist now requires a CSRF token CVE-2017-0362. Special:UserLogin and Special:Search allow redirect to interwiki links CVE-2017-0363, CVE-2017-0364. XSS in...

Updated webkit2 packages fix security vulnerability

Multiple security fixes in latest webkit2 update...

Updated ming packages fix security vulnerability

The update fixes CVE-2017-7578: Multiple heap-based buffer overflows in parser.c in libming 0.4.7 allow remote attackers to cause a denial of service listswf application crash or possibly have unspecified other impact via a crafted SWF file. NOTE: This issue exists because of an incomplete fix fo...

Updated unshield packages fix security vulnerability

unshield is vulnerable to directory traversal via "../" sequences CVE-2015-1386...

Updated python-django packages fix security vulnerability

It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. CVE-2017-7233 Phithon Gong discovered that Django incorrectly handled certain URLs when the...

Updated pidgin packages fix security vulnerability

A server controlled by an attacker can send an invalid XML that can trigger an out-of-bound memory access. This might lead to a crash or, in some extreme cases, to remote code execution in the client-side CVE-2017-2640. The pidgin package has been updated to version 2.12.0, which fixes this issue...

Updated mxml packages fix security vulnerability

Two stack exhaustion issues based on uncontrolled recursion were found in mxml. A maliciously crafted xml file can cause the application to crash. Recursion using mxmlDelete at mxml-node.c:217 reproducer is stack-exhaustion-1.xml CVE-2016-4570. Recursion using mxmlwritenode at mxml-file.c:2739...

Updated munin packages fix security vulnerability

Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...

Updated wget packages fix security vulnerability

Wget up untill version 1.19.1 does not ensure control characters are not used in the hostname part of a url. This security update rejects control characters in host part of a url...

Updated jhead packages fix security vulnerability

It was discovered that jhead, a tool to manipulate the non-image part of EXIF compliant JPEG files, is prone to an out-of-bounds access vulnerability, which may result in denial of service or, potentially, the execution of arbitrary code if an image with specially crafted EXIF data is processed...

Updated phpmyadmin packages fix security vulnerability

A vulnerability was discovered where the restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions. This can allow the login of users who have no password set even if the administrator has set $cfg'Servers'$i'AllowNoPassword' to false which is also th...

Updated kernel-linus packages fixes security vulnerability

This kernel-linus update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain roo...

Updated kernel-tmb packages fixes security vulnerability

This kernel-tmb update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root...

Updated kernel packages fixes security vulnerability

This kernel update is based on upstream 4.4.59 and fixes at least the following security issue: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root...

Updated mariadb packages fix security vulnerability

Crash in libmysqlclient.so in MariaDB 10.0.x through 10.0.29 CVE-2017-3302. Vulnerability in the MariaDB Server component of MariaDB subcomponent: Server: MyISAM. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MariaDB Server executes to...

Updated deluge packages fix security vulnerability

Updated deluge package fixes a CSRF Cross-site request forgery vulnerability using upstream patch. Cross-Site Request Forgery CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. CSRF attacks specifically target...

Updated roundcubemail package fixes security vulnerability

rcubeutils.php in Roundcube before 1.1.8 and before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element CVE-2017-6820...

Updated mbedtls packages fix security vulnerability

In mbedTLS before 1.3.19, if a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an attacker can cause the server or client to attempt to free block of memory held on stack. Depending on the platform, this could result in a Denial of Service client crash or...

Updated putty packages fix security vulnerability

In PuTTY before 0.68, if SSH agent forwarding is enabled, local attackers that are also able to connect to the UNIX domain socket could have overwritten heap data CVE-2017-6542...

Updated glibc packages fix security vulnerability

Florian Weimer discovered a NULL pointer dereference in the DNS resolver of the GNU C Library. An attacker could use this to cause a denial of service CVE-2015-5180. Tim Ruehsen discovered that the getaddrinfo implementation in the GNU C Library did not properly track memory allocations. An...

Updated kernel-linus packages fixes security vulnerabilities

This kernel-linus update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline...

Updated kernel-tmb packages fixes security vulnerabilities

This kernel-tmb update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline...

Updated kernel packages fixes security vulnerabilities

This kernel update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline CVE-2017-263...

Updated tnef packages fix security vulnerability

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker. CVE-2017-6307 An issue was discovered in tnef before 1.4.13. Several Integer Overflows, which can le...

Updated libquicktime packages fix security vulnerability

Integer overflow in the quicktimereadpascal function in libquicktime 1.2.4 and earlier allows remote attackers to cause a denial of service or possibly have other unspecified impact via a crafted hdlr MP4 atom. CVE-2016-2399...

Updated freetype2 packages fix security vulnerability

The parsecharstrings function in type1/t1load.c in FreeType 2 did not ensure that a font contains a glyph name, which could allow remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted file CVE-2016-10244...