6011 matches found
Updated resteasy packages fix security vulnerability
It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in deserialization of potentially untrusted data. An attacker could possibly use this flaw to execute arbitrary code with the permissions of the application using...
Updated nss and firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291,...
Updated libarchive packages fix security vulnerability
The updated packages might contain additional security fixes if we missed some other ones when we cherry-picked patches against version 3.2.1...
Updated monit packages fix security vulnerability
The forms in Monit's Service Manager are vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host, disable/enable monitoring for a specific service CVE-2016-7067...
Updated libwmf packages fix security vulnerability
The updated packages fix a security vulnerability: Memory allocation failure in wmfmalloc api.c CVE-2016-9011...
Updated python-cryptography package fixes security vulnerability
Fixed a bug where HKDF would return an empty byte-string if used with a length less than algorithm.digestsize. CVE-2016-9243...
Updated quagga packages fix security vulnerability
It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages CVE-2016-1245...
Updated freeimage packages fix security vulnerability
Multiple vulnerabilities were discovered in the FreeImage multimedia library, which might result in denial of service or the execution of arbitrary code if a malformed XMP or RAW image is processed. CVE-2015-3885, CVE-2016-5684...
Updated kernel packages fix security vulnerabilities
This update is based on the upstream 4.4.30 kernel and fixes at least these security issues: The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid...
Updated mariadb packages fix security vulnerabilities
A race condition was found in the way MariaDB performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user CVE-2016-6663. This update fixes several vulnerabilitie...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 11.2.202.644 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves type confusion vulnerabilities that could lead to code execution CVE-2016-7860,...
Updated libtomcrypt packages fix security vulnerability
It was discovered that the implementation of RSA signature verification in libtomcrypt is vulnerable to the Bleichenbacher signature attack. If an RSA key with exponent 3 is used it may be possible to forge a PKCS1 v1.5 signature signed by that key CVE-2016-6129...
Updated python-django packages fix security vulnerabilities
User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...
Updated tomcat packages fix security vulnerability
The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder...
This update of rpm fixes several security issues
All of those fixes were already backported in Mageia but for : - Fix out-of-bounds read on signature checking of malformed package RhBug:1373107...
Updated bind packages fix security vulnerability
Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...
Updated kernel-tmb package fixes security issues
This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the...
Update request kernel-linus-4.4.26-1 fixes security issues
This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: An issue with ASN.1 DER decoder was reported that could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files CVE-2016-0758...
Updated php-adodb packages fix security vulnerabilities
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. CVE-2016-7405 Cross Site Scripting vulnerability in test script CVE-2016-4855...
Updated openjpeg2 packages fix security vulnerabilities
A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in opjtcdfreetile CVE-2016-3181. A specially crafted JPEG2000 image file can force Heap Corruption in opjfree CVE-2016-3182. A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in sycc422torgb CVE-2016-3183...
Updated libtiff packages fix security vulnerability
The TIFFWriteDirectoryTagLongLong8Array function in tifdirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors involving the ma variable CVE-2016-3658. They also fix: An out-of-bound read of up to 3 bytes in...
Updated flash-player-plugin packages fix security vulnerability
This update fixes a use-after-free issue that can be triggered by attackers for arbitrary code execution, potentially allow the attacker to take control of the affected system CVE-2016-7855...
Updated tor packages fix security vulnerability
It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority CVE-2016-8860. The tor package has been updated to version 0.2.8.9, which fixes...
Updated mpg123 packages fix security vulnerability
Jerold Hoong discovered a flaw in the id3 tag processing code of libmpg123. A specially crafted mp3 input file could be used to cause a buffer over-read, resulting in a denial of service CVE-2016-1000247...
Updated java-1.8.0-openjdk packages fix security vulnerability
It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions CVE-2016-5582...
Updated graphicsmagick packages fix security vulnerability
The updated packages fix security vulnerabilities: Stack-based buffer overflow in ReadSCTImage CVE-2016-8682. Memory allocation failure in ReadPCXImage CVE-2016-8683. Memory allocation failure in MagickMalloc CVE-2016-8684...
Updated php packages fix security vulnerability
The php package has been updated to version 5.6.27, which fixes several security issues and other bugs. See the upstream ChangeLog for more details...
Updated guile packages fix security vulnerability
The ‘mkdir’ procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process’ umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions CVE-2016-8605. GNU Guile, an...
Updated openjpeg packages fix security vulnerability
The openjpeg library was vulnerable to a crash when converting images due to a NULL pointer dereference in readpnmheader CVE-2016-7445...
Updated c-ares packages fix security vulnerability
In c-ares before 1.12.0, When a string is passed in to 'arescreatequery' or 'aresmkquery' and uses an escaped trailing dot, like "hello\.", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte. The wrongly written byte is the least...
Updated 389-ds-base packages fix security vulnerability
A vulnerability in 389-ds-base was found that allows to bypass limitations for compare and read operations specified by Access Control Instructions. When having LDAP sub-tree with some existing objects and having BIND DN which have no privileges over objects inside the sub-tree, unprivileged user...
Updated php-ZendFramework packages fix security vulnerability
The implementation of ORDER BY and GROUP BY in ZendDbSelect remained prone to SQL injection when a combination of SQL expressions and comments were used. This security patch provides a comprehensive solution that identifies and removes comments prior to checking validity of the statement to ensur...
Updated openslp packages fix security vulnerability
A memory corruption bug was present in openslp due to lack of bounds checking in SLPFoldWhiteSpace CVE-2016-7567...
The updated packages fix libtiff security vulnerabilities
The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. CVE-2015-7554 Heap-based buffer overflow in the...
Updated kernel packages fixes security vulnerabilities
This update is based on the upstream 4.4.26 kernel and fixes at least theese security issues: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An unprivileged local user could use this flaw to ga...
Updated flash-player-plugin package fixes security vulnerabilities
Adobe Flash Player 11.2.202.637 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution CVE-2016-6992. This...
Updated asterisk packages fixes security vulnerability
The overlap dialing feature in chansip allows chansip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs becaus...
Updated kernel packages fixes security vulnerablilities
This update is based on the upstream 4.4.22 kernel and fixes at least theese security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the...
Updated mailman package fixes security vulnerability
Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...
Updated ruby packages fix a security vulnerability
A bug in openssl module caused using an all 0 IV for AES-GCM ciphers in some cases when setting a key, an iv, and then setting a key a again CVE-2016-779...
Updated libass packages fixes security vulnerabilities
Amount of memory allocated during memory reallocation in the shaper wasn't tracked, possibly resulting in undefined behavior CVE-2016-7972. Illegal read in Gaussian blur coefficient calculations CVE-2016-7970. Mode 0/3 line wrapping equalization in specific cases could result in illegal reads whi...
The updated packages fix a security vulnerability
Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted imagewebp and...
Updated python-twisted-web packages fix a security vulnerability
It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...
Updated openssl packages fix security vulnerabilities
Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic CVE-2016-2177. Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code CVE-2016-2178. Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS CVE-2016-2179,...
The updated packages fix a security vulnerability
Unsigned underflow leading to heap overflow when parsing 8BIM chunk CVE-2016-7800. Two issues in the WPG reader CVE-2016-7996, CVE-2016-7997...
Updated thunderbird packages fix security vulnerability
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2016-5257...
Updated python-django packages fix security vulnerability
CVE-2016-7401: CSRF protection bypass on a site with Google Analytics An interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection...
Updated libcryptopp packages fix security vulnerability
The libcryptopp package was built with debugging enabled, which could cause a crash due to assertions being turned on and could also cause core files to be generated containing sensitive information CVE-2016-7420...
Updated bind packages fix security vulnerability
The lwresd component in BIND which is not enabled by default could crash while processing an overlong request name. This could lead to a denial of service CVE-2016-2775. A crafted query could crash the BIND name server daemon, leading to a denial of service. All server roles authoritative,...
Updated chromium-browser-stable packages fix security vulnerability
Chromium-browser-stable 53.0.2785.143 provides fixes for security issues: a use-after-free bug in V8 CVE-2016-5177 and various problems found in upstream's internal audits, fuzzing, and other initiatives CVE-2016-5178...