6011 matches found
Updated cacti packages fix security vulnerability
Several SQL injection vulnerabilities have been discovered in Cacti. Specially crafted input can be used by an attacker in the rraid value of the graph.php script to execute arbitrary SQL commands on the database CVE-2015-8369...
Updated encfs packages fix security vulnerability
A local attacker can utilize a possible buffer overflow in the encodeName method of StreamNameIO and BlockNameIO to execute arbitrary code or cause a Denial of Service. Also multiple weak cryptographics practices have been found in encfs CVE-2014-3462...
Updated perl and perl-PathTools packages fix security vulnerability
It was reported that File::Spec::canonpath routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code CVE-2015-8607...
Updated dhcp packages fix security vulnerability
A badly formed packet with an invalid IPv4 UDP length field can cause an ISC DHCP server, client, or relay program to terminate abnormally CVE-2015-8605. The dhcp package has been updated to version 4.3.3-P1, which fixes this issue and several other bugs. Also, the package has also been enhanced ...
Updated moodle packages fix security vulnerability
In Moodle before 2.8.10, web services coreenrolgetcourseenrolmentmethods and enrolselfgetinstanceinfo did not check user permission to access hidden courses CVE-2016-0724. In Moodle before 2.8.10, search string in course management interface was not escaped when being output creating potential fo...
Updated bind packages fix security vulnerability
In ISC BIND before 9.10.3-P3, a buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c CVE-2015-8704. In ISC BIND before 9.10.3-P3, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the...
Updated php packages fix security vulnerability
The php package has been updated to version 5.6.17, which fixes several security issues and other bugs. See the upstream ChangeLog for more details...
Updated qemu packages fix security vulnerabilities
A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...
Updated openssh packages fix security vulnerabilities
An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory possibly including private SSH keys of a successfully authenticated OpenSSH client CVE-2016-0777. A buffer overflow flaw...
Updated ruby-mail packages fix security vulnerability
The Mail library does not impose a length limit on email addresses, so an attacker can send a long spam message via a recipient address unless there is a limit on the application's side. The attacker-injected message in the recipient address is processed by the server. This type of vulnerability...
Updated giflib packages fix security vulnerability
A heap-based buffer overflow vulnerability was found in giffix utility of giflib when processing records of the type 'IMAGEDESCRECORDTYPE' due to the allocated size of 'LineBuffer' equaling the value of the logical screen width, 'GifFileIn-SWidth', while subsequently having 'GifFileIn-Image.Width...
Updated librsvg packages fix security vulnerability
Out-of-bounds heap read in librsvg2 was found when parsing SVG file CVE-2015-7557. Stack exhaustion due to cyclic dependency causing to crash an application was found in librsvg2 while parsing SVG file CVE-2015-7558. The librsvg package has been updated to version 2.40.13, fixing these issues and...
Updated ffmpeg packages fix security vulnerabilities
The updatedimensions function in libavcodec/vp8.c in FFmpeg before 2.4.12, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...
Updated apache-commons-collections packages fix security vulnerability
It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections...
Updated mono packages fix security vulnerability
It was found that float-parsing code used in Mono before 4.2 is derived from code vulnerable to CVE-2009-0689. The issue concerns the 'freelist' array, which is a global array of 16 pointers to 'Bigint'. This array is part of a memory allocation and reuse system which attempts to reduce the numbe...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 4.1.15 longterm kernel and fixes the following security issues: The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to...
Updated kernel-tmb packages provides 4.1 longterm kernel and fixes security issues
This kernel-tmb update provides an upgrade to the upstream 4.1 longterm kernel series, currently based on 4.1.15 and resolves at least the following security issues: It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the addkey functio...
Updated roundcubemail packages fix security vulnerability
The roundcubemail package has been updated to version 1.0.8, which fixes a path traversal issue and other bugs. See the upstream release announcement for more details...
Updated libtiff package fixes security vulnerabilities
In libtiff, in tifnext.c, a potential out-of-bound write in NeXTDecode triggered by the test case for CVE-2015-1547 maptools bugzilla 2508. In libtiff, in tifgetimage.c, out-of-bound reads in the TIFFRGBAImage interface in case of unsupported values of SamplesPerPixel/ExtraSamples for LogLUV /...
Updated claws-mail packages fix security vulnerability
no bounds checking on the output buffer in convjistoeuc, conveuctojis, convsjistoeuc A Tails contributor found a vulnerability in claws-mail where in codeconv.c a function for japanese character set conversion called convjistoeuc has no bounds checking on the output buffer which is created on the...
Updated bugzilla packages fix security vulnerability
Login names usually an email address longer than 127 characters are silently truncated in MySQL which could cause the domain name of the email address to be corrupted. An attacker could use this vulnerability to create an account with an email address different from the one originally requested...
Updated ruby packages fix security vulnerability
There is an unsafe tainted string vulnerability in Fiddle and DL. This issue was originally reported and fixed with CVE-2009-5147 in DL, but reappeared after DL was reimplemented using Fiddle and libffi CVE-2015-7551...
Updated mariadb packages fix security vulnerability
The mariadb package has been updated to version 10.0.23. An issue with client-side SSL certificate verification has been fixed, as have several other bugs. See the upstream release notes for more details...
Updated openvpn packages fix security vulnerability
OpenVPN versions before 2.3.9 contain an out of bounds read error in resolveremote in the file socket.c. With both IPv4 and IPv6 connections, OpenVPN will read a struct sockaddrin6, but in the IPv4 case the data structure is smaller than in the IPv6 case. The openvpn package has been updated to...
Updated python-rsa packages fix security vulnerability
A signature forgery vulnerability in python-rsa allows an attacker to fake signatures for arbitrary messages for any key with a low exponent "e", such as the common value of 3 CVE-2016-1494...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 4.1.15 longterm kernel and fixes the following security issues: The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have...
Updated armagetron package fixes security vulnerabilities
A practically exploitable bug was fixed in the network error handling. In client mode, any received packet that causes an exception during processing would terminate the connection to the server. Another theoretically exploitable bug was fixed that allowed very short UDP packets to cause a memory...
Updated pitivi packages fix security vulnerability
In pitivi before 0.95, double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi CVE-2015-0855...
Updated phpmyadmin packages fix security vulnerability
By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed CVE-2015-8669...
Updated rtmpdump packages fix security vulnerabilities
The rtmpdump package has been updated to the latest upstream code as of January 1, 2016, fixing several security issues...
Updated bouncycastle packages fix security vulnerability
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack" CVE-2015-7940...
Updated libpng12 packages fix security vulnerability
There is a underflow read in pngcheckkeyword in pngwutil.c in libpng 1.2.x before 1.2.56 CVE-2015-8540...
Updated thunderbird packages fix security vulnerabilities
Updated thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird...
Updated perl-HTML-Scrubber packages fix CVE-2015-5667
Updated perl-HTML-Scrubber package fixes security vulnerability: Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...
Updated subversion packages fix security vulnerabilities
Updated subversion packages fix security vulnerability: Subversion's httpd servers are vulnerable to a remotely triggerable heap-based buffer overflow and out-of-bounds read caused by an integer overflow when parsing skel-encoded request bodies CVE-2015-5343. This allows remote attackers with wri...
Updated blueman packages fix security vulnerability
Privilege escalation vulnerability in blueman before 2.0.3 in the dbus API CVE-2015-8612...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 11.2.202.559 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution CVE-2015-8644. This...
Updated keepassx packages fix CVE-2015-8378
Updated keepassx package fixes security vulnerability: Cancelling an export operation creates clear text copy of all of the user's KeePassX password database entries. CVE-2015-8378...
Updated php-phpmailer packages fix CVE-2015-8476
Updated php-phpmailer package fixes security vulnerability: Takeshi Terada discovered that PHPMailer accepted addresses containing line breaks. This is valid in RFC5322, but allowing such addresses resulted in invalid RFC5321 SMTP commands, permitting a kind of message injection attack...
Updated proftpd packages fix security vulnerabilities
Updated proftpd packages fix security vulnerability: Part of the SFTP handshake involves "extensions", which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The modsftp module currently places no bounds/length...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.12, an XSS vector exists when MediaWiki is configured with a non-standard configuration, from wikitext when $wgArticlePath='$1' CVE-2015-8622. In MediaWiki before 1.23.12, tokens were being compared as strings, whic...
Updated dpkg packages fix CVE-2015-0860
Updated dpkg packages fix security vulnerability: Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary...
Updated grub2 packages fix security vulnerability
A flaw was found in the way the grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system CVE-2015-8370...
Updated bind packages fix security vulnerability
An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this condition is possible...
Updated chromium-browser-stable packages fix CVE-2015-6792
Updated chromium-browser-stable packages fix security vulnerabilities: Fixes from internal audits and fuzzing CVE-2015-6792...
Updated python-pygments packages fix security vulnerability
An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...
Updated quassel packages fix security vulnerability
The Quassel core could be crashed by a client using the op command, causing a denial of service CVE-2015-8547...
Updated redis packages fix CVE-2015-8080
Luca Bruno discovered an integer overflow flaw leading to a stack-based buffer overflow in redis, a persistent key-value database. A remote attacker can use this flaw to cause a denial of service application crash CVE-2015-8080...
Updated potrace packages fix security vulnerabilities
Potrace before 1.13 has some critical bugs in the processing of BMP files. These bugs allowed the program to be crashed, or potentially to be abused in other ways, by feeding it specially crafted BMP files, due to heap overflow, null pointer dereference, and divide by zero issues...
Updated libpng packages fix security vulnerabilities
Updated libpng and libpng12 packages fix security vulnerability: The fix for CVE-2015-8126 was incomplete. While it defended against the potential overrun while reading PNG files, it did not detect a potential overrun by applications using pngsetPLTE directly CVE-2015-8472...