Updated tomcat package fixes security vulnerabilities

The code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could...

Updated phpmyadmin packages fix security vulnerability

In phpMyAdmin before 4.4.15.9, when the user does not specify a blowfishsecret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created using a weak algorithm. This could allow an attacker to determine the user's...

Updated kernel packages fixes security vulnerabilities

This update is based on upstream 4.4.36 and fixes at least the following security issues: The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related...

Updated ntp packages fix security vulnerabilities

When ntpd is configured with rate limiting for all associations restrict default limited in ntp.conf, the limits are applied also to responses received from its configured sources. An attacker who knows the sources e.g., from an IPv4 refid in server response and knows the system is misconfigured ...

Updated kernel-linus-4.4.32 packages fix security vulnerability

This update is based on upstream 4.4.32 and fixes alteast the following security issues: Vladimir Bene discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption,...

Updated kernel-tmb-4.4.32 packages fix security vulnerability

This update is based on upstream 4.4.32 and fixes alteast the following security issues: The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data,...

Updated drupal packages fix security vulnerability

Inconsistent name for term access query; information on taxonomy terms might have been disclosed to unprivileged users CVE-2016-9449. Confirmation forms allow external URLs to be injected CVE-2016-9451...

Updated thunderbird packages fix security vulnerabilities

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash CVE-2016-5296. The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This...

Updated firefox packages fix security vulnerability

A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-9079...

Updated virtualbox packages fixes security vulnerabilities

This update provides virtualbox 5.1.10 maintenance release and resolves at least the following security issues: OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and...

Updated jenkins-remoting packages fix security vulnerability

An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassing existing protection...

Updated teeworlds package fixes security vulnerability

A security vulnerability was found in the Teeworlds client logic that could enable remote code execution on the client by malicious servers CVE-2016-9400. This maintenance release fixes it...

Updated libtiff packages fix security vulnerability

The updated packages fix: - A regression introduced by the fix for CVE-2016-9297 CVE-2016-9448. - An out-of-bounds Write memcpy and less bound check in tiff2pdf CVE-2016-9453...

Updated clamav packages fix security vulnerability

ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted mew packer executable CVE-2016-1371. ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted 7z file...

Updated icu packages fix security vulnerability

Stack overflow in uresgetByKeyWithFallback in ICU before 54.1 could lead to a crash CVE-2014-9911. It was found that a big locale string causes a stack based overflow inside libicu in locid.cpp CVE-2016-7415...

Updated chromium-browser-stable packages fix security vulnerabilities

Multiple flaws were found in Chromium's processing of web content where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-518...

Updated giflib packages fix security vulnerability

A heap buffer overflow vulnerability was found in giflib. A maliciously crafted gif file could cause the gif2rgb tool to crash CVE-2016-3977...

Updated kernel-4.4.32 packages fixes security vulnerabilities

This update is based on upstream 4.4.32 and fixes at least the following security issues: The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data,...

Updated bzip2 packages fix security vulnerability

A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash CVE-2016-3189...

Updated lighttpd packages fix security vulnerability

Dominic Scheirlinck and Scott Geary of Vend reported an insecure behaviour in the lighttpd web server. Lighttpd assigned Proxy header values from client requests to internal HTTPPROXY environment variables. This could be used to carry out Man in the Middle Attacks MIDM or create connections to...

Updated perl-Email-Address packages fix security vulnerability

Pali Rohár discovered a possible DoS attack in any software which uses the Email::Address Perl module for parsing string input to a list of email addresses. Note that this issue has only been partially mitigated in Email::Address itself...

Updated flex packages fix security vulnerability

It was found that flex incorrectly resized the numtoread variable in yygetnextbuffer. The buffer is resized if this value is less or equal to zero. With special crafted input it is possible, that the buffer is not resized if the input is larger than the default buffer size of 16k. This allows a...

Updated libxslt packages fix security vulnerability

A heap overread bug was found in libxslt, which can cause arbitrary code execution or denial of service CVE-2016-4738...

Updated libssh2 packages fix security vulnerability

Andreas Schneider reported that libssh2 passes the number of bytes to a function that expects number of bits during the SSHv2 handshake when libssh2 is to get a suitable value for 'group order' in the Diffie-Hellman negotiation. This weakens significantly the handshake security, potentially...

Updated tre packages fix security vulnerability

The TRE library allows context-dependent attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression CVE-2015-3796. A vulnerability has been found in the tre package that could allow an attacker to perform controlled he...

Updated bash packages fix security vulnerability

A vulnerability was found in a way bash expands the $HOSTNAME. Injecting the hostname with malicious code would cause it to run each time bash expanded \h in the prompt string CVE-2016-0634. Shells running as root inherited PS4 from the environment, allowing PS4 expansion performing command...

Updated gnuchess packages fix security vulnerability

gnuchess before 6.2.4 is vulnerable to a stack buffer overflow related to user move input, where 160 characters of input can crash gnuchess CVE-2015-8972...

Updated irssi packages fix security vulnerability

An information disclosure vulnerability was found in the buf.pl core script for irssi. Other users on the same machine may be able to retrieve the whole window contents after /UPGRADE when the buf.pl script is loaded. Furthermore, this dump of the windows contents is never removed afterwards...

Updated derby packages fix security vulnerability

Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML datatype and XmlVTI. An attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service...

Updated tar packages fix security vulnerability

Harry Sintonen discovered that GNU tar does not properly handle member names containing '..', thus allowing an attacker to bypass the path names specified on the command line and replace files and directories in the target directory CVE-2016-6321...

Updated dracut packages fix security vulnerability

A local information disclosure issue was found in dracut when generating initramfs images with world-readable permissions when "early cpio" is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or...

Updated sudo packages fix security vulnerability

It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed wordexp C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute...

Updated libtiff packages fix security vulnerability

A read outside of array in tiffsplit or other utilities using TIFFNumberOfStrips CVE-2016-9273. A potential read outside buffer in TIFFPrintField CVE-2016-9297. Multiple uint32 overflows in writeBufferToSeparateStrips, writeBufferToContigTiles and writeBufferToSeparateTiles that could cause heap...

Updated wireshark packages fix security vulnerability

The wireshark package has been updated to version 2.0.8, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...

Updated resteasy packages fix security vulnerability

It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in deserialization of potentially untrusted data. An attacker could possibly use this flaw to execute arbitrary code with the permissions of the application using...

Updated python-pillow packages fix security vulnerabilities

It was discovered that there were a number of memory overflow issues in python-pillow, a Python image manipulation library. CVE-2016-9189 and CVE-2016-9190...

Updated systemd packages fix security vulnerability

Andrew Ayer discovered that Systemd improperly handled zero-length notification messages. A local unprivileged attacker could use this to cause a denial of service init crash leading to system unavailability CVE-2016-7795...

Updated memcached packages fix security vulnerability

Aleksandar Nikolic discovered that Memcached incorrectly handled certain malformed commands. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2016-8704, CVE-2016-8705, CVE-2016-8706...

Updated nss and firefox packages fix security vulnerabilities

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291,...

Updated libarchive packages fix security vulnerability

The updated packages might contain additional security fixes if we missed some other ones when we cherry-picked patches against version 3.2.1...

Updated monit packages fix security vulnerability

The forms in Monit's Service Manager are vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host, disable/enable monitoring for a specific service CVE-2016-7067...

Updated python-cryptography package fixes security vulnerability

Fixed a bug where HKDF would return an empty byte-string if used with a length less than algorithm.digestsize. CVE-2016-9243...

Updated libwmf packages fix security vulnerability

The updated packages fix a security vulnerability: Memory allocation failure in wmfmalloc api.c CVE-2016-9011...

Updated quagga packages fix security vulnerability

It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages CVE-2016-1245...

Updated freeimage packages fix security vulnerability

Multiple vulnerabilities were discovered in the FreeImage multimedia library, which might result in denial of service or the execution of arbitrary code if a malformed XMP or RAW image is processed. CVE-2015-3885, CVE-2016-5684...

Updated kernel packages fix security vulnerabilities

This update is based on the upstream 4.4.30 kernel and fixes at least these security issues: The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid...

Updated mariadb packages fix security vulnerabilities

A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user CVE-2016-6663. This update fixes several vulnerabilitie...

Updated flash-player-plugin packages fix security vulnerabilities

Adobe Flash Player 11.2.202.644 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves type confusion vulnerabilities that could lead to code execution CVE-2016-7860,...

Updated libtomcrypt packages fix security vulnerability

It was discovered that the implementation of RSA signature verification in libtomcrypt is vulnerable to the Bleichenbacher signature attack. If an RSA key with exponent 3 is used it may be possible to forge a PKCS1 v1.5 signature signed by that key CVE-2016-6129...

Updated python-django packages fix security vulnerabilities

User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...