6011 matches found
Updated nagios packages fix security vulnerabilities
The nagios package has been patched to fix the following issues: Improper sanitization of RSS feed input enables unauthenticated remote read and write of arbitrary files CVE-2016-9565. Unsafe logfile handling allows unprivileged users to escalate their privileges to root CVE-2016-9566...
Updated audacious-plugins packages fix security vulnerability
Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961. These issues were...
Updated calibre packages fix security vulnerability
Newer devices like Kobo Aura HD requires newer versions of calibre for their new firmwares. Current calibre package does not support them. Also, our current calibre packages in both core and backports repositories have a security issue CVE-2016-10187. Newer versions of calibre 2.75.0 + fixes this...
Updated icoutils packages fix security vulnerability
Multiple programming errors in the wrestool tool of the icoutils suite allows denial of service or the execution of arbitrary code if a malformed binary is parsed CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333...
Updated irssi-otr packages fix security vulnerability
It was discovered that irssi-otr had a flaw in handing data returned by libotr. After the initiation of the OTR session only the first line was sent as a PRIVMSG, while additional data would be sent as raw commands to the IRC server. The additional data would ordinarily be a human-readable...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application CVE-2017-3241. This...
Updated openssl packages fix security vulnerability
There is a carry propagation bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. mong EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation CVE-2016-7055. If an...
Updated php packages fix security vulnerabilities
Floating-point exception in php-exif when parsing a tag format CVE-2016-10158. Crash in php-phar while loading hostile phar archive CVE-2016-10159. Memory corruption in php-phar when loading hostile phar CVE-2016-10160. Heap out of bounds read on unserialize in finishnesteddata CVE-2016-10161...
Updated phpmyadmin packages fix security vulnerabilities
Multiple vulnerabilities in setup script CVE-2016-6621 / PMASA-2016-44. Open redirect PMASA-2017-1. php-gettext code execution CVE-2015-8980 / PMASA-2017-2. DOS vulnerability in table editing PMASA-2017-3. CSS injection in themes PMASA-2017-4. SSRF in replication PMASA-2017-6. DOS in replication...
Updated thunderbird packages fix security vulnerabilities
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. CVE-2017-5375 Use-after-free while manipulating XSL in XSLT documents. CVE-2017-5376 Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks...
Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
Updated pdns-recursor packages fix security vulnerability
Florian Heinz and Martin Kluge reported that pdns-recursor parses all records present in a query regardless of whether they are needed or even legitimate, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the pdns server, resulting in a partial denial of service i...
Updated python-pycrypto packages fix security vulnerabilities
This is a security fix for a possible Buffer overflow. AES.new with invalid parameter crashes python. The IV parameter is currently ignored when initializing a cipher in ECB or CTR mode. There was a bug in pycrypto which could be exploited to get a shell...
Updated pdns packages fix security vulnerabilities
Mathieu Lafon discovered that pdns does not properly validate records in zones. An authorized user can take advantage of this flaw to crash server by inserting a specially crafted record in a zone under their control and then sending a DNS query for that record CVE-2016-2120. Florian Heinz and...
Updated wireshark packages fix security vulnerabilities
The wireshark package has been updated to version 2.0.10, which fixes two security issues where a malformed packet trace could cause it to go into an infinite loop, and fixes several other bugs as well. See the release notes for details...
Updated libxpm packages fix security vulnerability
An out of boundary write has been found in libXpm before 3.5.12 which can be exploited by an attacker through maliciously crafted XPM files. To trigger the vulnerability, a program must explicitly request to also parse XPM extensions while reading files. The motif toolkit and xdm are two among so...
Updated python-bottle packages fix security vulnerability
redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call. CVE-2016-9964...
Updated opus packages fix security vulnerability
A remote code execution vulnerability in silk/NLSFstabilize.c in libopus could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing CVE-2017-0381...
Updated mbedtls packages fix security vulnerability
The mbedtls package has been updated to version 1.3.18, which removes a non-default configuration option that could lead to session key recovery in very long TLS sessions and fixes a potential stack corruption that cannot be triggered remotely. It also fixes several bugs. See the upstream release...
Updated shadow-utils packages fix security vulnerabilities
It was found that shadow-utils-4.2.1 had a potentially unsafe use of getlogin with the concern that the utmp entry might have a spoofed username associated with a correct uid CVE-2016-6251. It was found that shadow-utils-4.2.1 had an incorrect integer handling problem where it looks like the int...
Updated 389-ds-base packages fix security vulnerability
The "attribute uniqueness" plugin did not properly NULL-terminate an array when building up its configuration if a so called 'old-style' configuration was being used. An attacker, authenticated, but possibly also unauthenticated, could possibly force the plugin to read beyond allocated memory and...
Updated libvncserver packages fix security vulnerability
It was discovered that there were two vulnerabilities in libvncserver, a library to create/embed a VNC server: A heap-based buffer overflow that allows remote servers to cause a denial of service via a crafted FramebufferUpdate message containing a subrectangle outside of the drawing area...
Updated pcsc-lite packages fix security vulnerability
Once MSGRemoveContext is invoked via SCARDRELEASECONTEXT, cardsList is freed. A repeated invocation of SCARDRELEASECONTEXT with an empty context handle results in a use-after-free followed by a double-free. After MSGRemoveContext, invocation of SCardEstablishContext enable further use-after-free ...
Updated nvidia-current & ldetect-lst packages fix security vulnerabilities
This proprietary nvidia-current driver update provides an upgrade to the new R375 long lived branch adding support for nVidia Geforce 10 GTX10xx, Pascal series hardware and fixes the following security issues: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer nvidia.ko...
Updated gstreamer packages fix security vulnerability
Out of bounds heap read in windowsicontypefind in gst/typefind/gsttypefindfunctions.c CVE-2016-9811...
Updated php-phpmailer packages fix security vulnerabilities
It was discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address CVE-2016-10033. It was discovered that PHPMailer prior to 5.2.22 contained a local file disclosure vulnerability...
Updated firefox packages fix security vulnerability
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378,...
Updated libpng and libpng12 packages fix security vulnerability
This security update fixes a NULL pointer dereference bug in libpng and libpng12 CVE-2016-10087...
Updated golang package fixes security vulnerability
The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given "maxMemory" limit. It was possible for an attacker to generate a multipart request crafted such that the server ran out of file descriptors...
Updated irssi packages fix security vulnerabilities
In irssi before 0.8.21, a NULL pointer dereference in the nickcmp function CVE-2017-5193. In irssi before 0.8.21, use after free when receiving invalid nick message CVE-2017-5194. In irssi before 0.8.21, out of bounds read in certain incomplete control codes CVE-2017-5195. In irssi before 0.8.21,...
Updated webmin package fixes security vulnerability
The webmin package has been updated to version 1.831, fixing possible security issues in the Authentic theme fixed in 1.801 and/or 1.810, and containing several other bug fixes and enhancements. See the upstream release announcements and change log for details...
Updated unzip package fixes security vulnerabilities
It was discovered that "unzip -l" CVE-2014-9913 and "zipinfo" CVE-2016-9844 were vulnerable to buffer overflows when provided malformed or maliciously-crafted ZIP files...
Updated php-ZendFramework2 packages fix security vulnerability
When using the zend-mail component to send email via the Zend\Mail\Transport\Sendmail transport, a malicious user may be able to inject arbitrary parameters to the system sendmail program. The attack is performed by providing additional quote characters within an address; when unsanitized, they c...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 24.0.0.194 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limite...
Updated nvidia304 and nvidia340 packages fix security vulnerabilities
This proprietary nvidia340 and nvidia304 driver update fixes the following security issues: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer nvidia.ko handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an...
Updated xen packages fix security vulnerability
This xen update is based on upstream 4.5.5 maintenance release, and fixes the following security issues: The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or stderr CVE-2014-3672 The xrstor...
Updated flightgear packages fix security vulnerability
A security bug CVE-2016-9956 was found in all FlightGear versions since 2009, that allow an attacker to overwrite any file the flightgear user owns. The Debian adaptation of upstream patch was applied to the Mageia FlightGear package...
Updated subversion packages fix security vulnerability
Subversion's moddontdothat module and clients using https:// are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack, otherwise known as the "billion laughs attack", targets XML parsers and can cause the targeted process to consume an excessive amount o...
Updated libcryptopp packages fix security vulnerability
When Crypto++ library parses an ASN.1 data value, the library allocates for the content octets based on the length octets. Later, if there's too few or too little content octets, the library throws a BERDecodeErr exception. The memory for the content octets will be zeroized even if unused, which...
Updated tor package fixes security vulnerability
It was discovered that Tor, a connection-based low-latency anonymous communication system, may read one byte past a buffer when parsing hidden service descriptors. This issue may enable a hostile hidden service to crash Tor clients depending on hardening options and malloc implementation...
Updated unrtf package fixes security vulnerability
A Stack-based buffer overflow has been found in unrtf 0.21.9, which affects functions including cmdexpand, cmdemboss and cmdengrave CVE-2016-10091...
Updated bash packages fix security vulnerability
In Bash, the popd command can be tricked to free a user supplied address, which could be used to bypass restricted shells rsh on some environments to cause use-after-free CVE-2016-9401...
Updated thunderbird packages fix security vulnerabilities
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption CVE-2016-9899. Event handlers on marquee elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript CVE-2016-9895. Memory corruption...
Updated libupnp packages fix security vulnerability
Scott Tenaglia discovered a heap buffer overflow vulnerability, that can lead to denial of service or remote code execution CVE-2016-8863...
Updated kernel-linus packages fix security vulnerabilities
This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack CVE-2016-8399 The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows...
Updated kernel-tmb packages fix security vulnerabilities
This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack CVE-2016-8399 The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows...
Updated python-html5lib packages fix security vulnerability
Fixes a potential cross-site scripting vulnerablity: quote attributes that need escaping in legacy browsers. CVE-2016-9909, CVE-2016-9910...
Updated tracker packages fix security vulnerability
It was discovered that Tracker incorrectly handled certain malformed GIF images. If a user or automated system were tricked into downloading a specially-crafted GIF image, Tracker could crash, resulting in a denial of service...
Updated mcabber packages fix security vulnerability
It was discovered that there was a "roster push attack" vulnerability in mcabber, a console-based Jabber XMPP client. A remote attacker can modify the roster and intercept messages via a crafted roster-push IQ stanza CVE-2016-9928...
Updated samba packages fix security vulnerability
Samba client code always requests a forwardable ticket when using Kerberos authentication. This means the target server, which must be in the current or trusted domain/realm, is given a valid general purpose Kerberos "Ticket Granting Ticket" TGT, which can be used to fully impersonate the...