Updated tomcat packages fix security vulnerability

The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder...

This update of rpm fixes several security issues

All of those fixes were already backported in Mageia but for : - Fix out-of-bounds read on signature checking of malformed package RhBug:1373107...

Updated bind packages fix security vulnerability

Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...

Updated kernel-tmb package fixes security issues

This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the...

Update request kernel-linus-4.4.26-1 fixes security issues

This update is based on the upstream 4.4.26 kernel and fixes at least these security issues: An issue with ASN.1 DER decoder was reported that could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files CVE-2016-0758...

Updated php-adodb packages fix security vulnerabilities

The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. CVE-2016-7405 Cross Site Scripting vulnerability in test script CVE-2016-4855...

Updated openjpeg2 packages fix security vulnerabilities

A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in opjtcdfreetile CVE-2016-3181. A specially crafted JPEG2000 image file can force Heap Corruption in opjfree CVE-2016-3182. A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in sycc422torgb CVE-2016-3183...

Updated libtiff packages fix security vulnerability

The TIFFWriteDirectoryTagLongLong8Array function in tifdirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors involving the ma variable CVE-2016-3658. They also fix: An out-of-bound read of up to 3 bytes in...

Updated flash-player-plugin packages fix security vulnerability

This update fixes a use-after-free issue that can be triggered by attackers for arbitrary code execution, potentially allow the attacker to take control of the affected system CVE-2016-7855...

Updated tor packages fix security vulnerability

It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority CVE-2016-8860. The tor package has been updated to version 0.2.8.9, which fixes...

Updated java-1.8.0-openjdk packages fix security vulnerability

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions CVE-2016-5582...

Updated graphicsmagick packages fix security vulnerability

The updated packages fix security vulnerabilities: Stack-based buffer overflow in ReadSCTImage CVE-2016-8682. Memory allocation failure in ReadPCXImage CVE-2016-8683. Memory allocation failure in MagickMalloc CVE-2016-8684...

Updated mpg123 packages fix security vulnerability

Jerold Hoong discovered a flaw in the id3 tag processing code of libmpg123. A specially crafted mp3 input file could be used to cause a buffer over-read, resulting in a denial of service CVE-2016-1000247...

Updated php packages fix security vulnerability

The php package has been updated to version 5.6.27, which fixes several security issues and other bugs. See the upstream ChangeLog for more details...

Updated guile packages fix security vulnerability

The ‘mkdir’ procedure of GNU Guile, an implementation of the Scheme programming language, temporarily changed the process’ umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions CVE-2016-8605. GNU Guile, an...

Updated openjpeg packages fix security vulnerability

The openjpeg library was vulnerable to a crash when converting images due to a NULL pointer dereference in readpnmheader CVE-2016-7445...

Updated php-ZendFramework packages fix security vulnerability

The implementation of ORDER BY and GROUP BY in ZendDbSelect remained prone to SQL injection when a combination of SQL expressions and comments were used. This security patch provides a comprehensive solution that identifies and removes comments prior to checking validity of the statement to ensur...

Updated 389-ds-base packages fix security vulnerability

A vulnerability in 389-ds-base was found that allows to bypass limitations for compare and read operations specified by Access Control Instructions. When having LDAP sub-tree with some existing objects and having BIND DN which have no privileges over objects inside the sub-tree, unprivileged user...

Updated c-ares packages fix security vulnerability

In c-ares before 1.12.0, When a string is passed in to 'arescreatequery' or 'aresmkquery' and uses an escaped trailing dot, like "hello\.", c-ares calculates the string length wrong and subsequently writes outside of the the allocated buffer with one byte. The wrongly written byte is the least...

Updated openslp packages fix security vulnerability

A memory corruption bug was present in openslp due to lack of bounds checking in SLPFoldWhiteSpace CVE-2016-7567...

The updated packages fix libtiff security vulnerabilities

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image. CVE-2015-7554 Heap-based buffer overflow in the...

Updated kernel packages fixes security vulnerabilities

This update is based on the upstream 4.4.26 kernel and fixes at least theese security issues: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write COW breakage of private read-only memory mappings. An unprivileged local user could use this flaw to ga...

Updated flash-player-plugin package fixes security vulnerabilities

Adobe Flash Player 11.2.202.637 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution CVE-2016-6992. This...

Updated mailman package fixes security vulnerability

Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account...

Updated asterisk packages fixes security vulnerability

The overlap dialing feature in chansip allows chansip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs becaus...

Updated kernel packages fixes security vulnerablilities

This update is based on the upstream 4.4.22 kernel and fixes at least theese security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the...

Updated ruby packages fix a security vulnerability

A bug in openssl module caused using an all 0 IV for AES-GCM ciphers in some cases when setting a key, an iv, and then setting a key a again CVE-2016-779...

Updated libass packages fixes security vulnerabilities

Amount of memory allocated during memory reallocation in the shaper wasn't tracked, possibly resulting in undefined behavior CVE-2016-7972. Illegal read in Gaussian blur coefficient calculations CVE-2016-7970. Mode 0/3 line wrapping equalization in specific cases could result in illegal reads whi...

Updated python-twisted-web packages fix a security vulnerability

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...

The updated packages fix a security vulnerability

Integer overflow in the gdImageWebpCtx function in gdwebp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted imagewebp and...

Updated openssl packages fix security vulnerabilities

Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic CVE-2016-2177. Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code CVE-2016-2178. Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS CVE-2016-2179,...

The updated packages fix a security vulnerability

Unsigned underflow leading to heap overflow when parsing 8BIM chunk CVE-2016-7800. Two issues in the WPG reader CVE-2016-7996, CVE-2016-7997...

Updated thunderbird packages fix security vulnerability

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2016-5257...

Updated python-django packages fix security vulnerability

CVE-2016-7401: CSRF protection bypass on a site with Google Analytics An interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection...

Updated chromium-browser-stable packages fix security vulnerability

Chromium-browser-stable 53.0.2785.143 provides fixes for security issues: a use-after-free bug in V8 CVE-2016-5177 and various problems found in upstream's internal audits, fuzzing, and other initiatives CVE-2016-5178...

Updated libcryptopp packages fix security vulnerability

The libcryptopp package was built with debugging enabled, which could cause a crash due to assertions being turned on and could also cause core files to be generated containing sensitive information CVE-2016-7420...

Updated bind packages fix security vulnerability

The lwresd component in BIND which is not enabled by default could crash while processing an overlong request name. This could lead to a denial of service CVE-2016-2775. A crafted query could crash the BIND name server daemon, leading to a denial of service. All server roles authoritative,...

Updated freerdp packages fix security vulnerabilities

FreeRDP could crash due to a NULL or invalid pointer CVE-2013-4118, CVE-2013-4119...

Updated thunderbird packages fix security vulnerability

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2016-2836...

Updated wget packages fix security vulnerability

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource CVE-2016-4971. Fixed a potential race condition by creating files with .tmp ext and making them accessible to the current user only CVE-2016-7098...

Updated pdns packages fix security vulnerability

PowerDNS Authoritative Server accepts queries with a qname's length larger than 255 bytes CVE-2016-5426. PowerDNS Authoritative Server does not properly handle dot inside labels CVE-2016-5427. These issues allow a remote, unauthenticated attacker to cause an abnormal load on the PowerDNS backend ...

Updated graphicsmagick packages fix security vulnerability

A possible heap overflow of the EscapeParenthesis function CVE-2016-7447. The Utah RLE reader did not validate that header information was reasonable given the file size and so it could cause huge memory allocations and/or consume huge amounts of CPU CVE-2016-7448. The TIFF reader had a bug...

Updated autotrace packages fix security vulnerability

autotrace failed to allocate sufficient memory to store the terminating NULL pointer in an array, causing an out of bounds write. CVE-2016-7392...

Updated zookeeper packages fix security vulnerability

Lyon Yang discovered that the C client shells clist and climt of Apache Zookeeper were affected by a buffer overflow vulnerability associated with parsing of the input command when using the "cmd:" batch mode syntax. If the command string exceeds 1024 characters a buffer overflow will occur...

Updated gnutls packages fix security vulnerability

An issue was found in certificate validation using OCSP responses caused by not verifying the serial length, which can falsely report a certificate as valid CVE-2016-7444...

Updated firefox/rootcerts/nss packages fix security vulnerability

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-5257, CVE-2016-5278, CVE-2016-5270, CVE-2016-5272,...

Updated wireshark packages fix security vulnerabilities

The wireshark package has been updated to version 2.0.6, which fixes several security issues where a malformed packet trace could cause it to crash, and fixes several other bugs as well. See the release notes for details...

Applications using libtorrent-rasterbar are vulnerable to denial of service

Applications using libtorrent-rasterbar are vulnerable to denial of service. An attacker-controlled torrent tracker can crash victim torrent clients by sending malformed GZIP responses CVE-2016-7164...

Updated gdk-pixbuf2.0 packages fix security vulnerability

A write out-of-bounds parsing an ico file was found in gdk-pixbuf. A maliciously crafted file can cause the application to crash CVE-2016-6352. The gdk-pixbuf2.0 package has been updated to version 2.32.3 and patched to fix this issue, and a few other possible security issues...

Updated php packages fix security vulnerabilities

Memory Corruption in During Deserialized-object Destruction CVE-2016-7411. Heap overflow in mysqlnd related to BIT fields CVE-2016-7412. wddxdeserialize use-after-free CVE-2016-7413. Out of bound when verify signature of zip phar in pharparsezipfile CVE-2016-7414. Missing locale length check in...